iOS: Ready for GDPR with Managed Contacts

With “Managed Contacts”, Apple has not only ensured further security, but also finally finished some long overdue homework.

Managed Contact with iOS 11.3
With iOS and an EMM solution like Cortado Server, companies keep their contact data under control.

Contacts App – The Security Gap in iOS

With hindsight on the EU’s General Data Protection Regulation, Apple has finally managed to separate business and private contacts on iOS devices.

The clear separation of business and private data on mobile devices is an essential component of any EMM strategy. Although Apple’s managed apps have enabled this separation for a long time, this concept was unfortunately not implemented in Contacts on the device itself.

Companies that use EMM systems to manage their employees’ iOS devices often had to contend with a significant security gap. Access to business contacts, for example when integrating an Exchange account on the iPad or iPhone, was also possible from unmanaged apps such as WhatsApp or Facebook. From a data protection perspective, this was unacceptable for many corporate scenarios.

iOS Separates Business and Private Contacts

In contrast to the separation of data on Android, where there are two separate contact apps, Apple had to finally solve their self-created problem. When opening the Contacts app directly, private and business contacts are still displayed, but access from other apps now offers a different view.

Access from unmanaged apps now only allows access to unmanaged contacts. For example, a user can access contacts from an unmanaged app from the private iCloud account, but not the contacts from the company’s Exchange address book configured on the device via MDM.

Employees with BYOD or COPE devices are free to use apps like WhatsApp or Facebook for private purposes. The company contacts remain protected against unauthorized access by third parties – provided configuration has taken place with an EMM system such as Cortado Server.

Apple BYOD – Never Been Better

The improved contact separation is one of several new optimizations to BYOD for Apple devices, which is now enabled with a new registration option called User Enrollment.

You can read more about why User Enrollment has been called one of the biggest changes to Apple BYOD since iOS 7 on our blog. However in a nutshell, User Enrollment manages to protect every user’s privacy (patently missing in Apple’s previous BYOD method called “device enrollment”), while still improving data separation and security for organizations.

As a result, we think there has never been a better time to launch or expand BYOD in organizations.

BYOD with iOS Devices

This free white paper shows how an MDM solution can help organizations meet EU-GDPR requirements and implement their own compliance policies on smartphones.

Download Free Whitepaper »