App control on iOS MDM devices

Expand all | Collapse all

Kaspersky Security Center allows you to manage apps on iOS MDM devices to keep these devices secure. You can create a list of apps allowed to be installed on devices and a list of apps prohibited from being displayed and launching on devices.

These restrictions apply only to supervised iOS MDM devices.

Open Restrictions for applications section

To open settings for app restrictions on iOS MDM devices:

1. In the console tree, in the Managed devices folder, select the administration group to which the iOS MDM devices belong.
2. In the workspace of the group, select the Policies tab.
3. Open the policy properties window by double-clicking any column.

   Complete the following steps within 15 minutes. Otherwise, you may face an error when saving changes to the policy.

4. In the policy Properties window, select the Restrictions for applications section.

Restrict app installation

By default, the user can install any apps on the supervised iOS MDM device.

To restrict the apps that can be installed on the device:

1. Select the Allow installation of apps from the list (supervised only) check box.
2. In the table, click Add to add an app to the list.
3. Specify the app's bundle ID. Specify the com.apple.webapp value to allow all web clips. How to get the bundle ID of an app

   To get the bundle ID of a native iPhone or iPad app,

   Follow the instruction in Apple documentation.

   To get the bundle ID of any iPhone or iPad app:

   1. Open App Store.
   2. Find the required app and open its page.

      The app's URL ends with its numerical identifier (for example, https://apps.apple.com/us/app/google-chrome/id535886823).

   3. Copy this identifier (without letters "id").
   4. Open the web page https://itunes.apple.com/lookup?id=<copied identifier>.

      This downloads a text file.

   5. Open the downloaded file and find there the "bundleId" fragment.

   The text that directly follows this fragment is the bundle ID of the required app.

   To get the bundle ID of an app that has been added to Kaspersky Security Center:

   1. In the console tree of Kaspersky Security Center go to Advanced > Remote installation > Installation packages.
   2. Click the Additional actions button and select Manage mobile apps packages in the drop-down list.

   In the Mobile apps package management window that opens, identifiers of managed apps are displayed in the Application name column.

   If you have an app package as an .apk or .ipa file and want to know the app identifier, you can add the app package to the Mobile apps package management window by clicking the New button and following the on-screen instructions.

4. Click the Apply button to save the changes you have made.

Once the policy is applied to a device, the specified restrictions for apps are configured on the device. Only apps from the list and system apps will be available for installation. All other apps can't be installed on the device.

The specified apps can be installed on the device in the following ways (if the corresponding options are enabled in the Features restrictions section):

• Installation from Apple Configurator or iTunes
• Installation from App Store
• Automatic loading

Specify prohibited apps

By default, all apps can be displayed and launched on the supervised iOS MDM device.

To specify prohibited apps:

1. Select the Prohibit displaying and launching apps from the list (supervised only) check box.
2. In the table, click Add to add an app to the list.
3. Specify the app's bundle ID. Specify the com.apple.webapp value to restrict all web clips. How to get the bundle ID of an app

   To get the bundle ID of a native iPhone or iPad app,

   Follow the instruction in Apple documentation.

   To get the bundle ID of any iPhone or iPad app:

   1. Open App Store.
   2. Find the required app and open its page.

      The app's URL ends with its numerical identifier (for example, https://apps.apple.com/us/app/google-chrome/id535886823).

   3. Copy this identifier (without letters "id").
   4. Open the web page https://itunes.apple.com/lookup?id=<copied identifier>.

      This downloads a text file.

   5. Open the downloaded file and find there the "bundleId" fragment.

   The text that directly follows this fragment is the bundle ID of the required app.

   To get the bundle ID of an app that has been added to Kaspersky Security Center:

   1. In the console tree of Kaspersky Security Center go to Advanced > Remote installation > Installation packages.
   2. Click the Additional actions button and select Manage mobile apps packages in the drop-down list.

   In the Mobile apps package management window that opens, identifiers of managed apps are displayed in the Application name column.

   If you have an app package as an .apk or .ipa file and want to know the app identifier, you can add the app package to the Mobile apps package management window by clicking the New button and following the on-screen instructions.

4. Click the Apply button to save the changes you have made.

Once the policy is applied to a device, the specified restrictions for apps are configured on the device. Apps from the list will be prohibited from being displayed and launching on the device. All other apps will be displayed and available to run.

Page top