In this How-To we use an example to show you how to keep private and business apps and contacts separated on iOS-devices.
Regardless of which enrollment method you use, you can maintain the separation of private apps and those for business use on iOS devices. The aim is to prevent the exchange of data between these apps. The exchange of business contact data with private apps (and vice versa) should also be prevented. In this How-To, we want to show you how to achieve this goal by creating and distributing a policy and a profile.
You can use a policy to prevent the exchange of data between apps that the user has personally loaded onto the device and apps that you have assigned to them. The settings you need to make in the Cortado management console are described in detail here. When you register for the free test phase of Cortado MDM, the relevant policy (DGVO iOS) is already preloaded and can be immediately assigned to your users.
To maintain the separation of private and business contacts from each other, it’s necessary to create and assign an Exchange profile. How to create such a profile is described in detail here. Following assignment of the profile, the native Contacts, Mail and Calendar apps will be automatically configured with the Exchange data.
As can be seen in the following illustration, the native Contacts app is divided into groups:
Now private apps only have access to the Gmail and iCloud contacts. Only the business apps have access to the Exchange contacts.
In the following example, only MS Word and MS Excel have access to the email attachments of the Exchange contacts, because the administrator has assigned both those apps to the user. It is emphasised at this point that on iOS devices there is no visible division between the two areas on the device.
Apart from the iOS system apps, apps can be for either business or private use only. On BYOD devices, it is possible that apps that you want to assign for business purposes are already installed on the device. If this should occur, the already installed private app will be assigned to the business area once you have distributed the app via the Cortado management console. This is providing that the user agrees to the procedure being carried out on the device, via a push notification.