General Per App Restriction - Needs Implementation

[thedeejay]

So there's been tons of talk about per app restriction over the years (not recently as much, but there still has been). I certainly know that I, for one, amongst others would like this. I've used a few tweaks in Cydia a few years ago where it would allow you to lock each app and with it requires a password (simple or complex).

I'm surprised Apple hasn't implemented it yet. Why? some people ask. Well it's an option for those who would want it.

I think I would actually prefer a simple method as opposed to the Cydia way and it would fit in well with the "Apple" method. How would it work?

Simple. Similar to current restrictions. You would Navigate to General > Settings > Restrictions. Input your pass code. You'd see apps, but instead of seeing limited options you should be able to see all your apps. And if you wanted to restrict a particular one, say Mail or iMessage, you can. I mean, this isn't too hard to implement and fits well with the 'simplicity' that Apple likes, as opposed to having different pass codes and what not.

What do you guys think?

 

[PNutts]

Why would I want to password protect some of my apps on my phone?

 

[Armen]

So there's been tons of talk about per app restriction over the years (not recently as much, but there still has been). I certainly know that I, for one, amongst others would like this. I've used a few tweaks in Cydia a few years ago where it would allow you to lock each app and with it requires a password (simple or complex).

I'm surprised Apple hasn't implemented it yet. Why? some people ask. Well it's an option for those who would want it.

I think I would actually prefer a simple method as opposed to the Cydia way and it would fit in well with the "Apple" method. How would it work?

Simple. Similar to current restrictions. You would Navigate to General > Settings > Restrictions. Input your pass code. You'd see apps, but instead of seeing limited options you should be able to see all your apps. And if you wanted to restrict a particular one, say Mail or iMessage, you can. I mean, this isn't too hard to implement and fits well with the 'simplicity' that Apple likes, as opposed to having different pass codes and what not.

What do you guys think?

The concept I understand, the approach is wrong. The "admin" user would suffer in the method you are proposing because you have to keep turning restrictions on/off every time you give your phone to someone to play with.

The correct way to implement this would be with a "Profiles" type feature in which you can define what apps or features are available per profile such as "Guest" or "child". Set it once and then just toggle between them.

The issue with this is that Apple is not a fan of profiles.

 

[Curun]

Don't see the point in adding more settings bloat. iPad/iPhone are single user devices. The one passcode unlock covers all apps already.

Other apps with sensitive data can implement such themselves... e.g. DropBox, 1Password, SkyDrive, Mint, etc.

 

[thedeejay]

Why would I want to password protect some of my apps on my phone?

Several reasons. Well, not necessarily phone as that's mainly a 1 person device (certain cases excluded). See for example this setting: My iPad has a lot of sensitive data in Mail (I work in the healthcare industry so patient profiles and such require you to abide by the privacy policy). Every time I have to give it to my GF or anyone in my family to play with, I have to log off mail. Not because I don't trust them, but sometimes incoming mail can have sensitive information that I can't share, things like that. Now if there was a restriction - I could just go in and add that in and voila. Mail is restricted as it would for other Apple apps under the restrictions menu.

Don't see the point in adding more settings bloat. iPad/iPhone are single user devices. The one passcode unlock covers all apps already.

Other apps with sensitive data can implement such themselves... e.g. DropBox, 1Password, SkyDrive, Mint, etc.

I don't think it's considered bloat. It's simply just having the same options available except the ability to restrict all my apps I have on my device except for the few were able to now.

----------

The concept I understand, the approach is wrong. The "admin" user would suffer in the method you are proposing because you have to keep turning restrictions on/off every time you give your phone to someone to play with.

The correct way to implement this would be with a "Profiles" type feature in which you can define what apps or features are available per profile such as "Guest" or "child". Set it once and then just toggle between them.

The issue with this is that Apple is not a fan of profiles.

I mean - I would rather have the option to do that as opposed to not being able to do it at all. I can see how "guest" or profiles can get confusing for the 'average' person.

 

[dcp10]

It's called iPhone not OurPhone. Simple philosophy really, Apple doesn't see them as a community device, they want to sell one to everyone.

 

[The Doctor11]

Why would I want to password protect some of my apps on my phone?

I can never understand why people want to lock apps on their locked iPhones. And if you don't have a lock on your phone get one. But I voted depends on how apple does it because if its done real well why not. Maybe your just really OCD and want to have a lock on your phone and some important apps. I would not use this feature.

 

[goobot]

I can never understand why people want to lock apps on their locked iPhones. And if you don't have a lock on your phone get one. But I voted depends on how apple does it because if its done real well why not. Maybe your just really OCD and want to have a lock on your phone and some important apps. I would not use this feature.

People do it because when they let someone use their phone they don't want them digging around where they shouldn't.

 

[thedeejay]

I can never understand why people want to lock apps on their locked iPhones. And if you don't have a lock on your phone get one. But I voted depends on how apple does it because if its done real well why not. Maybe your just really OCD and want to have a lock on your phone and some important apps. I would not use this feature.

That's what I'm trying to say. It shouldn't really be a "feature". It should just be a simple addition of all apps that our phone has which should let us toggle which app we want restricted. As another user suggested maybe a better implementation but regardless something as simple as that. And again it's not for everyone, but that's ok because when you need it. It's there.

People do it because when they let someone use their phone they don't want them digging around where they shouldn't.

Exactly. That's definitely one good reason. Also - if you use your iPad for work, why shouldn't I be able to restrict X apps when an employee is using it or even a friend.

 

[Curun]

Exactly. That's definitely one good reason. Also - if you use your iPad for work, why shouldn't I be able to restrict X apps when an employee is using it or even a friend.

They are designed as 'personal' devices.

Do you hand off your wallet to others?

Sounds like you need a Windows PC with profiles. Better for the office.

 

[Statusnone88]

Someone wants to hide their text messages and camera roll from their wife/girlfriend/mom.


The 3rd option probably being the most likely. How do I know this? I went to SU. Oh and not Stanford University... Subway University.

 

[The Doctor11]

People do it because when they let someone use their phone they don't want them digging around where they shouldn't.

Thats what Guided Access is for.

 

[Armen]

Several reasons. Well, not necessarily phone as that's mainly a 1 person device (certain cases excluded). See for example this setting: My iPad has a lot of sensitive data in Mail (I work in the healthcare industry so patient profiles and such require you to abide by the privacy policy). Every time I have to give it to my GF or anyone in my family to play with, I have to log off mail. Not because I don't trust them, but sometimes incoming mail can have sensitive information that I can't share, things like that. Now if there was a restriction - I could just go in and add that in and voila. Mail is restricted as it would for other Apple apps under the restrictions menu.







I don't think it's considered bloat. It's simply just having the same options available except the ability to restrict all my apps I have on my device except for the few were able to now.



----------







I mean - I would rather have the option to do that as opposed to not being able to do it at all. I can see how "guest" or profiles can get confusing for the 'average' person.

Like setting a per app restriction isn't confusing?

 

[thedeejay]

Someone wants to hide their text messages and camera roll from their wife/girlfriend/mom.


The 3rd option probably being the most likely. How do I know this? I went to SU. Oh and not Stanford University... Subway University.

Mom could careless what I have and wouldn't get away with a simple in-app restriction considering I live with her.

Like setting a per app restriction isn't confusing?

No it's not. I think it's being over thought. Bad photoshop job, but something like this. Just turn "off" whichever one you don't want. Look:

 

[Armen]

So you toggle all those apps every time someone wants to use your phone? Personally the lock screen pass code already bugs me let alone putting in a pas code for every app

 

[PNutts]

Several reasons. Well, not necessarily phone as that's mainly a 1 person device (certain cases excluded). See for example this setting: My iPad has a lot of sensitive data in Mail (I work in the healthcare industry so patient profiles and such require you to abide by the privacy policy). Every time I have to give it to my GF or anyone in my family to play with, I have to log off mail. Not because I don't trust them, but sometimes incoming mail can have sensitive information that I can't share, things like that. Now if there was a restriction - I could just go in and add that in and voila. Mail is restricted as it would for other Apple apps under the restrictions menu.

Gotcha. This is off topic but for awhile I used a third party app which had it's own passcode. Corporate policy would force that to be a strong password and I could still use a simple four digit passcode on the phone.

 

[Curun]

Several reasons. Well, not necessarily phone as that's mainly a 1 person device (certain cases excluded). See for example this setting: My iPad has a lot of sensitive data in Mail (I work in the healthcare industry so patient profiles and such require you to abide by the privacy policy). Every time I have to give it to my GF or anyone in my family to play with, I have to log off mail. Not because I don't trust them, but sometimes incoming mail can have sensitive information that I can't share, things like that. Now if there was a restriction - I could just go in and add that in and voila. Mail is restricted as it would for other Apple apps under the restrictions menu.

I don't mix work email and personal email in the Apple Mail.app. Recipe for disaster.

I use Mail+ or get one of many other independent exchange mail apps. Get the Outlook OWA app direct from microsoft.

 

[maflynn]

I fail to see the advantages, and on the flip side it seems to make things overly complex. Why make it more confusing for little to know tangible benefit.

----------

Several reasons. Well, not necessarily phone as that's mainly a 1 person device (certain cases excluded). See for example this setting: My iPad has a lot of sensitive data in Mail (I work in the healthcare industry so patient profiles and such require you to abide by the privacy policy). Every time I have to give it to my GF or anyone in my family to play with, I have to log off mail. Not because I don't trust them, but sometimes incoming mail can have sensitive information that I can't share, things like that. Now if there was a restriction - I could just go in and add that in and voila. Mail is restricted as it would for other Apple apps under the restrictions menu.

Wouldn't your company have procedures to prohibit personal apps/data on their iPad and/or not mixing business and pleasure?

Seems like an issue with policy then with the operating system to me.

 

[John T]

Wouldn't your company have procedures to prohibit personal apps/data on their iPad and/or not mixing business and pleasure?

Seems like an issue with policy then with the operating system to me.

I agree entirely. My daughter is an educational psychologist and obviously has much sensitive information on her iPad. She therefore has one iPad for work and one for recreational use. Simple really.

 

[The Doctor11]

Several reasons. Well, not necessarily phone as that's mainly a 1 person device (certain cases excluded). See for example this setting: My iPad has a lot of sensitive data in Mail (I work in the healthcare industry so patient profiles and such require you to abide by the privacy policy). Every time I have to give it to my GF or anyone in my family to play with, I have to log off mail. Not because I don't trust them, but sometimes incoming mail can have sensitive information that I can't share, things like that. Now if there was a restriction - I could just go in and add that in and voila. Mail is restricted as it would for other Apple apps under the restrictions menu.

You could turn off the notifications or turn on do not disturbe.

----------

I agree entirely. My daughter is an educational psychologist and obviously has much sensitive information on her iPad. She therefore has one iPad for work and one for recreational use. Simple really.

Unless you like to save money. And apple makes the iPad a work and play device.

 

[charlituna]

Why would I want to password protect some of my apps on my phone?

Not password protect exactly but turn them off in a sense.

----------

The correct way to implement this would be with a "Profiles" type feature in which you can define what apps or features are available per profile such as "Guest" or "child". Set it once and then just toggle between them.

The issue with this is that Apple is not a fan of profiles.

This was the idea that my cousin had proposed on her blog last year. She had a whole set of ideas. She told me she's reworking it to post shortly on some new blog she's working with (which is why she asked me to remove my signature link). I'm sure this is still on her wish list.

 

[thedeejay]

I fail to see the advantages, and on the flip side it seems to make things overly complex. Why make it more confusing for little to know tangible benefit.

----------


Wouldn't your company have procedures to prohibit personal apps/data on their iPad and/or not mixing business and pleasure?

Seems like an issue with policy then with the operating system to me.

But that's what I don't understand. How is it all of a sudden confusing. It's not a new method. It's simply just using the current apple interface (I did a mock above) to turn off the apps you don't want to be seen. Exactly like how it is when you don't want a certain App to use Cellular Data. Simply input pass code and voila.

As for work - Yes that's correct. Employee's aren't allowed to take home data. Plus it's protected so as soon as you drag the file off the hard drive or off the work computer all the values are unreadable. It blocks all patient names with ID #'s which makes it useless for the "attacker". Which at that point is of no use. There are multiple departments that allow 5-8 people out of a team of 50 to have access to very basic information for certain purposes. For example - I'm part of a multidisciplinary team that deals with patients who undergo weight loss treatment prior to bariatric surgery hence they require me to have access to my email incase something important comes up. Eg. Hey we can't contact patient X for a follow-up or Patient Y had an adverse event. Things that are important for me to know so when I go into work either the next day or after the weekend I can deal with it appropriately or pass the message on to whosoever. Of course I don't have access to all the info available at work but it is still sensitive information.

I mean as one user suggested maybe add a profile. I'm thinking all it would need is "Turn on Mail under restrictions" and It's done. No worries to whoever uses my device. It's mostly iPad not iPhone. iPhone I agree is an individual device so it may be pointless - even iPad is targeted to be an individual device but not all families or work places are able to afford one device per individual/employee so often people have to share or use their own personal device for work (my case).

Anyways it's just my 2 cents. A rare case but options may be useful just incase anyone else needed it. Then they have the option to if they wanted.

 

[I7guy]

I fail to see the advantages, and on the flip side it seems to make things overly complex. Why make it more confusing for little to know tangible benefit.

----------


Wouldn't your company have procedures to prohibit personal apps/data on their iPad and/or not mixing business and pleasure?

Seems like an issue with policy then with the operating system to me.

Not at all. Like others I have sensitive information on my idevice. Said idevice is used for both personal and business with mailboxes containing both personal and business accounts. Documents are encrypted and protected. If you happen to grab the idevice out of my hand when it is unlocked, I can get it locked/erase in the blink of an eye and you would have to enter the right credentials to get to the protected stuff.

Owner is responsible for idevice in the same way as a physical piece of paper. Nobody else other than spouse uses my idevice. An idevice is a personal device, not meant to be shared with those who have no need to see sensitive and/or confidential information.

 

[PNutts]

Wouldn't your company have procedures to prohibit personal apps/data on their iPad and/or not mixing business and pleasure?

Seems like an issue with policy then with the operating system to me.

BYOD makes the entire device trusted or a sandbox portion of it. Especially with the new MDM solutions. Where I work they identify and don't allow JB devices.

Note: I initially typed BYOB. That's a corporate policy I'm on board with!

 

[throys]

Definitely would love this for 1 I have two young children and they both need to go on the iPad or phone for educational apps reason. I had to jailbreak so I can just us me biotouch on the iPhone 5s which I believe apple should look at and applock on the iPad.
These days there are too much sensitive stuff and also vile stuff on the net bad I have to do my best not to expose them either indirectly not doing my parent duties and protect them going on these small computers