My school is currently closed and we have loaned out a batch of Lenovo Android tablets, that I felt confident were sufficiently locked down to prevent the children installing their own apps on them.
I was, of course, proven wrong within a week. I have a small number of devices that have had games installed by the pupils. The first step will be the relevant staff following up with families, regarding signed agreements etc.
However, I am curious about what I have got wrong, so that I can learn from it. The devices were enrolled in Meraki using EMM. At first boot, in the email address box we entered something like 'eem@meraki' or similar. Then they have had the settings attached applied. During my testing, the end users couldn't download apps using the Play Store. I'm thinking that either:
* They have removed some of the settings / management profiles (I think less likely as they are listed in Meraki as being installed.
* They have downloaded .apk files from a website
(Only settings I didn't screenshot was the wallpaper.)
What have I done wrong? What have I missed?
