• Kit@lemmy.blahaj.zone
    link
    fedilink
    English
    arrow-up
    47
    arrow-down
    1
    ·
    4 months ago

    No modern MDM solution allows a company to access your personal data on BYOD. That’s why containerization of work profiles exist. Anything else would be a massive privacy scandal.

    Company-owned devices, though, do have that level of access when MDM enrolled.

    • brax@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      25
      ·
      4 months ago

      Intune installs as a device adminstration. I’m not sure how much I’d trust that on my personal device period.

      • BarbecueCowboy@lemmy.world
        link
        fedilink
        English
        arrow-up
        15
        ·
        4 months ago

        That’s a fair point. Microsoft says that they don’t… but, not that they can’t. It’s especially tricky on iOS.

      • corsicanguppy@lemmy.ca
        link
        fedilink
        English
        arrow-up
        5
        ·
        4 months ago

        They can say what they like.

        VERY few companies have been sued for being as big a bunch of lying dinks as Microsoft has.

        We need to learn from this shit. Ads on login screens? Privacy issues? Solarwinds sploit letting Russian hackers get to the windows source? How many more red flags are our security groups going to ignore?

        • tinkling4938@lemmynsfw.com
          link
          fedilink
          English
          arrow-up
          4
          ·
          4 months ago

          Good luck if you run a de-googled ROM. I can’t install sandboxed Google Play Services inside the profile because its not approved. I could try and sideload it in, but I’d rather just go without.

        • brax@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          2
          ·
          4 months ago

          This implies that the company has a competent IT team that rolls it out correctly, and that there won’t be some way to exploit it and dig in further than expected.

          Also:

          On personal devices, it’s normal and expected for users to check email, join meetings, update files, and more. Many organizations allow personal devices to access organization resources.

          (From the site)

          Lmao WHAT? It’s normal for users to do company shit on their personal phone? What kind of delusional Spongebob bullshit is that? Is the company gonna pay for data or subsidize the cost of my phone? Are they going to pay me to be on call if they expect me to of this shit outside of my working hours?

    • Potatos_are_not_friends@lemmy.world
      link
      fedilink
      English
      arrow-up
      11
      ·
      4 months ago

      I’d love to honestly believe that. But I still wouldn’t risk ever doing a BYOD with a company that forced me to install anything on my personal devices.

    • JackbyDev@programming.dev
      link
      fedilink
      English
      arrow-up
      7
      ·
      4 months ago

      Regardless, times I’ve tried to get access to work stuff on my phone I stopped because I had to agree to let my entire device be remotely wiped if they chose to. I had absolutely zero faith that they wouldn’t accidentally do it as a matter of procedure if/when I left the company so I didn’t do it.

      • Buddahriffic@lemmy.world
        link
        fedilink
        English
        arrow-up
        8
        ·
        4 months ago

        Not to mention the possibility of a disgruntled IT person deleting everything they can on their way out. Sure, it would be a whole can of worms for that person and they might regret it because of the consequences, but that wouldn’t bring my data back. Same if it was done accidentally because of incompetence.

    • conciselyverbose@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      1
      ·
      4 months ago

      It honestly doesn’t matter to me.

      Even if it’s an absolute certainty that there’s no possible way they can do harm, I’m unconditionally not willing to install anything on my personal device that isn’t for my personal use.