Feature Control (macOS)

For security-conscious organizations and environments where privacy and information security concerns require controlling the unauthorized transfer of mobile data from mobile devices, SOTI MobiControl provides diverse on-device restrictions. Restrictions include the capability to block various device communications, similar to firewall functionality. Configure feature control when:

With the Feature Control profile configuration, you may turn off device features selectively. Applying the configuration at the individual or group level creates custom profiles for different users and locations in an organization. For example, turning Bluetooth and infrared ports on or off determines if device users can beam business cards, applications, or documents to one another.

Device Functionality

Lock Desktop Picture The user cannot change the desktop picture selection. Enter the file path to the desktop picture. Leave the path blank to use the current desktop picture collection.
Allow Use of a Built-in Camera The user can use the built-in camera.
Note: When turned off, no applications, native or enterprise, can access the camera.
Allow iCloud Documents and Data Documents and key values can sync to iCloud.
Allow Use of iCloud Password for Local Accounts Users can use the iCloud password to sign in to the local account.
Allow Back to My Mac iCloud Service Users can use the macOS Back to My Mac iCloud service.
Allow Find My Mac iCloud Service Users can use the macOS Find My Mac iCloud service.
Allow iCloud Bookmark Sync Users can use the macOS iCloud Bookmark sync.
Allow iCloud Mail Services Users can use the macOS iCloud Mail services.
Allow iCloud Calendar Services Users can use the macOS iCloud Calendar services.
Allow iCloud Reminder Services Users can use the iCloud Reminder services.
Allow iCloud Address Book Services Users can use the macOS iCloud Address Book services.
Allow iCloud Notes Services Users can use the macOS iCloud Notes services.
Allow iCloud Keychain Sync Users can use iCloud keychain synchronization.
Allow Spotlight Internet Search Suggestions Spotlight internet search suggestions appear in Spotlight searches.
Allow USB Restricted Mode

The device can connect to new USB accessories only after device user authorization.

Note: Requires supervision and macOS 13 or later.
Allow Only Configured Widgets Users can choose which widgets to enable.

Applications

Allow Game Center

Users can use the Game Center app.

Note: If turned off, the Game Center app deletes from the home screen.
Allow Addition of Game Center Friends Users can add friends to Game Center.
Allow Multiplayer Gaming Users can play multiplayer games in Game Center.
Allow Account Modifications Users can change their account in Game Center.
Allow Safari Autofill The browser can use autofill to complete forms displayed on websites.
Allow App Store App Adoption Users can adopt apps that come free with their Mac.
Require Admin Password to Install or Update Apps Installing or updating apps requires the admin password.
Allow App Store to Software Updates Only The Mac App Store is in update-only mode.
Allow Apple Music Users can access Apple Music.
Allow Only Selected Applications Applications from the provided list and Specify Whitelist/Blacklist path can allow/disallow launching applications.
Delay Availability of Software Updates Available software updates do not appear to the device user for a specified number of days, up to a maximum of 90 days. The default value is 30 days.
Note: Requires macOS 10.13.4 and later.
Delay Availability of Non-OS Software Updates Available non-OS software updates do not appear to the device user for a specified number of days, up to a maximum of 90 days. The default value is 30 days.
Note: Requires macOS 11 and later.
Delay Availability of Major OS Software Upgrades Available major OS software upgrades do not appear to the device user for a specified number of days, up to a maximum of 90 days. The default value is 30 days.
Note: Requires macOS 11.13 and later.

Media Content

Allow AirDrop Network Access The user can access the AirDrop network.
Allow Internal Media Access The user can mount internal media.
Allow External Media Access The user can mount external media.
Allow Disk Image The user can mount a disk image.
Allow DVD RAM The user can mount the DVD RAM.
Allow CDs The user can mount CDs.
Allow DVDs The user can mount DVDs.
Allow Recordable Disk The user can mount a recordable disk.
Eject Volume on Logout Removable media eject at logout.
Allow Sharing Services Enable sharing services, and select the services to share.