Hi
We are currently using AirWatch to manage devices for users. I have been asked the question as to if there is a way to prevent users for logging into other none managed devices with their work account. Similar to how intune can block users from signing into none company devices. Ideally we need to stop them from using their personal iphones etc for work emails etc
Ive done the usual google searches but cannot see anything obvious
thanks
Hi,
You can use an option "Devices Enrollment Mode" - Registered Devices Only. Before you can enroll a new device, you will need to add a new devices in Console.
And you can set an enrollment policy and lock the enrollment by manufacturers and device models.
You can find all enrollment options in groups & settings - all settings - device & users - general - enrollment
Hi Am I right in thinking that would work great so they can only log in to managed devices already in airwatch. What we need is to stop them logging into personal laptops and phones with their corporate (work ) accounts
If the option is changed on "Registered Devices Only" then the user will not able to register/enroll their own device without admin action in Console
Hi yes that makes sense however we are not looking at stoping them enrolling into workspace one etc we are looking to stop them from say signing into outlook or teams on their personal laptop or iphone with their work account details and therfore having company data on none work kit. which i am thinking Airwatch will not block . So you cannot stop someone from using their own iphone to access work applications
Hi,
Ok. You need Conditional access and an integration with MS cloud services.
Look into https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/Directory_Service_Integration/GUID-DirS... https://www.youtube.com/watch?v=0XhFGaRBQbsHi
You can use restricted enrollment, using only allowed devices serialno to enroll.
Hi this looks like what we are looking for
many thanks