ASD's Blueprint for Secure Cloud

Securing iOS applications

This section describes the design decisions associated with securing applications on iOS endpoints configured according to guidance in ASD's Blueprint for Secure Cloud.

Estimated reading time: 2 minutes

Mobile Application Management (MAM) in Intune enables configuration of managed applications within an iOS device. Managed applications enclose organisation applications within an application bubble. This bubble prevents accidental data spillage by preventing cutting and pasting, as well as enabling data sharing within the application bubble.

MAM provides the capability to configure iOS device applications. These configurations include:

  • Managed Applications – List of organisation business applications.
  • Managed Application configuration – Configure and secure managed application configuration within the device. These configurations enable and isolate managed applications to reside next to unmanaged applications.
  • Per-app VPN - Secure communication between applications on devices, and the Office 365 tenant. This will require the organisations VPN device setup to accept communication from the VPN connection from managed apps.

Security & Governance




  • None identified

Do you have a suggestion on how the above page could be improved? Get in touch! ASD's Blueprint for Secure Cloud is an open source project, and we would love to get your input. Submit an issue on our GitHub, or send us an email at

Acknowledgement of Country icon

Acknowledgement of Country
We acknowledge the Traditional Owners and Custodians of Country throughout Australia and their continuing connections to land, sea and communities. We pay our respects to them, their cultures and their Elders; past, present and emerging. We also recognise Australia's First Peoples' enduring contribution to Australia's national security.

Authorised by the Australian Government, Canberra