New iOS Device Management Settings in Google Endpoint Management

Take control of your iOS fleet with expanded native MDM settings in the Google Admin console. Learn how to secure your corporate data effectively.

calendar_today 04 Jun 2026 update Updated: 05 Jun 2026 person Cloud Captains Team visibility 45 views schedule 3 min read

Managing mobile devices in a modern enterprise environment requires a delicate balance between security and productivity. With the latest expansion of native Apple Mobile Device Management (MDM) settings within Google Endpoint Management, Google is empowering administrators with deeper, more granular control over iOS devices. This update represents a significant leap forward for organizations looking to streamline their device lifecycle management.

MDM settings IOS

What Is It?

Google has introduced a comprehensive set of new configuration options directly within the Google Workspace Admin console. These settings cover a wide array of categories, including App Management, Safari security, Data Sharing, and system-level device features like eSIM and RCS messaging. By integrating these controls natively, Google simplifies the administration of both corporate-owned and BYOD (Bring Your Own Device) iPhones.

What Is the Impact?

info

The impact of these settings on organizational security is profound. By centralizing management, IT teams can enforce strict security policies without the overhead of managing third-party MDM solutions. This reduces the attack surface by allowing admins to restrict risky behaviors, such as installing apps from unverified marketplaces or disabling sensitive data-sharing features.

Beyond security, this update significantly improves operational efficiency. Administrators can now manage device behaviors—from locking specific apps to configuring Safari private browsing—all from the familiar Google Admin interface. This eliminates the need for context-switching and speeds up the deployment of security policies across the entire organization.

Finally, this update ensures better compliance with internal and external data protection mandates. With options to manage iCloud sync and backup behaviors, as well as device-level security features like fingerprint authentication, organizations can confidently support a mobile workforce while ensuring that corporate data remains protected and isolated from personal usage.

Who Is It For?

This update is designed for organizations leveraging Google Workspace and Google Endpoint Management to secure their mobile infrastructure. It is particularly beneficial for:

check_circleIT departments seeking to consolidate their device management stack.
check_circleSecurity teams requiring granular control over iOS device features.
check_circleOrganizations managing a diverse mix of company-issued and personal mobile devices.

settingsEnhanced Control

Take command of device features ranging from Safari privacy settings to advanced eSIM configurations.

When Will It Roll Out?

Starting June 4, 2026, these features will begin a gradual rollout. Whether your domain is on the Rapid Release or Scheduled Release track, expect to see these new settings appear in your Admin console within 15 days of the start date.

What Should You Do?

To leverage these new capabilities effectively, follow these steps to integrate them into your existing workflow:

Step 1: Access the settings

Navigate to

Devicesarrow_forward_iosMobile & endpointsarrow_forward_iosSettingsarrow_forward_iosiOS

in your Google Admin console.

Step 2: Review new categories

Carefully examine the new configuration options, specifically focusing on App and Services, Safari, and Data Sharing categories.

Step 3: Pilot the policies

Test the new restrictions on a subset of devices or a pilot group to ensure that the user experience remains seamless before a full-scale rollout.

Step 4: Update your documentation

Update your internal IT policies and employee handbooks to reflect any new security requirements or device restrictions.

Background & Context

The trend toward deep, native MDM integration within Google Workspace highlights Google's commitment to providing a unified "single pane of glass" for IT management. By continually expanding its native support for Apple's management framework, Google is helping businesses avoid the complexity and cost of secondary MDM platforms. As mobile devices continue to be the primary gateway for corporate data, these granular controls are no longer just 'nice to have'—they are essential for maintaining a modern, resilient security posture.

Frequently Asked Questions

Are these new settings available for all Google Workspace editions? expand_more

These features are available to all organizations that utilize Google Endpoint Management within their Google Workspace plan. Please ensure that your account is correctly configured to use advanced mobile management features.

Do I need to remove my current third-party MDM solution? expand_more

You don't necessarily have to remove existing tools immediately, but many organizations find they can consolidate by switching to Google's native capabilities. We recommend auditing your current requirements against the new native feature set to see if a migration makes sense.

Do these settings work on personal (BYOD) devices? expand_more

Yes, these settings are designed to support both corporate-owned and BYOD (Bring Your Own Device) setups. You can define specific policies within the Admin console to ensure security on personal devices without overreaching into private data.

What is the difference between Rapid Release and Scheduled Release for this rollout? expand_more

Rapid Release domains typically receive feature updates faster than those on the Scheduled Release track. While this specific rollout spans 15 days for both, Rapid Release users are generally the first to see the new settings in their console.

Can I block specific apps using these new settings? expand_more

Yes, the new 'Apps and Services' category allows administrators to restrict app installations from alternative marketplaces and even hide or lock specific applications, helping you maintain a secure and compliant app environment.

When will I see the new options in my Google Admin console? expand_more

The rollout begins on June 4, 2026. Because it is a gradual process taking up to 15 days, you may not see the options immediately on the first day, but they will appear shortly as the update propagates to all domains.

Where can I find more technical documentation on these settings? expand_more

Google provides detailed technical documentation within the Google Workspace Admin Help Center. You can find specific guides for each category to help you configure these settings according to your organization's security policies.