About the Mobile App Control Policy

You can define a policy that restricts the sites from which users can download apps for their mobile devices. This reduces the likelihood of users downloading apps from sites that may contain vulnerabilities or downloading fake copies of well-known apps.

The default action when no policy is configured is to ALLOW app downloads from all app stores. You can define a list of app stores from which users are not allowed to download apps. They can browse the app stores in the list, but they are blocked from downloading apps from the app stores.  

Configure a policy explicitly listing the BLOCKED app stores; the default action when no policy is configured is to ALLOW app downloads from all app stores.