This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

How to block access to Google services from personal devices?

Posted on 07-22-2021 06:37 AM
ser-storchak
Bronze 4
Bronze 4
Reply posted on --/--/---- --:-- AM

The user has a personal iphone device (unmanaged device). He should not have access to any Google services from this device (even via a web browser). The user refuses to set the Device Policy, so the "Advanced" setting does not work for him (Devices > Mobile and endpoints > Universal Settings > General > Mobile management > Advanced (Requires the Device Policy app).

The notification about the installation of the Device Policy app appears only when installing Google apps (for example, Gmail app). If the user add a google account manually (Settings > Passwords & Accounts > Add Account > Google), he has access to Email, Contacts, Calendars, Notes.

Any rules for the device also do not apply to it (perhaps I do not know how to work with them).

Please help me!

2 5 6,807
Topic Labels
5 REPLIES 5

Posted on --/--/---- --:-- AM
thomas_prescott
Bronze 4
Bronze 4
Reply posted on --/--/---- --:-- AM

IMAP has to be disabled for the General iOS stuff to stop syncing. That will break other things, obviously. This will not block mobile browser access, however.

Posted on --/--/---- --:-- AM
arto_schneider
Bronze 5
Bronze 5
Reply posted on --/--/---- --:-- AM

Have you checked if Context Aware Access could prevent access from personal devices?

Posted on --/--/---- --:-- AM
cryptochrome
Silver 5
Silver 5
Reply posted on --/--/---- --:-- AM

Hi,

you can set up device approval so that whenever a user tries to log in from a new device, an admin has to approve it first. You need at least Business Plus for this and you can read more about it here:

https://support.google.com/a/answer/7508418

Posted on --/--/---- --:-- AM
christiannewman
Gold 1
Gold 1
Reply posted on --/--/---- --:-- AM

Enable device approvals so that only approved user-owned devices, in addition to company-owned devices, can access your organization's Google Workspace accounts. Learn more about Device approvals

I also recommend restricting access to Google Workspace services in API controls so that only pre-approved third-party apps, in addition to first-party Google applications, can access Google Workspace services. Learn more about API controls and app access

Here to help if you have any questions.

Posted on --/--/---- --:-- AM
sesz
Bronze 1
Bronze 1
In response to christiannewman
Reply posted on --/--/---- --:-- AM

Device approval doesn't work when you logi in using browser on your private phone

0 Likes
Top Labels in this Space
Top Solution Authors
View all