Contents

Docs

General
Fully managed
Work profile
COPE
Zero-touch
App management
Security
Provisioning
Android Enterprise Recommended
Account management
FAQ
Device admin
Resources
Vendor specific
Hardware validation

Change log


How should system applications be handled on a COPE device?
Contents

Android 8-10 – My normal advice, where supported through DPC extras (so NFC, QR, zero-touch, but not DPC identifier), is to enable system applications on COPE devices.

Organisations are providing a device provisioned for personal use, and as such the closer to stock it feels, the more familiar users will be with using it.

Most EMMs support the ad-hoc management of system applications, so there’s no reason bloatware can’t still be disabled, but things like system gallery, calculator, health apps and other OEM app suites being enabled should be harmless outside of the secure work profile.

Android 11+ – While there is still application management to a degree, the act of enabling or disabling system applications during provisioning is no longer supported.

Docs

General
Fully managed
Work profile
COPE
Zero-touch
App management
Security
Provisioning
Android Enterprise Recommended
Account management
FAQ
Device admin
Resources
Vendor specific
Hardware validation