Sophos Mobile Work Profile for iOS devices


I am sure something like this has been asked before, but I just wanted to see if anyone could help or advise.

Just like there is a Work Profile for Android devices, is there something similar or the same for iOS devices at all? I would like to be able to set up a Work Profile for iOS devices for users who may want this option so they don't have to worry about losing their entire personal data on their device should they wish to use it for work purposes. For now, many users on iOS are utilising the Sophos Secure Container for emails. But in the instance they want to use their device for work as a whole (including adding a work SIM into the phone), I would like for this option to be available.

Can anyone please advise how I go about setting something like this up? I fully appreciate your help.

Thank you


  • Hello Waliu,

    Thank you for reaching out to the Sophos Community.

    Do you know if there are any specific requirements you’re looking to fulfil in the desired setup? 

    Generally, it's not needed to set up the iOS devices as "Supervised" unless you would like to have an elevated level of control over the mobile devices. The normal enrollment and device management method will work. 

    There’s an option "Disable unenrollment through app" that may prevent the end-users from removing the "Sophos Mobile MDM Profile" from the iOS devices, however, if the need to factory reset is a concern, you can leave this option un-checked. 


    Kushal Lakhan
    Global Community Support Engineer
    Are you a Sophos Partner? | Product Documentation | @SophosSupport | Sign up for SMS Alerts
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids
  • Hi Qoosh,

    Thank you for your response. I suppose what I am after is something that is just as similar as Android. There's Android Enterprise for full device management and then Work Profile to allow a personal device to have all the Sophos related apps (and other apps I add from Google Play Store) separate to the users personal apps.

    Therefore, I would still like to be able to "supervise" the device but just the Work Profile side of things. Meaning should a user leave the company, instead of wiping their entire handset (thereby removing all their personal stuff too), I just wipe the Work Profile just like I would on an Android device.

    An example I have is that I have a user who is using their iPhone as their work phone. I couldn't find a way of setting up the device without having to manage the entire device. User didn't mind this because they bought another cheap phone as their personal device.

    In addition, if a user has an iOS device that can accommodate two SIM cards (one personal and one work), this is another reason for wanting a Work Profile set up on the device.

    I hope this makes sense. I will take a look at the "disable unenrollment through app" option you have mentioned and see if this helps.

    Thank you