Skip to main content

Apple @ Work: If I sign into a Managed Apple ID on a personal device, can my work access personal information?

Apple @ Work is brought to you by Kandji, the MDM solution built exclusively for organizations that run on Apple. Kandji is a modern, cloud-based platform for centrally managing and securing your Mac, iPhone, iPad, and Apple TV devices, saving IT teams countless hours of manual work with features like one-click compliance templates and 150+ pre-built automations, apps, and workflows. Request access.

Apple IDs have come in a lot of forms over the years. From iTools, .Mac, MobileMe, iTunes Accounts, iCloud, and now managed options – they’ve become an important part of the Apple hardware experience. Managed Apple IDs are the newest part of the Apple ID family, and they are going to be a strong building block for the future of using Apple hardware in the workplace. In recent years, User Enrollment has extended the functionality of Managed Apple IDs.

About Apple @ Work: Bradley Chambers managed an enterprise IT network from 2009 to 2021. Through his experience deploying and managing firewalls, switches, a mobile device management system, enterprise-grade Wi-Fi, 100s of Macs, and 100s of iPads, Bradley will highlight ways in which Apple IT managers deploy Apple devices, build networks to support them, train users, stories from the trenches of IT management, and ways Apple could improve its products for IT departments.


What are Managed Apple IDs?

Managed Apple IDs are used for two things: personalizing your Apple device at work and accessing Apple apps/services in a secure way as determined by your organization. Unlike regular Apple IDs, end-users don’t fully control these accounts. The organization controls password resets, as an example.

Managed Apple IDs are created in either Apple Business Manager or Apple School Manager. With deep integration with Microsoft Azure Active Directory, enterprises can automatically Manage Apple IDs to employees using their existing credentials. If an organization is using Google Workspace, there isn’t as deep as integration.

When you’re using a managed Apple ID in a school setting, students and teachers get access to the Classroom app, Schoolwork app, and collaborate using iWork and Apple Notes. School admins also can use a managed Apple ID to log in to Apple School Manager.

User Enrollment with Managed Apple IDs.

Apple has made substantial enhancements to how Managed Apple IDs and personal iCloud accounts can work together. With User Enrollment in recent editions of iOS, iPadOS, and macOS, users can use both accounts together.

Last year with iOS 15 and iPadOS 15, Apple introduced a streamlined User Enrollment process designed for end-users to access corporate accounts. It’s now built right into the Settings app. When you go to General > VPN & Device Management section in the Settings app, there is “Sign in to Work or School Account” button. When a user enters a Managed Apple ID, the device identifies the MDM solution’s enrollment URL starts the enrollment process.

After the Managed Apple ID is signed in, the new managed account is displayed within the Settings app, and users can see details about what is being managed on their personal device and how much their organization provides iCloud storage space.

What can my work see on my personal device?

When a Managed Apple ID is added to a personal device iOS, a separate volume is automatically created on the device and contains managed:

  • Apps
  • Notes
  • Calendar attachments
  • Mail attachments and body of the mail message
  • Keychain items

In iOS and iPadOS, managed apps and managed web-based documents all have access to the organization’s iCloud Drive through existing Managed Open In restrictions.

IT administrators at your workplace can manage only an organization’s accounts, settings, and information by the company mobile device management system, never a user’s personal account. The same features that keep data secure in organization-managed apps also protect a user’s personal content from entering the visibility of the company IT department.

Your company cannot see what apps you have installed personally, see personal data, access device location, wipe the device, etc.

Wrap up

Apple has done an ideal job of building systems to protect company resources, streamlining access, and protecting the privacy of the end-users. Using User Enrollment in a BYOD environment, Managed Apple IDs become a useful way to keep work and personal data from mixing together.

Apple @ Work is brought to you by Kandji, the MDM solution built exclusively for organizations that run on Apple. Kandji is a modern, cloud-based platform for centrally managing and securing your Mac, iPhone, iPad, and Apple TV devices, saving IT teams countless hours of manual work with features like one-click compliance templates and 150+ pre-built automations, apps, and workflows. Request access.

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Manage push notifications

notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications
notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications