So on Android devices you can prevent users from sharing data between work and personal through creating multiple instances of applications that are used for work only.
According to Workspace ONE documentation, on iOS we should be able to prevent users from sharing data through a restriction profile. However this profile does not seem to work as intended as we're still able to save a document to Files or even take screenshots and save those to gallery. Can anybody tell if we're missing something here? We'd also be intestered if there are better or alternatives ways we can achieve this.
This is a bit tricky as the recent changes in iOS 16 architecture does not allow any more WS1 SDK to "Open Into" a managed set of apps.
This is true only for apps built with WS1 SDK.
For any other app that you pushed as VPP / Managed on the device, it should be indeed in the restriction profile, basically only those two little guys you can rely on for the moment :
From a deployed managed Google app(Gmail, Drive, Docs) we can open work documents and save them to Files app (unmanaged) and also take screenshots and save them to Gallery(unmanaged)
One thing that I have always cautioned people on is to never be concerned on restricting screenshots. Because there is nothing stopping the user from taking a picture of the screen with another device.