Using user enrollment, private Apple devices can be enrolled without the owner having to relinquish complete control over the device. Based on the Bring Your Own Device (BYOD) approach, private devices of students or employees can be integrated and used in the school or company context.
During user enrollment of private devices via Relution, a so-called “work profile” is created. This means that all MDM authorisations are restricted to the work profile and the organisation does not have full control over the device. Analogously, Android Enterprise also offers enrollment with work profile.
Since the MDM system does not have full access to the device, restrictions and actions are limited to the work profile. Even the reading out of device details only relates to the work profile. This ensures separation of private and business data and apps.
If a student or employee leaves the school or company, the profile can be remotely removed at any time, which automatically deletes all existing data in the work profile.
Currently, Apple iPhones and iPads can be enrolled in Relution via the iOS platform with user enrollment. In the future, Relution will also support user enrollment for macOS devices.
To enroll a device via user enrollment, an enrollment for iOS is created manually and the enrollment link is sent to the desired student:in or staff:in. The basic requirement for user enrolment is the use of a Managed Apple ID. This must be stored in the user details for the corresponding Relution user. The user:in can then be added to the enrollment and the enrollment completed. Assigned user:in can no longer be changed or removed from a device enrolled via user enrollment.
All iOS configurations and restrictions that can be applied to the work profile of a private device are marked in Relution with the badge “Supports User Enrollment”.