Microsoft has told all its employees in China that they will soon only be allowed to use iPhones for work purposes. The ban on Android devices is part of a security-related Microsoft initiative for providing a unified way of managing and verifying employee identities.

The mandate, set to come into effect in September 2024, was announced in an internal memo seen by Bloomberg News. It will require Microsoft’s China-based workers to verify their identities when logging in to work computers or phones. The change is part of Microsoft’s global Secure Future Initiative that is intended, among other things, to ensure that all staff use the Microsoft Authenticator password manager and Identity Pass app.

While Apple’s iOS store is available in China, Google Play isn’t. Local smartphone giants such as Huawei and Xiaomi operate their own platforms in the country, but Microsoft has chosen to block access from those companies’ devices to its corporate resources because they lack Google’s mobile services, reads the memo.

Any staff in the country using Android handsets, including those from Huawei or Xiaomi, will be provided with an iPhone 15, as a one-time purchase. The Redmond giant is designating collection points across China where employees can pick up their iPhones.

Microsoft is also introducing the iPhones-only rule in Hong Kong, despite the Google Play Store being available in the special administrative region of China.

  • TaviRider@reddthat.com
    link
    fedilink
    English
    arrow-up
    6
    ·
    5 months ago

    Yes, device management systems can push apps directly to devices, but the devices have to be managed first. So I think it probably is about the lack of Google Play.

    One of the hardest parts of managing devices is getting them enrolled in device management in the first place. Microsoft uses the Microsoft Authenticator app to authenticate users as part of the enrollment process, so they know which employee is using the device and how to configure it. They need a reliable app store to distribute that app, and they need to do it before the device is managed. So usually they rely on Google Play.