Shared Device/Multi-User Device functionality in Workspace ONE UEM powered by AirWatch ensures that security and authentication are in place for every unique end user. Shared devices can also allow only specific end users to access sensitive information.

Issuing a device to every employee in certain organizations can be expensive. Workspace ONE UEM powered by AirWatch lets you share a mobile device among end users in two ways: using a single fixed configuration for all end users, or using a unique configuration setting for individual end users.

When administering shared devices, you must first provision the devices with applicable settings and restrictions before deploying them to end users. Once deployed, Workspace ONE UEM uses a simple login or log-out process for shared devices in which end users simply enter their directory services or dedicated credentials to log in. The end-user role determines their level of access to corporate resources such as content, features, and applications. This role ensures the automatic configuration of features and resources that are available after the user logs in.

The login or log-out functions are self-contained within the Workspace ONE Intelligent Hub. Self-containment ensures that the enrollment status is never affected, and that the device is managed whether it is in use or not.

Shared Device capabilities are also possible natively on Apple iPads integrated with Apple Business Manager. This functionality called Shared iPads for Business leverages the user's Managed Apple ID for login and does not take place in the Workspace ONE Intelligent Hub for login and logout. To know more about configuring Shared iPads for Business with Apple Business Manager and steps to achieve this functionality, see Shared iPads for Business in Introduction to Apple Business Manager Guide available on docs.vmware.com.

Shared Devices Capabilities

There are basic capabilities surrounding the functionality and security of devices that are shared across multiple users. These capabilities offer compelling reasons to consider shared devices as a cost-effective solution to making the most of enterprise mobility.

Functionality

  • Personalize each end-user experience without losing corporate settings.
  • Logging in a device configures it with corporate access and specific settings, applications, and content based on the end-user role and organization group (OG).
  • Allow for a log in/log out process that is self-contained in the Workspace ONE Intelligent Hub or Workspace ONE Access.
  • After the end user logs out of the device, the configuration settings of that session are wiped. The device is then ready for login by another end user.

Security

  • Provision devices with the shared device settings before providing devices to end users.
  • Log in and log out devices without affecting an enrollment in Workspace ONE UEM.
  • Authenticate end users during a login with directory services or dedicated Workspace ONE UEM credentials.
  • Authenticate end users using Workspace ONE Access.
  • Manage devices even when a device is not logged in.

Platforms That Support Shared Devices

The following devices support shared device/multi-user device functionality.

  • Android 4.3 or later
  • iOS devices with Workspace ONE Intelligent Hub 4.2 or later.
    • For details about logging in and out of shared iOS devices, see the topic Log In and Log Out of Shared iOS Devices in the iOS Platform Guide, available on docs.vmware.com.
  • MacOS devices with Workspace ONE Intelligent Hub 2.1 or later.