this post was submitted on 22 Jan 2024
666 points (94.6% liked)

People Twitter

5270 readers
791 users here now

People tweeting stuff. We allow tweets from anyone.

RULES:

  1. Mark NSFW content.
  2. No doxxing people.
  3. Must be a tweet or similar
  4. No bullying or international politcs
  5. Be excellent to each other.

founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 126 points 10 months ago (2 children)

We have never, and will never, integrate someone's personal phone into our infrastructure. Everyone gets a company phone. If you want to use the company phone as your personal phone, or the phone you use to cheat on your husband, that's your call. Just don't complain to me when video of you pleasuring yourself end up backed up to our cloud storage and discovered by IT when tracking down large files eating up storage. (Yes that happened.)

[–] [email protected] 23 points 10 months ago (2 children)

Yeah the whole thing is kinda dumb on both ends. From the employees perspective it's ridiculous to allow the company have any level of control over a device they own. From the company's perspective, why would you want to allow access and/or have information that's the company's property on a device the company doesn't own?

If I have a password for key company infrastructure stored on my personal phone, then the company fires me... well that seems like a problem a company would want to avoid. It could happen in any scenario, but significantly less likely if I have to turn in my company phone when my employment ends.

But hey the company saves a few bucks on buying phones and that helps the quarterly profits I guess.

[–] [email protected] 12 points 10 months ago

That's the whole point of work profiles and company owned devices. This Joelle just has no idea what she's talking about.

You literally can't "just install an MDM" to your phone in the way that allows a company complete access to your device. Both iOS and Android require that either the device is new or the device is factory reset. Then and only then can the device have MDM enabled as a "Company Owned Device" e.g. complete access.

The other way, is through "Work Profiles", it's an isolated and sandboxed partition. The "Work side" has no access to anything on the personal side and the personal side has no access to anything on the work side. On Android the work side has its own Play Store, its own Chrome, its own apps. (In fact, if you're rooted you can hijack the work profiles feature for yourself if you want to install apps you'd rather keep isolated, like TikTok).

If I issue a wipe command to a phone with a work profile, only the work profile gets wiped and the personal side is untouched. An employer utilizing work profiles only has visibility and control within the work profile, the rest of the phone might as well not exist

Hell, Android even gives you the ability to restrict the Work Profiles to work hours so all the work apps go dormant after 5

[–] Dreadnaught 4 points 10 months ago

So with MDM, the company can essentially wipe that device remotely in the case that something like that occurs. Not that it's the best option. Still think companies should just provide the hardware. But that's the protection in that case.

[–] UNWILLING_PARTICIPANT 4 points 10 months ago (1 children)

Wtf how? Was someone cybering over vid chat and checked the record option?

[–] [email protected] 20 points 10 months ago (1 children)

She was recording herself, sending the video file, then deleting the file from the phone. Our phones are configured to immediately back up, so (I am assuming) that while she put together the e-mail or text, our phone was dutifully doing its job.

[–] UNWILLING_PARTICIPANT 2 points 10 months ago (1 children)

Oh man how embarassing. I imagine you make it pretty clear that the company phone comes with this capability after that incident lol

[–] [email protected] 1 points 10 months ago (1 children)

You have to sign a document before you get equipment. Part of that document is you acknowledging that you read another document that outlines what you can and cannot do with company equipment and what the capabilities of said equipment are. We even tell people to close the physical camera shutter on the laptop whenever they aren't on a video call if they want to ensure privacy. There is also a code of conduct document they need to read and sign. Using company property for lewd acts and to conceal adultery broke a number of agreements.

[–] UNWILLING_PARTICIPANT 1 points 10 months ago

Well you tried