Ah, yeah. I can see why they’re not interested in touching that market with a 10ft pole.

It’d make them tons of money but it would drain their soul.

That's a shame. I can see a zillion possibilities for this if it played nicely with InTune.

Funny, all I see is an authentication prompt every 17 minutes because Azure AD can't get its shit together.

The point is that you can't do this with notebooks though, seems silly to want to do this here, with maybe the exception of blocking sync services you can't monitor. Which is totally possible with a bit of competence.

Though is, 'you also cannot do this with a real notebook' valid argument? Neither can you upload pdf's to a real notebook or do all the other stuff that makes this device not just a ... regular notebook.

Exactly. A paper notebook might not have those security features, but it’s also a lot harder to end up with reams of confidential info in a paper notebook in the blink of an eye, on a whim; or to transmit that data to arbitrary third parties. There’s a “proportionality” argument between features and security.

Right, but if I wanted a notebook I'd buy a notebook. What I want is a tablet for taking notes, which has a different security profile.

> We want to be able to restrict what gets synced to where. (eg, not dropbox or box or google etc)

Can't that kind of "strong security measure that is absolutely critical to our business" be circumvented with one single bash command that takes data from the "totally OK with our super strong MDM rules service" and copies it to the "absolutely forbidden by our MDM so surely no one is using it service" ?