Microsoft

Microsoft Endpoint Manager Intune Feedback

Suggestion box powered by UserVoice

Anonymous

My feedback

  1. 1,039 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Microsoft Intune
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    91 comments  ·  Ideas » Mobile Device Management (general)  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    Anonymous commented  · 

    Cathy Moya, here is what I have personally witnessed with the relationship between Intune and Apple devices.

    • The device must be built as a new device, not from an iCloud or iTunes backup to be a supervised device. Unless you use a ridiculous third device work-around.
    o Apple design – restoring from a backup makes it an un-supervised device
    • Un-supervised devices are treated as BYOD. The user has the ability to remove the management profile from the device.
    o Settings > General > Device Management > Management Profile
    o If the device is un-supervised, the user has the ability to remove the profile using “Remove Management”
    • Supervised devices, built as a new device, can be defeated by restoring the device in iTunes, then restoring it from a personal backup.
    o The device will become un-supervised and vulnerable to the above issues

    How can we secure our smartphone environment when users have the ability to remove a corporate owned DEP enrolled device from our control?

Feedback and Knowledge Base