Restrictions Payload

Payload that enforces policies and restrictions on device capabilities (e.g., camera, App Store, iCloud, USB accessories). Can be layered additively.

What to Know

Restrictions payloads provide granular control over device functionality, allowing organizations to enforce security policies, prevent data leakage, ensure compliance, and create focused user experiences. By disabling unnecessary features, IT reduces attack surface area, prevents shadow IT, and ensures devices are configured appropriately for their intended purpose. Restrictions are essential for creating compliant, secure, and purpose-built devices across diverse use cases.

Without restrictions, users can install unapproved software, share corporate data through personal cloud services, use cameras in secure facilities, or access entertainment features during work hours. Many compliance frameworks require documented technical controls that prevent users from bypassing security policies, which restrictions payloads directly enable.

Common Scenarios

Enterprise IT: Disabling iCloud backup to prevent corporate data from leaving managed environments, blocking camera usage in secure facilities, preventing users from removing MDM profiles, and restricting App Store access to only company-approved applications. IT tailors restrictions based on user roles and device purposes.

MSP: Implementing client-specific restriction policies that align with industry regulations and corporate policies. MSPs document restriction configurations for compliance audits and adjust policies as client requirements evolve or new threats emerge.

Education: Creating focused learning environments by disabling gaming features, restricting app installations, preventing students from removing profiles, and blocking inappropriate content. Schools often implement age-appropriate restrictions that vary between elementary, middle, and high school devices.

In Addigy

Addigy organizes restriction options into logical categories including App Store controls, iCloud restrictions, device functionality, and content filtering. Addigy clearly indicates which restrictions require supervision and provides descriptions for each setting to prevent misconfiguration. Admins can clone and modify restriction profiles for different user groups or device types.

When viewing restriction profiles in Addigy, admins see a summary of enabled restrictions and can preview how settings will affect end users. Addigy validates restriction combinations to prevent conflicts and warns when restrictions might interfere with other deployed policies or required functionality.