How should system applications be handled on a COPE device? | Jason Bayton

Contents

Docs

General

Fully managed

Work profile

COPE

Zero-touch

App management

Security

Provisioning

Android Enterprise Recommended

Account management

What’s the difference between allow adding accounts vs allow configure credentials?

FAQ

Device admin

Resources

Vendor specific

Hardware validation

Change log

22 September 2022 update tags
16 September 2022 category update and formatting
13 September 2022 remove submit question

26 April 2019 | 1 minute 22 September 2022

#FAQ #COPE #App management

How should system applications be handled on a COPE device?

Contents

Android 8-10 – My normal advice, where supported through DPC extras (so NFC, QR, zero-touch, but not DPC identifier), is to enable system applications on COPE devices.

Organisations are providing a device provisioned for personal use, and as such the closer to stock it feels, the more familiar users will be with using it.

Most EMMs support the ad-hoc management of system applications, so there’s no reason bloatware can’t still be disabled, but things like system gallery, calculator, health apps and other OEM app suites being enabled should be harmless outside of the secure work profile.

Android 11+ – While there is still application management to a degree, the act of enabling or disabling system applications during provisioning is no longer supported.

Ask about this topic on the Android Enterprise help community.

Discuss this topic on the #AE channel of the Mobile Pros Slack community. Here's an invite.

Edit this page.

Docs

General

Fully managed

Work profile

COPE

Zero-touch

App management

Security

Provisioning

Android Enterprise Recommended

Account management

What’s the difference between allow adding accounts vs allow configure credentials?

FAQ

Device admin

Resources

Vendor specific

Hardware validation