Managing restrictions and enabling full control of settings on iOS devices can be made possible by deploying Scalefusion MDM. By leveraging the Apple DEP program, you can easily enroll iPhones and iPads into Scalefusion MDM, ensuring users don’t bypass or remove restrictions. Enforce powerful management settings and restrictions on iOS devices by enabling device supervision during enrolment.
Restrictions iOS Device Profile offers different settings that IT admins can configure to push and apply on a device. A restriction policy that is applied on an iOS device will block the specified device functionalities in one go, thereby protecting corporate data from any security attack. Scalefusion allows you to selectively restrict functionalities or apps on managed iOS devices from the web console.
iOS devices fall into two categories:
IT admins will be able to manage unsupervised iOS devices, but they can only control a set of policies. Without supervision, iOS devices are only partially manageable, which makes the device vulnerable to theft and data breaches.If the IT team wants to apply policies and fully manage iOS devices, it is important to supervise the device.
A supervised iOS device allows the IT team to enforce stricter policies and have more control over the device features. With iOS supervision, IT admins can seamlessly push core MDM policies on managed Apple devices.
You can begin with logging into the Scalefusion dashboard and creating or editing an iOS Device Profile. After that, navigate to the Restrictions tab that looks like this.
You have the following options to choose iOS restrictions from:
From the list of applications that you have allowed, choose one application to run always so that you can set up the device as a Kiosk. You can choose additional settings as well.
You can also set certain applications to run autonomously on the single app mode. Please note, the autonomous single app mode is dependent on the application, i.e., only some applications offer this functionality.
Over here, you can find a collection of network-related settings to control your iOS device network settings. These are:
Control all the Safari-related settings for your iOS devices using the following options:
Control general iCloud and Siri-related settings through the following options.
Please note that these settings will work on all devices.
Please note that these settings will work on supervised devices only.
To push Lock Screen settings on iOS devices, it is mandatory to set passcodes. IT admins can select from the following General settings to drive user experience on the Lock Screen.
Here’s a collection of application-related settings that IT admins can enforce on iOS devices.
Please note this setting will work on all devices.
Please note that these settings will work on supervised devices only.
Through app management, IT admins can configure settings that allow users to control how applications are published from the Scalefusion dashboard, and how they get installed on the managed devices.
Enable this to show a Web-clip on the device home screen that lets users see the applications published and install them
Please note, this feature can only reflect once you enable the application catalog. To know more about the app catalog, click here.
You can delay any new iOS update by configuring settings under this section. Since iOS does not indefinitely allow blocking new OS updates, admins can delay/defer them for a minimum of 30 days to a maximum of 90 days.
In this section, you can select Email or Exchange configurations to publish on the iOS Device Profile(s). You have the option to select one or multiple configurations to push on the devices.
You can control the exchange of data between work apps and personal apps. You can configure these settings on all iOS devices, irrespective of whether they are supervised or not; just ensure the minimum OS version is met. Secure corporate data by preventing the unmanaged (personal) applications from viewing/opening data with managed (work) apps.
The settings offered are:
Certificate Management helps IT admins streamline the process of deploying Digital Certificates to end users’ devices by automatically provisioning digital identities onto devices without involving end-user. You can enable authentication on managed iOS devices with Scalefusion.
IT Admins can directly push Custom Payload to the iOS devices using a good XML editor. Hence, admins can now add desired features for Mac and iOS that at present not available with Scalefusion.
Custom Payload lets you build your own policy using the Apple MDM Protocol. IT admins can quickly add settings that are not built in Scalefusion. Please refer to Apple Device Management to understand the various payloads and their support. You can also build your policies.
This section includes a collection of common settings that can be enforced on iOS devices. Here are the options:
Please note that these settings will work on all devices.
Please note that these settings will work on supervised devices only.
With Scalefusion iOS MDM, configure different restrictions on the managed iOS devices as per company requirements. Allow or restrict users from accessing different iOS features like profile settings, application settings, iCloud settings, security and privacy settings.