The Google Apps Device Policy app enforces your organization’s security policies on employees’ managed Android devices, protecting them and making them safer. Administrators can set security policies, like strong passwords, on devices that are signed into work accounts and have access to corporate data.
If a security policy is violated, it’s especially important to ensure that corporate data isn’t accessible on that device until it’s once again compliant. However, apps like the Dialer or Messages that are “required for a device to function” will remain accessible to users of non-compliant devices.
“With that in mind, the Device Policy app will now disable access to non-critical apps* on any work profile or company-owned Android device that it determines is non-compliant. Users will see a notification informing them that their device violated a security policy and some apps may be disabled. Those apps will be re-enabled when their device complies with all of the organization’s security policies.”
This disabling of apps like Gmail, Calendar, Contacts, and Hangouts is handled by that Device Policy app that is installed on these managed devices