Mobile device management

The company I work for wants to install Microsoft Intune to manage mobile devices.
They are asking us to enroll personnel devices if we want to access email and other company apps on our phone. Somehow giving the company access to manage my phone, including restoring to factory default seems more intrusive and riskier than I will accept. I guess no more email on my phone for me.

I can see a simple mistake bricking my phone or malicious actions doing the same.

Does anyone else have experience with Intune?

Dan

 

It's always your choice in BYOD environment. You don't have to give them that level of access but they don't have to give you access either. BYOD is tricky. In your mind you own the device. In the companies mind they are allowing an untrusted and uncontrolled device to access business critical infrastructure. That is quite frankly a massive risk taken on their part. You can understand why they require the ability to remote wipe the device if it is lost or stolen.

My advice is if you are uncomfortable with it then have them supply you a device to use for business. If you don't want the inconvenience of carrying multiple devices then you will have to resolve in your brain that they have to exert some control over the device.

 

As an IT guy working in networking & security, I'm not willing to give to anyone control of my personal phone, unless I'm being paid to do so. My company is paying my personal phone bill, and I'm (more or less) in control of which devices get wiped. If they're not paying for access to your phone, then they don't get access to it, is my stance.

 

Yep if they want you to work from home they need to provide a device. My $$ my rules, your $$ your rules.

 

Sometimes we see thread titles in Dungeon that you make wonder if they really belong there.

This one is just borderline in.

On the plus side, I'm in full agreement with the RW lunatics....

 

What?

 

Brief flash of logic. Fear not, it will pass.

 

Work phone, work only stuff. It doesn't log into any personal media/emails/banking/etc

personal phone and computers don't log in to work apps/emails/websites/etc

 

Bush's fault.


There...no it it's in the right place.

 

you know full well this is Obummer's fault. we talkin' bout phones, here

 

We use this at my place of work as well. It's been fine. It all has to be reconciled with "your deal". My company does not pay for our cell plans, generally speaking, even for those on-call occasionally. It would be possible, if difficult, to do my job without my phone having access to sensitive data. I choose to grant them admin access to my personal phone because the deal I have is good enough that this is a fair arrangement. Your deal may be different.

 

The agreement with my employer included a replacement reimbursement. It was $10. I said no to BYOD.

MK Ultra knows why. Do the research. Buy the tin foil.

 

Dear God, no.
If you need to concede to conduct business, buy a cheap phone that does the minimal functions you need and keep your personal data off of it. IT can see what apps you have and restrict apps, restrict features for security - video, screenshots, etc, and they can install a keystroke logger at the same time. Beware - and keep your business life off your personal phone.
Shits creepy.

 

I would actually worry about that Mongo. Your IT guy can be a dick sometimes...

 

As if on cue the IT guys are remotely force rebooting machines in our lab with many not coming back up.

 

In my experience, labs are a festering cesspool of unpatched software and infrastructure with slapdash security and everything done in the name of expediency. They are the first against the wall.

 

It's a lab. Everything I need to know about the stability and security of it is right there in the name.