People Twitter
People tweeting stuff. We allow tweets from anyone.
RULES:
- Mark NSFW content.
- No doxxing people.
- Must be a tweet or similar
- No bullying or international politcs
- Be excellent to each other.
I’ve been using Google’s native MDM. I can’t do any of those on a personal device. The only thing I can do with a personal phone used for work is wipe the android for a work profile off of it. If you’re using a company device, I cannot do any of that. The only thing I can do is wipe the entire phone and that’s it.
100%
I used to do MDM at my last company. The post here is very misinformed on how it works.
All companies can do is wipe your phone and configure settings. They cannot read what's on the phone, except for the stuff in the work profile and even then it's limited.
I have a corporate phone with a personal and work profile set up and have no issues browsing porn. That's how confident I am.
The only risk is if you're on a regular cellular network, your company could ask the mobile network to send the sites you visit. But if you're VPNing or on your home wifi, that won't tell them much.
How does Android protect against this?
Also can you have different profiles for this? Would that require two SIM slots? I don't play around with profiles so I have no idea.
I don't have an exhaustive understanding of how it works and limits data, but on my android, it essentially has two partitions, one for personal and one for work. They do not share data. In order to take and share a photo on my work Teams chat, it has to be taken either from within teams or with the camera app on the work partition. It cannot access my personal gallery. I have Teams on my personal partition from an old job that I still help out from time to time, and the same exact Teams app installed on my work partition. They are not connected in any way. The only thing that doesn't require me to put in a pin to access on my work parition are the notifications.
Most of the limitations I experience from my side are in my own access to work resources. I can't say with confidence that those same limitations go both ways. But it does seem like that is probably the case.
Within the Intune MDM space, a separate partition is created on the device that essentially isolates work apps/data from personal apps/data. I, as a sys admin, have control over the "work" space, but no control over the personal side of things.
We don't have a very heavy handed approach to monitoring usage etc for mobile devices or even laptops and this has been the case with most of my previous jobs.
That said, I'm sure there are IT departments out there with a ton of staff and a big budget that can and will get quite granular with what you are doing on your devices (keylogging, etc)
Since when are companies installing MDM on peoples personal devices?
It is usually just for corporate devices, where you shouldn't leave any personal data on.
This is the employer working around having to purchase and maintain a phone inventory for employees.
While we're on the topic, this also applies to laptop/desktop hardware for the work-from-home crowd.
In general it's a bad idea to use personal devices for work. Companies that don't give you a choice are being cheap and disrespecting of privacy at best, and want to spy into your personal life at worst. It's also really, really, really bad IT security for everyone involved.
TL;DR - never use company devices for personal materials. Create a separate, independent email strictly for work or your company email for all company devices, not your personal one.
I have a mobile device required for work, and my personal device.
No personal stuff goes on the work device. Photos, apps, logins, messaging, whatever. Zero. However, many of my colleagues use the device like, “Free mobile device, bro!” and load it up with everything they have on their personal device.
That is a horrible idea. The company device has its own cybersecurity app installed and managed by company servers that sees everything on your device, and should your device be used for something it shouldn’t, they don’t even have to take it from you to know what you did. They know when you did it, too. Watching movies or texting while driving? Reading a book or using social media while monitoring a system? If you crash the company car, or the system goes TU and they see you were fucking around with the company device instead of doing your job, you’re fucked. They see it all, it’s all regularly scanned, uploaded, screened, whatever. They just don’t bother to look unless they need to. Already had a couple people fired for illegal material on their devices.