ANDREWLOFGREN
Contributor
Contributor

Locking down a corporate shared device while no one is logged in

Hello!

I am looking for ideas on how to lock down a corporate shared device while no one is logged into it. I am not worried that the device is not password protected. More worried that there are no device restrictions, I.E a user can login with an Apple ID, download apps from the app store and pretty much use the device how they please without ever logging in to the Hub app. Hopefully I am missing something simple. It would also be nice to be able to set specific device restrictions without implementing the whole device restriction page. Or like an option to leave some of that long list ' unassigned'  where another profile can supersede. At the very least be able to deny the Apple App Store icon and disable Apple ID login but not the rest of the settings.
Labels (1)
3 Replies
JohnMarler
Enthusiast
Enthusiast

I like your idea of having something like this. I am not sure if it would be worth it, but you could look into ' staging'  and use the ' default staging user'
0 Kudos
KevinMigliaccio
Contributor
Contributor

We have all our shared devices  change OG when signed in, to one that will add a profile which puts the device in single app mode and make that app Hub.  the devices must be DEP or Supervised by Apple config but it works great.
0 Kudos
Stansfield
Enthusiast
Enthusiast

It is worth noting you can do that based on smart group and them being in one of your staging users you do not need to use a OG group
0 Kudos