The evolution of modern work sparked widespread adoption of bring-your-own device (BYOD) policies in organizations. This trend added complexity to mobile security deployments by challenging security and IT teams to protect work data without accessing personal data on those devices. With deployment options like Apple’s “User Enrollment”, work data and personal data on user-enrolled iOS devices are containerized on separate volumes on the same phone. This separation of work and personal data makes it easier than ever for security and IT teams to protect the most critical work data and applications on BYODs, while upholding end-user privacy.
Today we are excited to announce the Public Preview of Apple User Enrollment support for Microsoft Defender for Endpoint on iOS. This new feature offers security and IT teams the flexibility to deploy Defender for Endpoint to user-enrolled devices so that work data and applications are protected, while end-user privacy is upheld on those devices.
Apple User Enrollment is an enrollment solution specifically for BYOD scenarios. This enrollment type balances security and privacy for user-owned devices, by storing work and personal data in separate containers on the device. This containerized method only permits security and IT teams to have access to the data and managed applications found in the work container. As the admin, you get access to a limited but appropriate subset of Intune management options and restrictions to ensure that your organization's data stays safe.
Note: Admins cannot push a device-wide VPN profile with User Enrollment. Therefore, zero touch (silent) deployment and auto-onboarding of VPN is not supported with this feature.
Looking to learn more about User Enrollment support for Microsoft Defender for Endpoint?
Read our Apple User Enrollment support documentation on Microsoft Learn
Compare Apple User Enrollment methods
Review limitations and capabilities not supported
We are excited to share Apple User Enrollment support for Microsoft Defender for Endpoint with you. Let us know what you think in the comments below. We take all feedback into consideration as we work to enhance your security experience with Microsoft Defender for Endpoint.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.