HT201365: Find My iPhone Activation Lock
Learn about Find My iPhone Activation Lock
Q: Company owned devices
-
Sep 23, 2013 12:53 PMby PavilionServices,This really makes me nervous as well. We are a Windows shop and therefore do not have access to Apple Configurator and it does not appear that the iPhone Configuration Utility for Windows has been updated to support this.
I can ask my users, but I would rather be able to limit them in what they do.
-
Sep 28, 2013 7:48 AMby jjrbg,We use MobileIron to manage our devices, not Apple Configurator. The benefit of MobileIron is it's entirely OTA enrollment and configuration. From what I understand of Apple Configurator, it requires each device to be connected via USB - this would be a step backwards for us. Plus it would mean using two different products to manage our devices as Apple Configurator doesn't have all the features of MobileIron.
-
Sep 28, 2013 7:52 AMby jjrbg,We're mostly Windows too, but we do have access to a Mac if we were desperate. I'm not sure if the iPhone Configuration Utility will be updated to include this feature. It would be great if Apple had a fallback process - for example, if you were able to provide proof or purchase/ownership of the specific device - they could override the Activation Lock.
-
Sep 28, 2013 7:56 AMby pvonk,HelpfulYou might read through the following link, the part about Activation lock and how a device can be permanently locked - I mean permanently.
One paragraph for the link below...
"As a result of that, using Activation Lock will become the best way for disgruntled employees to take a parting shot after being fired. They will report their device lost, then turn it in and leave. After that, the company will no longer be able to use the device, even though the company owns it."
http://www.cultofmac.com/246755/why-ios-7s-activation-lock-is-a-disaster-waiting -to-happen/
-
Sep 29, 2013 1:00 PMby jjrbg,Thanks for the link - a very interesting read. I cannot believe Apple haven't created a workaround, all-else-fails process. Imagine purchasing a £2000+ MacBook paperweight! Surely, legally there must be some comeback. Could you take the ex-employee to small claims court?
The only solution I can think of is to ask users to create Apple ID's with their corporate email address, and tie their devices to that. If they were to leave, we control the email domain, so could reset the password if neccessary.
I called Apple Enterprise Support and they suggested a general corporate iCloud account that we use to enroll all our devices with. Apparently, the iCloud Apple ID can be different to the Apple ID used by App Store and iTunes etc.
-
Oct 2, 2013 5:10 AMby jjrbg,Some potentially good news on the horizon for anyone else concerned by this feature for company owned devices. I have heard there is an upcoming release by Apple to their MDM partners called "Streamlined MDM Enrolment". This is actually listed on the Education page for iOS 7 already. This will supposedly enable devices to be fully enrolled and provisioned over-the-air (in "supervised" mode) without the need for a physical connection using USB or Apple Configurator.
Streamlined MDM enrolment.
With automatic device configuration, new devices purchased by a school can be wirelessly enrolled into their MDM system during setup. In addition, new devices can be placed wirelessly in supervised mode, which enables enhanced management options. With streamlined MDM enrolment, users can be up and running quickly without the need for manual configuration by IT.
I await some timescales as to when we'll be able to utilise this new feature.
