A blacklist is an explicit listing of devices or apps that are not allowed. A whitelist is an explicit listing of devices or apps that are only allowed. This concept can be applied to registration to enable you to control which devices are allowed to enroll and which devices are not permitted to enroll.

For example, in a deployment of only corporate-owned devices, you can create a whitelist of approved iOS devices. You can base this list of devices by International Mobile Equipment Identity (IMEI), Serial Number, or Unique Device Identifier (UDID). This way, enrollment is restricted to only those devices you have identified and enrollment by employee personal devices can be prohibited.

In addition, if a device is lost or stolen, you can add its IMEI, Serial Number, or UDID information to a list of blacklisted devices. Blacklisting a device unenrolls the device, removes all MDM profiles, and prevents enrollment until you remove the blacklist.


You cannot blacklist Windows Phone devices by IMEI or UDID, as this functionality is currently not supported by Microsoft.