... actually they aren't wrong. MDMs are given special permissions including but not limited to reading your SMSes and phone records, restricting and monitoring your installed apps and even wiping your device.

[–] [email protected] 46 points 9 months ago* (last edited 9 months ago) (3 children)

I’m not sure what MDM you’re subjected to but I’ve been an MDM engineer for 7 years using Intune and JAMF and no, no SMS or phone records. Even the phone # is blanked out minus the last 4 digits. Yes we can wipe the devices if it’s lost\compromised but personal versus corporate owned devices are limited. I can’t see what apps you have that were personally installed. And the only info I can get are the device stats (SN, IMEI, storage, battery, memory, etc).

[–] [email protected] 22 points 9 months ago* (last edited 9 months ago) (2 children)

Intune and JAMF are not the only MDMs on the market. There are others that do offer these capabilities, at least on Android.

SMS reading:

https://support.sophos.com/support/s/article/KB-000034436?language=en_US

Call log reading:

https://knowledgebase.42gears.com/article/how-to-view-call-logs-on-android-phones-remotely-using-suremdm/

And app lists:

https://help.ivanti.com/mi/help/en_us/cld/admin/ivanti/91/all/en-us/App_Inventory.htm

[–] [email protected] 9 points 9 months ago (1 children)

Yeah I have looked at those solutions and one not on your list (MobileIron, not sure if they’re still around). I don’t know why anyone would choose those solutions but good call.

[–] [email protected] 2 points 9 months ago

I also don't know why anyone would use these either FWIW

load more comments (9 replies)