iOS 9.3 Will Tell You If Your Employer Is Monitoring Your iPhone

An anonymous reader writes: Nobody likes being monitored. But even if you suspected your company is following your activities on the iPhone, would you know where to check? In the next iteration of its smartphone operating system, iOS 9.3, Apple is looking to make this an easier task. According to Reddit user MaGNeTiX, the latest beta of iOS 9.3 has a message telling users their iPhone is being supervised. The message is as prominent as can be, both on the device's lock screen and in the About section. "This iPhone is managed by your organization," the message on the lock screen says. And in the About screen, you get a little more detail, with a message saying your iPhone's supervisor can monitor your Internet traffic and locate your device.

You should already assume this

[JeffOwl]

My employer already has a notice on the lock screen about monitoring, but even if they didn't, anyone who has a device managed by their employer should assume it is being monitored unless proven otherwise.

You should but how many will?

[SuperKendall]

Sure it's obvious to technical people like us that a company issued phone is going to be monitored and administered remotely.

But how many non-technical people would know enough to assume that? It's for those people the prominent message can help them think twice before doing something with the company device they may regret later,

If you think about it, it's even helpful for technical people - because as you say, a technical user would assume a company phone would be monitored and controlled. So if you do NOT see this message on a company device you can ask your IT staff why the hell they are not using MDM to control the devices.

Re:

[unixisc]

Why does one have to be technical in order to figure out that what s/he does on a company issued phone can be monitored by the employer? This much should be common sense, shouldn't it?

Re:You should but how many will?

[SirSlud]

If people had common sense, they wouldn't keep assuming things are common sense.

Re:

[mccrew]

... on a company issued phone ...

Not just company issued phone. If you set up your personal device to check work mail, then it becomes subject to company policies, and is subject to monitoring and vulnerable to remote wipe. And the remote wipe clears the whole enchilada - your personal mail, your photos, your texts, everything - regardless whether it was corporate data or not. That part is not really obvious, and more people would care if they understood the full implications of checking work e-mail on their personal device.

Re:You should but how many will?

[unixisc]

This one I agree w/ you.

I have 2 phones. One purely for personal use, another purely for work use (not issued by any employer, so b/w jobs, I keep using it for job searches & the like). My family doesn't know the number of the latter. My colleagues don't know the number of the first.

If any employer needed me to BYOD, I'd take the latter and let them do what they wanted w/ it. My personal photos & stuff wouldn't live there. That way, I leave one phone at risk, while playing merrily w/ the other. I have reset this several times, and will.

Re:

[Anonymous Coward]

Why would any employer *need* you to BYOD, rather than merely accept that you're doing so? And if that's a legitimate need, why on earth would you agree to let them do what they wanted with it? My employer either accepts my usage of my device unmolested, or provides one to be molested at corporate whim.

Re:You should but how many will?

[NormalVisual]

I had a bit of a row with management a couple of years back over this. They wanted me to install Outlook on my personal phone, and I refused because of the remote management capabilities. I don't care who you are, it's not your phone and I'm not going to give you the ability to remote wipe it, monitor me, have access to passwords, etc. If it's important enough that I need to be able to be contacted via cell phone, then give me a company phone expressly for that purpose and don't be surprised if it gets left at home when I go out.

Re:

[youngone]

I had a bit of a row with management a couple of years back over this...

I'm the IT guy setting the company phones up for various staff. One of the managers decided he had a staff member who didn't quite warrant a phone, but needed to have access to email 24/7 (for some reason).

When the staff member told me to fsk off, and leave his personal phone alone I didn't press it. And yes, I explained webmail to the manager.

Re:

[Penguinisto]

Actually, it depends.

In my case, I get company email on my personal phone. I know for fact that they do not monitor anything on it (though they do have the ability to wipe the email off it, and require a PIN). I'm pretty sure they could have cranked up AirWatch (urgh) and gone all Big Brother on it, but in my own experience, most companies don't.

Usually, it's (ironically) cheaper in time, headaches, and in some cases even money, for the company to issue you, say, a Blackberry or similar cheap mid-range phon

Re:

[BarbaraHudson]

"Hey boss, since we're communicating by email, I need your PIN so that I can wipe it "just in case." Just because you receive company email on your personal phone is no reason to give them the pin to your phone, any more than if anyone else sent you an email. If they don't like it, let them supply you with a company phone.

I don't know about you, but my phone comes with a data plan - I don't need to use an employers wifi, so that's another reason to tell them to put it where the sun don't shine.

And if it'

Re:

[castionsosa]

Exchange/ActiveSync can be configured to have various policies be placed on one's device before it allows the device to download/sync mail.

One way to get around this is to use the Outlook app, or on Android, one of the other Exchange programs like Nine, Touchdown, RoadSync, or others, where if the organization decides to wipe the phone, just the app's data gets erased, not your entire device.

There used to be a company called Divide which made a decent product that was good at separating work stuff from one'

Re:

[pnutjam]

yeah, but all that personal stuff is backed up with rsync, right? Oh wait, you said IOS, not Android.

Re:

[illtud]

Not just company issued phone. If you set up your personal device to check work mail, then it becomes subject to company policies, and is subject to monitoring and vulnerable to remote wipe.

Wow, I never knew K9 mail was so advanced!

Re:

[SeaFox]

This much should be common sense, shouldn't it?

"Common sense" is another phrase for "knowledge it's assumed everyone has".
You're overestimating the intelligence of people -- even those in jobs posh enough where the company gives you a cell phone.

Re:

[SuperKendall]

If you are given company pencil or pad of paper would you assume it is monitored? How is a tablet substantially different to a truly non-technical user, like a salesperson or secretary?

The point is some people truly have no idea what is possible, and/or are very naive.

A smartphone is a handheld computer

[perpenso]

A smartphone is a handheld computer. I think even nontechnical people get that.

Re:

[Dynedain]

A. Non-company issued phones may be monitored in some ways depending on how Exchange or other apps are configured
B. Company-issued phones may NOT be monitored, depending on how the company has set things up.

If my employer hands me a fresh boxed iPhone and says "have fun, here's the mail server settings", then there's a good chance my phone itself isn't being monitored.

My company doesn't use MDM and gives us fresh phones. Out of the box they are usable, and not monitored. However, we cannot setup mail/calend

Re:

[Frosty Piss]

But how many non-technical people would know enough to assume that?

All people who are not complete morons understand that your work-issued phone could be monitored. There is a certain "snob appeal" to saying "well, not everyone is technical", but the reality is that this isn't really valid. Everyone with even just several brain cells know a work phone is not for surfing porn or "whatever".

This is a non-issue except for people that want to make issues were there are none.

Re:

[vel-ex-tech]

You're completely out of touch.

Re:

[BarbaraHudson]

Either that, or someone with a power complex. Interestingly enough, an employer monitoring you off-hours without your specific consent is probably illegal. Now that more people will know, there may be more push-back as they start asking "WTF is this?"

Re:

[UnknowingFool]

But how many non-technical people would know enough to assume that? It's for those people the prominent message can help them think twice before doing something with the company device they may regret later,

Um, when you are at work, you can't do what you can at home . . . like nap in the middle of the day, wear pajamas, watch porn, whatever. This should be obvious to anyone much less those that are technical.

Re:

[GlasgowKiddie]

I use my own laptop at work fortunately

Re:

[Anonymous Coward]

If you are attached to the corporate network, your activities are monitored. When you are on the property you are subject to all terms of employment and appropriate behavior and subject to appropriate punishment if violated.

Re:

[Creepy]

Mine does too, but they don't monitor everything. I know they don't listen in on calls, for instance. They do know everything you install on the device, though.

Re:

[Sax Russell 5449D29A]

That's rather creepy. In most civilized countries employers can not spy on employees because privacy is both a basic and constitutional right, protected "even" at work. Listening, for example. calls in most situations would be outright criminal, let alone reading emails sent by the employee without explicit written consent.

Re:

[unixisc]

Absolutely!!! This one is a 'Duh'!!!

Bottom line is - Who bought that iPhone? If it's you, then yeah, your employer has no business touching your phone w/o your consent. But if it's THEM - like it was for Syed Farook, then not only do they have all rights, but YOU should NOT be using it for non-work purposes.

Want a phone where you can plot Jihad and shooting up your entire workplace? Then get your OWN DAMN iPhone: don't use your employer's equipment to do it!

Re:

[tlhIngan]

Bottom line is - Who bought that iPhone? If it's you, then yeah, your employer has no business touching your phone w/o your consent. But if it's THEM - like it was for Syed Farook, then not only do they have all rights, but YOU should NOT be using it for non-work purposes.

It's not so simple though.

Yes, if it's the employer's phone, it'll be monitored.

But remember, a lot of people are in the whole "BYOD" (bring your own device) thing where they may not even realize this is happening. So yes, the employees a

Re:

[BarbaraHudson]

I agree. More people need to go "You want to install WHAT on MY phone? Get bent!"

How to know the US government is spying on you ?

[stooo]

>> iOS 9.3 Will Tell You If Your Employer Is Monitoring Your IPhone

How to know the US government is spying on you ?
Get employed by the US government...

Re:

[ripvlan]

Yeah - I don't understand this feature. not a terrifically detailed article.

Company provides cell phone. Company tracks device.

For BYOD - it would be useful to know WHAT the company is tracking. My employer allows BYOD with the installation of an App - and other than "we reserve the right to wipe device to protect company IP" - not much more is said regarding what the app does.

In the office they've installed a super SSL certificate that offers an "obsolete cipher suite" - so that they can view all conten

Re:

[kheldan]

If you are required to have a work phone then you should never, never, ever use it for your personal business. I certainly hope I don't have to tell any of you that!

Re:

[smartr]

Because paranoia, paranoia, paranoia? I mean shit, we are all capable of carrying 10 different devices for 50 different purposes, or you know - a single general purpose computer that maybe shouldn't be monitoring people off active work duty. Is the phone supposed to be part of some sort of ultra secure secret network? Why did it leave the ultra secure secret building? Does it actually make sense from a non corporate brown nosing perspective to actually monitor your employees whilst they take a shit? Secure

Re:

[kheldan]

..I'm not at all sure if you're agreeing with what I'm saying or not.

Do you mind if I ask you a question? Whether you think they do it or not: theoretically would it bother you if, assuming you used a company-owned device (smartphone, laptop, etc) at home, on your network and in your non-paid off-work time, for very, very personal things (watching porn, sexy chat with your girlfriend or wife, etc)? Or even for non-potentially-objectionable personal things (paying bills, making purchases, watching shows, et

Re:

[smartr]

Yes, it bothers me if a company tracks these things. I think there's a certain degree of, if you leave what you're doing out in the open, you should be putting some effort forth to do some things privately. But to the extent of what should matter to a company should be that they can secure their company information and their hardware. I have both a company laptop and phone. Once upon a time I was actively using an iPod touch, a work smart phone, a personal smart phone, a work Mac Pro, a home laptop, a work

Re:

[pnutjam]

Most of those can be controlled a the device level.
Logging of network traffic?
keep it on your wifi or use a personal vpn.

phone calls, texts, are so insecure it's laughable, who cares if their watching those. The data is out there, but rarely analyzed.

Re:

[BarbaraHudson]

And since it's their phone, leave it at work when you leave. After all, it's their phone. Let them track it - all they'll find out is that you must have worked all weekend.

Um, Duh?

[GrooveNeedle]

I mean, I like it when information is clearly communicated, but isn't it kind of a no-brainer that when your employer provides you with a phone that they are going to monitor its usage? Even if they don't, it should be the default assumption of the user that they do. Same thing with any desktop/laptop and internet connection they provide.

All this does is point out the obvious.

Now, if they had a message that told me my Service Provider was in some way monitoring my privately purchased/owned personal phone,

can they get in to your phone with out your pin?

[Joe_Dragon]

can they get in to your phone with out your pin?

Re:

[b0bby]

No. This is for employer provided/managed phones.

Re:

[Joe_Dragon]

so with an employer provided/managed phones you set you own pin switch to a new job and they are now SOL to get any info off of it.

Re:

[waspleg]

No. https://www.apple.com/business... [apple.com]

Re:can they get in to your phone with out your pin

[b0bby]

They can get into *their* phone, which they are letting you use, without your pin if they are doing it right.
They can't get into *your* phone, which you bought yourself and manage yourself, without your pin.

IOW - If your employer provides you with a phone, it's not really yours.

Re:

[smartr]

They can get into *their* toilet, which they are letting you use, without your any bolt-locks if they are doing it right. IOW - If your employer provides you with a bathroom break, it's not really yours.
FTFY

Re:

[ihtoit]

Nope. Corp contracts have a backdoor PIN and the handset is usually SIM locked so you can't simply replace the SIM in a nine hundred Dollar company phone.

(been there with Vodafone).

Basically, if an employee leaves, you can brick the phone by calling the service centre with your company credentials and asking them to deactivate it. Then it's a simple case of calling the employee on an alternative line or even writing them and asking for the handset to be returned - then it's just a case of sending it back to

Re:

[Diss Champ]

Yes, your employer can get into your issued phone if they set it up correctly.

This is one reason why the current well publicized FBI/Apple court order debate is stupid- if the government hadn't screwed up, they wouldn't need Apple's help to get into the phone they had issued. Given that the government screws up something simple like this, why should we believe they won't screw up at safeguarding the special software they want.

Re:

[bws111]

Geez, the phone was not issued or owned by the FBI, it was owned by a county. The FBI and a county are in no way related, except that they both are part of governments (though not the same government). Why do you try to equate them?

Re:

[__aaclcg7560]

Geez, the phone was not issued or owned by the FBI, it was owned by a county.

The FBI ordered the county technician to change the iCloud account password, doing the exact opposite of what Apple told them to do. In short, FBI stands for Fumbling Bumbling Idiots.

Re:

[gnasher719]

This is one reason why the current well publicized FBI/Apple court order debate is stupid- if the government hadn't screwed up, they wouldn't need Apple's help to get into the phone they had issued. Given that the government screws up something simple like this, why should we believe they won't screw up at safeguarding the special software they want.

If anyone had told them that the guy was going to kill 14 people, sure, they would have done that. But nobody told them. But if you think about it, IF they had the means of unlocking the phone at any time, then surely nobody would be stupid enough to leave incriminating information on their works phone.

And remember, this is one of three phones that the killer had been using, and two phones he smashed up completely before he got killed. So you can guess which phone did _not_ contain anything juicy.

The

This evil crap is also installed on user owned dev

[EmperorOfCanada]

There are employers who insist that they be allowed to install this evil crap on the devices owned by the users. Apple is making a huge mistake allowing this.

This sort of crap is what helped bring down Blackberry. Pretty much anything that is good for a corporation is not good for the users.

This is one of those insidious things where they give a little for a bunch of corporate sales, then they give some more and more and more until they are kowtowing to the enterprise market and they are making Microso

Re:

[bws111]

An employer can't do a damn thing if you don't connect to their network and don't use the device on their property or their time.

Re:

[mccrew]

This sort of crap is what helped bring down Blackberry.

Bzzzt, wrong. So very, very wrong. The Blackberry 10 series were specifically designed to have 2 secure and independent partitions - a personal partition and a work partition. When you would associate your device with your work account, the corporate admin would only have control over the work partition and your personal partition would be out of reach. Blackberry got 99 problems, but offering a secure device that protects a user's personal information from corporate overreach is definitely NOT one!

Re:

[Penguinisto]

Two easy answers that come to mind:

1) "Oh, I don't have a smartphone. Can you issue one"?
2) Go out and buy a cheap-assed-but-usable Huawei for $100, put it on Net10/MetroPCS/whatever, and use it only for corporate stuff. Write off the costs on your taxes.

Re:

[ihtoit]

nope. What killed Blackberry was their proprietery messaging system (which nobody else could access) and the fact that Apple had released the iPhone right around the same time RIM bombed, because the iPhone was everything the Blackberry wasn't: useful.

Re:

[narcc]

The iPhone was many things, but useful it was, most assuredly, not. The lack of basic features like task switching and copy/paste put it well behind the competition on that front. It's why BBs outsold iPhone and Android handsets for years after you inexplicably believe they "bombed".

They're still leagues ahead of iOS and Android when it comes to management, privacy, security, and usability.

Re:

[ihtoit]

BB didn't have copy/paste until the release of the 8000 series (2007/8) which had the requisite multitouch screens that the previous models lacked. Apple had it in the iPhone by March 2009 (announced for iOS 3). The iPhone 1 had a touchscreen in mid 2007. Six million units sold in thirteen months, which counted for nearly HALF the global smartphone market at the time, with Blackberry having taken SIX YEARS to sell the same number of units.

Raw comparison: Blackberry's flagship phone for 2008, the Bold 9000 b

Re:

[narcc]

BB didn't have copy/paste until the release of the 8000 series

Nonsense. It worked fine on my 7290 (c. 2005), and the 6210 (c. 2003).

which had the requisite multitouch screens that the previous models lacked.

None of the 8000 series models had any sort of touch screen. The first would have been the 9500 series (c. 2008)

The iPhone 1 had a touchscreen in mid 2007. Six million units sold in thirteen months, which counted for nearly HALF the global smartphone market at the time

In 4Q 2007, Apple had captured a whopping 7% of the global smartphone market, and a healthy 25% of the U.S. market (well below RIM's 35%). Though by 1Q 2008, Apple had declined to 19%, while RIM had recaptured nearly 9%, holding 44% of the U.S. market. Analysts at the time attributed Apple's loss to RIM's gain. Looking at

Re:

[ihtoit]

so you move the fucking goalposts. ::golf clap:: Well done.

This thread is done.

Re:

[narcc]

Did I? My only claims were that the iPhone was not as useful as its competitors, as evidenced by its lack of basic features, and that it did not outsell BB during the period you claimed. Both of these claims are true. You countered with obviously incorrect and irrelevant nonsense, which I corrected.

Sorry to hurt your feelings, but reality is reality.

Even better

[PPH]

Include an alert if your phone has negotiated an unencrypted connection with the nearest "cell tower" (aka Stingray). Like my Motorola Razr v3 does.

Re:

[ShaunC]

Is that a feature of the phone, or are you using an app to detect that? I played with AIMSICD [github.io] for awhile, but I'm not sure it did anything other than drain the battery.

Re:

[PPH]

It's a feature of the phone. There is an icon on the screen which displays the status of the link encryption. Since one mode of IMSI catcher operation is to negotiate an unsecured connection with a phone, it's an indication that you might not be talking to a legit cell phone tower.

How about tell us WHEN

[shaitand]

Instead of advising us our phones are monitored, which we already know, the device informs us when anyone actively uses these functions, especially remote access to the cam/mic. Locate notification should be an option but in practice many organizations would simply have automatic logging of this data and it would trigger every few minutes.

Re:

[Solandri]

Instead of advising us our phones are monitored

Small flaw in your argument. If "your" phone is being monitored, it's not really your phone. It belongs to someone else, they are lending it to you, and it's their right to know what you're doing with their stuff. If you ask for features which the phone owner objects to, Apple is going to listen to the guy paying them for the phone, not the guy using the phone for free.

If you're that worried about other people monitoring your phone use, buy your own phon

Re:

[shaitand]

"Small flaw in your argument. If "your" phone is being monitored, it's not really your phone. It belongs to someone else, they are lending it to you, and it's their right to know what you're doing with their stuff."

First, no matter who owns the phone I have an expectation of privacy unless I'm at work. Second, you can bring your own device. Third, notifying me that they are monitoring does not prevent them from doing so, negating any relevance to whether or not they are entitled to do so.

"If work requires y

Re:

[pnutjam]

How could you trust that's what it really does?

There's always a workaround...

[__aaclcg7560]

I worked at a company where the management team got very insecure about their positions and thought that the regular employees were out to get them. So they got a program to remotely monitor desktops. One morning my manager came running over to my cubicle to inform me that I wasn't allowed to look at Amazon on company time. And then he discovered that I had a breakfast burrito from the roach coach in hand, which meant I was on my break and I'm allowed to look at the Internet on my break time. So I told him to bugger off. Since the company next door had an open wireless access point, many of my coworkers used their PDA's to browse the internet to avoid using their PCs.

Maybe something better...

[charles05663]

How about a big message saying this device is being monitored by the NSA, CIA, and FBI thanks to the likes like Senator Feinstein.

Not your phone, it is their phone.

[Daniel Matthews]

Oh Stan you silly man.

Read the screen grabs, http://imgur.com/a/Eb4yJ [imgur.com]

[ This iPhone is managed by your organisation. ]

What sort of idiot would not already know this about a work phone? It is same for a work PC, and work land line, or even a room at work. Oh yeah Apple users...

Add too iCloud activation lock status page.

[sims 2]

They should add it to the damn icloud activation lock status page.

https://www.icloud.com/activat... [icloud.com]

What good does that page do if it won't tell you it has a factory set MDM profile that can't be removed even if its not activation locked?

Come on apple what the fuck were you thinking?

I've been an Apple hater for so long,

[jenningsthecat]

that I'm experiencing real cognitive dissonance right now. I've never liked their walled garden, and they were leaders in the 'you don't really own your hardware, we do' trend. But just recently they told the FBI to get stuffed, and now they're baking into their phones a warning when the user is being monitored. Apple as a 'good guy'? The sky is falling!

Part of me wonders if they're simply ahead of the curve, seeing a business opportunity in a populace fast becoming sick of having their privacy butt-raped o

Re:

[MobileTatsu-NJG]

Why would someone let your employer monitor YOUR iphone? I could see if they supplied it but not if it is mine.

Here ya go.

While it's not clear whether the message shows up for all types of monitoring, it's there for supervised devices set up through Apple's Device Enrollment Program, which is a way for companies to easily deploy a large number of corporate-owned Mac or iOS devices to employees.

Re:

[wardrich86]

If you're on their network, it's fair game.

Re:

[saigon_from_europe]

If you're on their network, it's fair game.

No, it is legal, but it is not fair. Why are companies so obsessed with spying their employees, and why are you Americans so willing to accept it? Just because company is legally allowed to do something, it does not make it meaningful or acceptable. And what they believe that they could find there? Even if I want to harm them by using smartphone, I'd do it with my private phone and they cannot do anything without court order. Spying peoples phones is just waste of time and good way to make their employees h

Re:

[Tharkkun]

If you're on their network, it's fair game.

No, it is legal, but it is not fair. Why are companies so obsessed with spying their employees, and why are you Americans so willing to accept it? Just because company is legally allowed to do something, it does not make it meaningful or acceptable. And what they believe that they could find there? Even if I want to harm them by using smartphone, I'd do it with my private phone and they cannot do anything without court order. Spying peoples phones is just waste of time and good way to make their employees hate them.

Because your employer is paying for the phone and the service. If you don't like it then pay for it yourself. It's no simpler than that.

Re:

[saigon_from_europe]

Because your employer is paying for the phone and the service. If you don't like it then pay for it yourself. It's no simpler than that.

Yes, I agreed that they are allowed to do that. The question is what the sane person expects to find there?

Re:

[ihtoit]

Because your employer isn't quite there yet in the trust that you won't broadcast trade secrets to the competition.
Hell, I wouldn't be, either. Nothing personal, it's the same for everybody. My data mining suite is my own proprietery design and its inner workings will remain a secret that I will take to my grave. Suffice it to say that the results speak for the design. Suffice it to say also that while I do research for others, they don't see the computer I perform the data crunching on.

When you've got some

To access their network

[sjbe]

Why would someone let your employer monitor YOUR iphone?

The employer may require it as a condition of letting you attach your device to their network. You don't have to let them monitor your phone but they don't have to let you access their network with it either.

Re:To access their network

[SeaFox]

Why would someone let your employer monitor YOUR iphone?

The employer may require it as a condition of letting you attach your device to their network. You don't have to let them monitor your phone but they don't have to let you access their network with it either.

Yup. Bring Your Own Device is just corporate new-speak for "externalizing equipment costs to our employees".

Re:

[Anonymous Coward]

Our company does this. Recently they have been thinking about instituting a policy that you can only have corporate mail on it - no gmail, outlook.com, comcast, yahoo, whatever other email. Add on their 8 digit PIN requirement and it really comes down to "I just bought the company a phone" if you are foolish enough to BYOD...

Re:

[Nethead]

Yup. Bring Your Own Device is just corporate new-speak for "externalizing equipment costs to our employees".

But this then internalizes IT support costs for all those different devices. I'm glad the company I work for issues current iPhones with AirWatch MDM. It makes it so much easier to trouble-shoot.

Re:

[aussiedood]

Why would someone let your employer monitor YOUR iphone?

The employer may require it as a condition of letting you attach your device to their network. You don't have to let them monitor your phone but they don't have to let you access their network with it either.

Yup. Bring Your Own Device is just corporate new-speak for "externalizing equipment costs to our employees".

Nonsense, BYOD was brought about by employees not their employers. People wanted to bring the latest gadgets they had initially bought for personal use into the work environment because they preferred them over the often comparatively ancient equipment which had been supplied to them by their employer.

Re:

[Frosty Piss]

Why would someone let your employer monitor YOUR iphone?

The employer may require it as a condition of letting you attach your device to their network.

In this case, you tell your boss to *issue you a work phone*, and decline to do *work* on your personal phone.

Certainly you shouldn't be doing work on your personal phone without compensation.

Re:

[Austerity Empowers]

Why would someone let your employer monitor YOUR iphone?

If you get email and calendar (and other things) from your owrk on your iPhone, then you have agreed to let them do it. If you don't do those things, then you really should not have to let them do this.

Re:

[BarbaraHudson]

There is no consent for that. They should only be able to get your PIN when they pry your phone out of your cold dead hands - and not even then. It's YOUR phone. You paid for it. Installing any application on your phone does not imply consent to let the app seller wipe your phone. Why should any business be different?

Re:

[Just Some Guy]

Why would someone let your employer monitor YOUR iphone? I could see if they supplied it but not if it is mine.

A previous employer told me I'd have to let them install some way-too-creepy MDM rootkit on my personal phone if I wanted to access corporate email from it. I asked if I'd be reimbursed for turning it into company hardware. When they said no, I explained that I would not be reachable from my personal phone so not to bother emailing or messaging me after hours. That is, if the situation didn't warrant them picking up a phone and calling me, then it could wait until the next business day.

They were surprised b

Re:

[djrobxx]

Why would someone let your employer monitor YOUR iphone? I could see if they supplied it but not if it is mine.

Typically because you want access to email and meeting schedules, but don't want to carry around two devices. At least at the last 3 big companies I worked for, they allow you to bring your own device, but the email gateways require you to allow the company to manage the phone so your email is protected by their security policies.

 

Re:

[BarbaraHudson]

No need to carry a second device at home. Let them give you a phone for work, and then leave it at work. After all, it's THEIR phone. "What's at work stays at work."

Re:

[unixisc]

If my employer issued me a phone, I'd assume the answer to be yes. If I provided it, I'd dictate the terms.

Re:

[unixisc]

Why? It's common sense. If you get something from your employer, they get to monitor it. If it's something you yourself provided, then you call the shots. What's so technical about it?

Re:

[unimacs]

Just because it's both technically possible and common practice doesn't mean it's actually done by every employer. Besides, as much as we tell people their Internet usage is being monitored, there are still folks who get busted doing stuff they shouldn't.

Re:

[__aaclcg7560]

If you get something from your employer, they get to monitor it. If it's something you yourself provided, then you call the shots.

As an IT tech at Fortune 500 companies, I had this argument with users all the time. Most users believe that the PC on their desk belongs to them and them only. They will fight tooth and nail to prevent anyone from accessing their PC. I've explained to many users that their PC belonged to the corporation. If the corporation decides to replace their PC with pen and paper, they must use pen and paper — or find another job.

Re:

[__aaclcg7560]

And the corporation gets to find another employee, eat the recruiting costs, eat the on-boarding and ramp-up costs, etc.

Which is cheaper: keeping an employee who can't follow corporate policies or finding a employee who can follow corporate policies?

Re:

[__aaclcg7560]

I'm going to sue for intentional infliction of emotional distress and get 10 million in damages!

Good luck in finding an attorney since you don't have a case. Your employer provides the tools that are adequate to get your job done. If pen and paper gets the job done, you have nothing to complain about.

Your device + their network = monitoring

[sjbe]

If you get something from your employer, they get to monitor it. If it's something you yourself provided, then you call the shots. What's so technical about it?

There is a third option. You provide the device but want to access the employer's network with it. No sane employer would permit you to attach a device they didn't buy, approve or at least have the ability to monitor. You don't have to provide them access to the device but then you can't attach your device to their network either.

Re:

[saigon_from_europe]

My employer has very simple solution for this. Only company's equipment allowed on Ethernet and Wi-Fi. But there is also a parallel WiFi network for guests and employees' private devices. Easy to implement, the best of both worlds.

Re:

[ihtoit]

I run three networks - at home. One is airgapped (it's actually a cluster but it has no WAN link - this is by design), one is a firewall behind a firewall running the LAN (which is my own little corner of the internet, with mail and webservers, a couple databases and a torrent box), the other is the WPA2-secured wifi which is running on the forewall which is used by the rest of the house and any guests who (invariably) come round to drink my coffee and suck on my 200MBit cable.

Re:

[ihtoit]

they get Nescafé and like it, I keep the good stuff for me.

Re:

[ihtoit]

You're connecting over a public switching network. Assume it's being monitored and behave accordingly.

Re:

[ihtoit]

as long as the company picks up the bill, I would be fine with that - but they do it on their own SIM.