Detecting sideloaded apps on 

iOS

 devices

Sideloaded apps represent a potential security threat because they don’t follow the same restrictions or protections as apps distributed through the 

App Store

 or deployed internally from 

UEM

.

The 

UEM

 server, the 

UEM Client

 and 

BlackBerry Work

 can detect the presence of sideloaded apps on users’ 

iOS

 devices. The 

UEM

 server can detect sideloaded apps on devices with the MDM controls activation type. The 

UEM Client

 and 

BlackBerry Work

 can detect sideloaded apps on devices with any activation type.

For devices with the MDM controls activation type, when you use the management console to view details about the apps installed on the user’s device, a new Source column indicates whether the app was installed from the 

App Store

, TestFlight (for beta apps), or 

UEM

, or if the app was sideloaded.

When a sideloaded app is detected, 

UEM

 considers the device to be out of compliance. You can configure and assign a compliance profile to users so that 

UEM

 can take an appropriate management action when a sideloaded app is detected. For example, you can prevent 

BlackBerry Dynamics

 apps from running on the device until the sideloaded app is removed and the device returns to compliance.

Apps that you upload to the management console and add to the app list are approved automatically (regardless of whether you have deployed the app from 

UEM

) and do not cause compliance violations.