More ways to prevent data exfiltration on iOS devices

What’s changing 

In 2020, we released several data exfiltration protections for iOS devices. Today, we’re announcing the next set of enhancements for data exfiltration protections for iOS. We’re expanding these security controls to give admins more ways to protect sensitive company data on iOS devices. 

Admins can now turn the following actions on or off for Google Workspace data: 
  • Copying Google Workspace files and data to personal apps 
  • Sharing Google Workspace data to personal accounts via AirDrop and the iOS share sheet 
  • Air Printing Google Workspace files 
  • Saving Google Workspace items to files with the iOS share sheet 
  • Saving Google Workspace images/videos to iOS photos 
  • Assigning items from Google Workspace to Contacts with the iOS share sheet. 

Who’s impacted 

Admins and end users 

Why it’s important 

This is the next step in ensuring we continue to enhance data protections for Google workspace data and how that information is stored, shared, and used across the iOS devices within your organization. Similar protections are already available on Android devices through Work Profiles

Getting started 

  • Admins: These settings can also apply to any OU level throughout the organization, to scale your policy settings to any iOS mobile device within your organization. These settings can be configured in the Admin console under Devices > Mobile and endpoints > iOS settings > Data Sharing. Visit the Help Center to learn more about data protection on iOS devices

  • End users: There is no end-user setting for this feature. Restricted actions are not shown or except for “Save to files”, in which case a dialog pops up notifying the user that this action is restricted. 

Rollout pace


  • Available to Google Workspace Enterprise Standard, Enterprise Plus, Enterprise for Education, and Cloud Identity Premium customers.