Companies that use iOS devices as part of Mobile Device Management (MDM) often want to prevent business contacts from the corporate directory from being visible in private or unmanaged apps – especially when using BYOD devices.
If corporate contacts are provided via CardDAV and an MDM system such as Microsoft Intune is in use, this access can be reliably controlled. Activating the "Block display of corporate documents in unmanaged apps" policy is crucial for this.
This setting ensures that iOS corporate contacts synchronized via CardDAV are only displayed in managed apps. Access by unmanaged applications – for example, WhatsApp – is blocked.
Configuration is done centrally via the MDM system and requires no manual adjustment by users. This ensures that corporate data remains protected without significantly impacting the user experience.
Below, you will learn step-by-step how to create a device restrictions policy to block the display of corporate documents in unmanaged apps.
1. Go to Configuration and create a new policy:
2. Under Templates, select the "Device Restrictions" type:
3. Give the policy a name.
4. Open the "App Store, Document Viewer, Games" section and enable the "Block corporate documents from being displayed in unmanaged apps":
5. Assign the policy to the desired devices or groups:
6. Review and save the settings to complete the policy:
Comments
0 comments
Please sign in to leave a comment.