VMware Workspace ONE Community
JayPlyler
Contributor
Contributor

Multi-User iOS device - wiping native app bata between users

I think I've determined the answer to this, but would like to confirm... (and forgive me if I've missed this question already posted via my search.)


We have multi-user device staging working for iOS devices, but find that data in the native apps is retained between users. So, if User A logs in to the device, browses a few sites in Safari, takes a few pictures, etc., then logs out, when User B logs in all of User A's browsing history and photos are still there.


Is there a way to clear out this data between users? (And to anticipate one question, yes we have tried blocking Safari and installing Chrome. That works because Crome gets removed and reinstalled for each user. Doesn't help with the photos, though, and we don't want to disable the camera.)

Labels (1)
6 Replies
chrisPreshaw
Contributor
Contributor

I have a similar problem, and I have been installing apps that have a second layer of authentication to ensure users are not accessing others data.
If there is a way of wiping data only between uses, that would be great.
Reply
0 Kudos
teckler
Contributor
Contributor

Yes, I'm interested as well.  Removing data between patient uses is crucial.
Reply
0 Kudos
NickEales
Enthusiast
Enthusiast

We have thousands of iPads in healthcare and they all support multi user with two different scenarios (all OTA DEP + Supervised + No Apple IDs):

1) Forced login to our federated user directory during iOS startup wizard. Once a user is done they (or helpdesK) wipes the iPad which returns user to startup wizard. All our data is hybrid cloud so nothing is saved on the local device. (99% of our iPads)

2) Kiosk with only one functionality where the app or web site provides multi user capabilities. (1% of our iPads)

Reply
0 Kudos
chengtmskcc
Expert
Expert

Nick, you've an interesting setup for your multi-user iPads. So your users have to log in with his/her directory account during the setup assistant instead of using the Intelligent Hub app?

I'm setting up similar use case. My idea is that after the device is staged through DEP, it shows nothing but the Hub app. Then, user checks out the device with his/her directory account by using the Hub app. When he/she checks back in, the device returns to the original state where only the Hub app is visible.
Reply
0 Kudos
Juju_Z
Contributor
Contributor

Thomas, can you maybe share the settings that have to be applied to get your solution to work? Would be great, since I have a similar case, where a solution like that might be beneficial.
Reply
0 Kudos
chengtmskcc
Expert
Expert

Hi Julio,

I will have a blog post on this setup soon, but basically I have a restriction profile to hide all the apps except the Hub app after the device is staged. Separately, I configured ' Shared Device'  section within the OG so that anyone who logs onto the device will inherit another restriction profile that reveals all the apps.

Tom
Reply
0 Kudos