Cortado Support

My Tickets Visit www.cortado.com
Welcome
Login
  1. Cortado Support
  2. Solution home
  3. Set up App Store accounts/add and distribute apps
  4. iOS apps

Separate private and business iOS apps (BYOD)

Cortado Support
Modified on: Tue, 28 Jan, 2025 at 10:31 AM

In this article, we will show you how to separate private and business iOS apps and data on private devices with a workspace. To do this, a secure business container is set up on the devices with the help of a policy. This ensures that no business data gets into private applications.

  •  Firstly, add the app that you want to configure to the Administration Portal (ABM apps, apps from App Store, own (self-developed) apps.).
  • Assign the apps to the users/groups.
  • Create a new policy. To do so, click the plus icon in the Administration Portal under Administration→ Policies. Then select iOS/iPadOS.
  • In the policies, first select the User Enrollment setup method (arrow in illus.).

select user enrollment

To separate business and private apps and data, configure the policies under Data and Container Protection as follows (see image):

configure policy

  • Uncheck Allow documents from managed sources in unmanaged destinations (second arrow in illus.). Then, when sharing files, users on iOS devices will only be offered those apps that you have made available via the Administration Portal.
  • If you also want to prevent data from private apps from entering business apps, uncheck Allow documents from unmanaged sources in managed destinations (third arrow in illus.).
  • If you also want to prevent data (e.g. texts)  from being copied and pasted back and forth between managed and unmanaged apps, enable the Managed Pasteboard (lower arrow in illus.).
  • Also make sure that the checkbox Allow unmanaged apps to read from managed contacts is deactivated (default setting) (upper arrow in illus.). This ensures that private apps (such as WhatsApp) cannot access business contact data.  Please also note the information in our How-To How to prevent WhatsApp, Clubhouse and their like from accessing business contacts on iOS.
  • In addition, activate the policy Treat AirDrop as unmanaged destination. This will prevent the sharing of business data via.
  • We also recommend that you deactivate the checkbox Allow managed apps to store data to iCloud. As the iCloud on private devices is also a private storage location, you can prevent business data from flowing out in this way.
Note! The Allow unmanaged apps to read from managed contacts policy only applies if the Allow documents from managed sources in unmanaged destinations policy has been deactivated. The Managed Pastboard policy only applies if the Allow documents from unmanaged sources in managed destinations policy has been deactivated.

Now, if the user wants to share a document with another app or export the document there, only business apps will be offered (example in illus.). 

share file on iPhone

Thus, private and business data are kept apart from each other.



Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.

Related Articles