App Security on iOS

Description

Experienced being in a meeting and needing to pass an iOS device to someone else, but with the knowledge that there is sensitive data in some Apps or some Apps that not should be accessed at all?

To prevent temporary users of devices from accessing certain Apps, Apple introduced two new concepts: Hide and Lock.

• Allowance of Hiding Apps was introduced in iOS 18
• Allowance of Locking Apps was introduced in iOS 18.1

Hiding an App prevents the App from being visible, whilst Locking an App disallows the opening of a Locked App without an additional layer of security, e.g.  Touch of Face ID.  Hidden Apps are available from a visible folder called 'Hidden' within the App Library.  Access to the Hidden folder and opening Locked Apps is by way of authentication.

Further information may be viewed in Apple's KB: Lock or hide an app on iPhone

FileWave 16 included management for this feature.

Information

App Configuration

Each VPP App has two new options, one for Lock and one for Hide, allowing MDM to define Apps, on an individual basis, to be set as Locked or Locked and Hidden:

Hideable is only an option where Lockable is enabled.

As per Apple's above linked KB, not all Apps may be Locked or Hidden.  Please review their KB for a list of Apps which may not be set.

Profile Configuration

As an addition to the VPP App setting, it is possible to allow/deny users from selecting Apps themselves to be either Locked or Locked and Hidden, by way of additional Profile options, within the iOS Restrictions Payload.