iOS Business Container
For iOS devices, the separation of private and business data is achieved by using a policy to set up a secure business container. This guarantees that no business data can make its way into private applications.
- First, prepaire managed apps (see section Adding iOS apps).
- Assign the app to the users or group templates (see section Assigning apps).
- Create a new policy. To do so, go to Control Panel→ Policies in the Management Console and click on the plus icon. Then select iOS policies.
- In the policy’s Permissions tab, remove the checkmark next to Allow documtens from managed sources in unmanaged destinations (upper arrow in illus.). Then, when users are importing or exporting files on the iOS devices, they are offered only those apps that you have made available in the app container.
- If you also want to prevent data from unmanaged apps from getting into managed apps, remove the checkmark from Allow documtens from unmanaged sources in managed destinations (lower arrow in illus.).
Now, if the user wants to share a document with another app or export the document there, only managed apps will be offered (example in illus.).
Thus, private and business data are kept apart from each other.
Android Enterprise – work profile
All apps that were assigned to the user under Control Panel→ Apps & Docs are automatically part of the work profile (see section Adding Android Enterprise apps).
You can recognise the apps by the briefcase in the app icon (left illus.). In the work profile, business files cannot be moved into private apps (example in right illus.). Under Open with, the user will only be offered apps that are part of the work profile. Thus, private and business data are kept apart from each other.