DSK92
Contributor
Contributor

Preventing iOS users from from sharing data from managed to unmanaged apps

Hi

So on Android devices you can prevent users from sharing data between work and personal through creating multiple instances of applications that are used for work only.

According to Workspace ONE documentation, on iOS we should be able to prevent users from sharing data through a restriction profile. However this profile does not seem to work as intended as we're still able to save a document to Files or even take screenshots and save those to gallery. Can anybody tell if we're missing something here? We'd also be intestered if there are better or alternatives ways we can achieve this.

 

0 Kudos
3 Replies
AntonThirifays
Enthusiast
Enthusiast

Hi,

This is a bit tricky as the recent changes in iOS 16 architecture does not allow any more WS1 SDK to "Open Into" a managed set of apps.

This is true only for apps built with WS1 SDK.

For any other app that you pushed as VPP / Managed on the device, it should be indeed in the restriction profile, basically only those two little guys you can rely on for the moment : 

Allow documents from managed sources in unmanaged destinations
 
Allow documents from unmanaged sources in managed destinations
 
Except DLP setup in WS1 SDK (which is struggling with the Open Into) , these two should rule the rest.
Also, can you confirm that Files App is not deployed and not considered as "Managed" ?
 
0 Kudos
DSK92
Contributor
Contributor

From a deployed managed Google app(Gmail, Drive, Docs) we can open work documents and save them to Files app (unmanaged) and also take screenshots and save them to Gallery(unmanaged)

0 Kudos
ZombieSlayer
Contributor
Contributor

One thing that I have always cautioned people on is to never be concerned on restricting screenshots. Because there is nothing stopping the user from taking a picture of the screen with another device.

0 Kudos