Recommendations for Check In

NOTE: This article applies to iOS devices.

To ensure reliable check out, your devices must check in reliably. This page is intended to document Imprivata’s recommendations for a reliable check in experience.

Considerations

• Imprivata no longer recommends launching com.apple.Preferences. Additionally we want to discourage users from opening Settings, usually.

• If you are hiding com.apple.webapp, ensure that you are not blocking com.apple.webapp from the MDM using a configuration profile.  This can be blocked if you are using an allowlist and don't have com.apple.webapp as part of the allowlisted apps. If you are building a blocked list, do not include com.apple.webapp in it.

Click to enlarge

Your Check In Workflow must contain the following actions, at a minimum:

• Perform MDM Command: Clear Passcode

• Check In Device

• On Failure: Retry 3x

Every Apple DEP workflow will additionally include the following actions, which should be left untouched for Check In workflows:

• Device Enrollment Program

• Add WiFi

Optionally, you may add the following actions:

• Check In options to log out of third party apps

• Set Wallpaper to clear out personalized wallpaper

• Perform MDM Command to assign a staging user or remove tags

• Set Attributes to clear any additional data set during Check Out