You Fired an Employee and Now You Can't Get Into the Business Tablet. Here Is What to Do.
Published by CarrierBridge Consulting | June 25, 2026
The conversation happened. The employee is gone. You collected their badge, their keys, and the company phone.
Then you tried to get into the phone and found yourself staring at a screen asking for an Apple ID password that you do not have.
The device is locked to your former employee's personal Apple ID. The business phone that the business paid for, that holds business contacts, business emails, and business applications, is now essentially a brick until you can resolve an account access issue with someone who has every reason not to help you.
This situation is more common than most business owners realize. And it is entirely preventable going forward.
Here is how to work through the immediate problem and how to make sure it never happens again.
Why This Happens
When an iPhone is set up, the first thing the setup process asks for is an Apple ID. Apple ID is the account that ties the device to iCloud, the App Store, Find My, and a range of security features including Activation Lock.
If an employee sets up a business phone using their personal Apple ID, that account becomes the primary credential for the device. When they leave, they take the account with them. Activation Lock, which is designed to prevent theft, now works against the business because the device is legitimately tied to an account the business does not control.
Most employees who do this are not doing it maliciously. They were handed a phone, told to set it up, and did exactly what the setup screen prompted them to do. Nobody told them to use a business Apple ID. Nobody created a business Apple ID for them to use. The process defaulted to the path of least resistance and the business is now dealing with the consequences.
The Immediate Troubleshooting Steps
Step one: Contact the former employee.
This is uncomfortable, especially if the separation was not amicable. But it is the fastest path to resolution. The former employee can sign out of their Apple ID on the device remotely by going to appleid.apple.com, selecting the device, and choosing to remove it from their account. Once they sign out, Activation Lock is released and the device can be reset and set up fresh.
If the relationship is civil, a straightforward message explaining that the device cannot be used until the Apple ID is removed is often sufficient. Most people will cooperate when the request is clear and non-confrontational.
Step two: If the former employee will not cooperate, contact Apple directly.
Apple has an Activation Lock bypass process for businesses and organizations that can demonstrate ownership of a device. This requires proof of purchase documentation showing the business purchased the device, the device serial number, and in some cases the original carrier account information.
The process is not instant. It involves submitting a request to Apple Support, providing documentation, and waiting for Apple to review and approve the bypass. Turnaround time varies. For a device that is actively needed, this can be a frustrating window of days to a week or more.
Apple's process is at apleid.apple.com/account/activation-lock and through Apple Business Manager if your business has an ABM account established. If you do not have Apple Business Manager, the support request goes through standard Apple Support channels.
Step three: If the device was enrolled in Apple Business Manager.
If your business uses Apple Business Manager and the device was enrolled in a Mobile Device Management system before it was issued, the MDM administrator can remotely wipe and re-enroll the device without needing the employee's Apple ID credentials. This is the clean, professional resolution that requires no cooperation from the former employee and no waiting on Apple Support.
If the device was not enrolled in MDM before it was issued, this option is not available retroactively. MDM enrollment needs to happen before the device reaches the end user.
What This Situation Is Actually Telling You
A locked device after an employee departure is a symptom of a larger problem. The business does not have a documented device provisioning process.
A provisioning process answers the following questions before a device is ever handed to an employee. What Apple ID should be used on business devices. What MDM platform manages the device. What applications should be installed. What security settings should be configured. What happens to the device when the employee leaves.
When those questions are answered before the phone is handed over, the situation described in the opening of this post cannot happen. The device is enrolled in a system the business controls. When the employee leaves, the device is remotely wiped and re-provisioned without drama.
When those questions are never asked, the business relies on each employee setting up their device however seems natural to them. Some will use a work email. Some will use a personal Apple ID. Some will install personal apps that complicate device retrieval. The policies that did not exist on day one become problems on the day the employee leaves.
How to Prevent This From Happening Again
Create a business Apple ID for every company device.
A business Apple ID uses a company email address and is owned and controlled by the business. It does not belong to any individual employee. When an employee leaves, the business changes the password on that Apple ID and the device is no longer tied to a person who is no longer with the company.
This takes about ten minutes to set up per device and eliminates the entire category of problem described in this post.
Consider Apple Business Manager.
Apple Business Manager is a free web-based portal that gives businesses centralized control over Apple devices. It integrates with MDM platforms to enable zero-touch enrollment, meaning devices can be configured automatically when they are first powered on without requiring manual setup. It also enables Activation Lock management at the organizational level, which means the business, not the employee, controls whether a device can be locked or unlocked.
For a business with five or more Apple devices, ABM is worth setting up. It requires an enrolled MDM platform alongside it, but the combination creates a device management infrastructure that scales cleanly as the team grows.
Document the offboarding process for devices.
Add device retrieval to your employee offboarding checklist. Before an employee's last day, the device should be signed out of personal accounts, checked for remote wipe capability, and returned with the passcode. This is a five-minute step that prevents a five-day headache.
What a Fractional Tech Manager Does So You Never Think About This
Here is the honest summary of how this situation happens. Nobody in the business owns the device management function. Phones get purchased, handed to employees, and then the business hopes for the best until something goes wrong.
A CarrierBridge Fractional Tech Manager owns that function on behalf of the business.
When a new employee joins and needs a device, the provisioning process is followed. The business Apple ID is set up. The device is enrolled in the correct account structure. The MDM configuration is applied if the business uses one. The employee gets a phone that is ready to use and that the business can recover, wipe, or manage remotely if the relationship ever ends.
When an employee leaves, device offboarding is part of the process. The device comes back. The accounts are secured. The device is wiped and ready for the next employee or returned for a trade-in credit.
The business owner does not deal with any of it. They do not spend a Thursday morning on Apple Support trying to unlock a phone that used to belong to someone who no longer works there.
They are told the device has been recovered and re-provisioned. That is the entire update.
If the Apple ID situation has happened to you and you want to make sure it cannot happen again, the conversation about a Fractional Tech Manager relationship is worth having.
Schedule a free 15-minute call
CarrierBridge Consulting is a carrier-agnostic telecom and technology advisory firm based in Philadelphia, PA. We represent businesses, not carriers.