How to control employee access to iCloud services – Computerworld

0
34



What Apple does allow is some control of iCloud access from devices enrolled in a company’s MDM system. Using Apple’s provided MDM restriction keys, companies that don’t use Managed Apple IDs can block access to specific iCloud services from a given device. This is a little like using a hammer to crack an egg, but you can block access to the following iCloud services: Address Book, Bookmarks, Calendar, Drive, Keychain, Mail, Notes, Reminders, Photo Library, and Private Relay.

The downside is that by blocking access to these services you effectively limit what your staff can do with a device that is for all intents and purposes their own device, using their own Apple ID. Many workers would likely feel this to be an unwanted intrusion into their personal devices and see such moves as displaying a lack of trust. (IT admins could, of course, argue that they feel forced to deploy such restrictions to prevent exfiltration of valuable corporate or personal data.)

Which approach is best?

For me, if you do need to restrict access to iCloud services across your teams, it feels more appropriate to impose those restrictions via a Managed Apple ID. Doing so provides the maximum benefit — you can control and restrict device use that relates to your business, its services, and data, while also permitting personal use of that device.

LEAVE A REPLY

Please enter your comment!
Please enter your name here