June 4, 2026
New iOS device management settings now generally available in Google Endpoint Management
We’re introducing an expanded set of native Apple Mobile Device Management (MDM) settings to Google Endpoint Management, providing administrators with more granular control over how iOS devices are configured and secured. These new settings—spanning categories such as Apps and Services, Device Features, Data Sharing, and Backup & iCloud Sync, etc—allow admins to manage critical device behaviors directly from the Google Workspace Admin console. This update allows organizations to efficiently harden their security posture for both corporate-owned and BYOD iOS devices. With this launch, these settings will become generally available.
See below for a detailed list of the new settings by category.
Apps and Services - Writing tools, App clips, App installation from web, App installation from alternative marketplaces, Apps to be hidden, Locking apps, In app purchases
Safari - Safari history clearing, Safari private browsing
Device Features - Auto unlock, Call recording, Auto dim, Default browser modification, Personalized advertising, eSIM outgoing transfers, OTA PKI updates, iPhone mirroring, Satellite connection, RCS messaging, Unpaired external boot to recovery, Untrusted TLS prompt, Limit ad tracking, AirPlay outgoing requests pairing password, Preserve eSIM on erase
Backup and iCloud Sync - Enterprise book backup
Authentication - Fingerprint for unlock
Data Sharing - Managed pasteboard
Getting started
- Admins: Visit the Help Center to learn more about these settings.
Rollout pace
- Rapid Release and Scheduled Release domains: Gradual rollout (up to 15 days for feature visibility) starting on June 4, 2026
Availability
- Available to all Google Workspace customers with Google Endpoint Management
Resources
- Google Workspace Admin Help: Settings for iOS devices