Don’t Put Your Work Email on Your Personal Phone

[Guest]

I've read something more or less related to this here and there on the Forum.

Personally I've always been against the idea of using my personal mobile phone for professional pusposes.

 

Here is why:

 

Quote

 

"Don’t Put Your Work Email on Your Personal Phone"

Mobile Device Management potentially gives your company the ability to spy on your location, your web browsing, and more

Many of us have given up on the idea of carrying around a dedicated work phone. After all, why bother when you can get everything you need on your personal smartphone?

Here’s one reason: Your work account might be spying on you in the background.

When you add a work email address to your phone, you’ll likely be asked to install something called a Mobile Device Management (MDM) profile. Chances are, you’ll blindly accept it. (What other choice do you have?) MDM is set up by your company’s IT department to reach inside your phone in the background, allowing them to ensure your device is secure, know where it is, and remotely erase your data if the phone is stolen.

From your company’s perspective, there are obvious security reasons for installing an MDM on an employee’s phone. But for employees, it’s difficult to tell what these invisible profiles are collecting behind the scenes, as they provide people at your company with invisible control over your device. That’s why when it comes to your phone, no matter how much you trust your IT department, it’s a good idea to keep work and pleasure separate.

...

 

Source : Don’t Put Your Work Email on Your Personal Phone ;

OneZero; 23 July, 2019

If a company who wants me to work for her is not ready to provide a mobile phone to let me work in an efficient manner, then, imo, there is a problem...

[givingtnt]

Nah, the real reason to not do this is that 99.999% of employees are idiots and will get the company in trouble w/ social engineers & people stealing their data.
Companies "spying" on employees is the least of everyone's concern.

[Guest]

I don't agree. It's just one side of a bigger problem.

[r2724r16]

Who cares? The NSA is gonna spy on us no matter what we do.

[Trik'Stari]

It's a simple solution.

 

"You don't get to install something on my device, that's my property. If you want me to carry a device that enables me to work, that you can install things on, then you need to provide that device. End of story. No exceptions."

 

If your company is unwilling to accept that, they aren't worth working for. Start looking now.

[PCGuy_5960]

6 minutes ago, r2724r16 said:

Who cares? The NSA is gonna spy on us no matter what we do.

Perhaps, but there's no reason why your boss should know why you are googling Linus Sebastian bath water.

[porina]

Personally I've largely kept my work phone and personal phone separate. I do keep some social media apps with personal accounts on my work phone, so I can use work data plan when traveling. I'm not sure about iOS, but on Android if you attach work e-mail it shows a list of what additional rights the admins require over the associated device. It isn't a fixed list as far as I'm aware. 

 

On a similar note, I once read the BYOD policy where I work. It could essentially be summed up in one sentence: they reserve the right to do anything they want software wise on the device. Suffice to say, I didn't agree to that. If they want me to do something with a particular device, they can supply that device.

[r2724r16]

23 minutes ago, PCGuy_5960 said:

Perhaps, but there's no reason why your boss should know why you are googling Linus Sebastian bath water.

Same could be said for the NSA.

 

If you're really concerned about this MDM stuff, then don't use your work email on your personal phone. Simple as that. But don't be under the impression that you won't get spied on.

[Trik'Stari]

31 minutes ago, porina said:

On a similar note, I once read the BYOD policy where I work. It could essentially be summed up in one sentence: they reserve the right to do anything they want software wise on the device. Suffice to say, I didn't agree to that. If they want me to do something with a particular device, they can supply that device.

I cannot begin to express how important this attitude is.

 

If you require me to use a piece of software, and maintain that you have any and all rights over the device on which that software is installed, then you have to provide that device.

 

Otherwise, I am going to need financial compensation for my device as it is now legally your property and no longer my own. This constitutes a purchase, and as such you will have to pay me the market cost of a replacement for my device.

[Brooksie359]

I told my company that I wouldn't put my work email on my phone because I dont want to be roped into working when i am not at work. 

[PCGuy_5960]

46 minutes ago, r2724r16 said:

Same could be said for the NSA.

 

If you're really concerned about this MDM stuff, then don't use your work email on your personal phone. Simple as that. But don't be under the impression that you won't get spied on.

I know, I was just tryna make a bad joke.

[rcmaehl]

I mean you can add your work email to you personal phone but as soon as it starts asking for you to install

• Microsoft Intune
• ManageEngine MDM
• Google Apps Device Policy
• Whatever the heck Starbucks uses
• Literally anything else with MDM in the name
• Anything that wants phone admin rights on Android

Then, you should remove it. Until then, your company isn't using MDM or doesn't have it enabled on your account.

 

Speaking of which, I wonder if LMG uses MDM and how they see it. Do they see it as an
 

• Extra layer of account and data security
• Privacy overreach
• Somewhere in-between
   

I'd tag Linus but I'm unsure if we're allowed. 

[Guest]

2 minutes ago, huilun02 said:

Only an idiot would not notice device admin apps in settings

Then 85% (minimum) of mobile phone users are "idiots"...

[DarkShame2]

1 hour ago, r2724r16 said:

Same could be said for the NSA.

 

If you're really concerned about this MDM stuff, then don't use your work email on your personal phone. Simple as that. But don't be under the impression that you won't get spied on.

or as your primary email. I'm usually called in to work when needed.

[Zodiark1593]

I don't use MDM thankfully (I'd flat out refuse if my company tried), though I occasionally log into my work email through the browser, mainly to call in if all I've access to is wifi (this has happened where I was stuck with no cell signal, and had to commander a wifi point to get an email out).

[dalekphalm]

5 hours ago, Cora_Lie said:

I've read something more or less related to this here and there on the Forum.

Personally I've always been against the idea of using my personal mobile phone for professional pusposes.

 

Here is why:

 

Source : Don’t Put Your Work Email on Your Personal Phone ;

OneZero; 23 July, 2019

If a company who wants me to work for her is not ready to provide a mobile phone to let me work in an efficient manner, then, imo, there is a problem...

Considering I run and manage our MDM, I know it’s not being installed when I operate my work email on my phone. But for larger corporations that may not be the case. 

 

With that in mind, companies should be clear about whether you’re required to install an MDM into your phone, and as well as what restrictions or monitoring they’re placing on your personal device. 

 

I personally would never allow an MDM on my personal device. If that meant no access to work resources, so be it. 

[orbitalbuzzsaw]

5 hours ago, r2724r16 said:

Who cares? The NSA is gonna spy on us no matter what we do.

I need to be able to react to posts as both "funny" and "agree" at the same time.

[handymanshandle]

I'll chime in here, I work for Best Buy. We have an employee app that sandboxes the program in some way that requires some device management privileges.
While I'm not a huge fan of it, Best Buy is such a large company with so many employees that I doubt they really do much with their control over the device.

Honestly though I'm kinda thinking about maybe using my old phone on their wifi to use the employee app and remove it from my personal phone but I like the feature of calendar syncing for my schedule on iOS at least

[Beskamir]

While separating work and life is good for your sanity it sucks it's basically a necessity.

[Dedayog]

5 hours ago, Trik'Stari said:

It's a simple solution.

 

"You don't get to install something on my device, that's my property. If you want me to carry a device that enables me to work, that you can install things on, then you need to provide that device. End of story. No exceptions."

 

If your company is unwilling to accept that, they aren't worth working for. Start looking now.

So incorrect and social justice warrior loaded.

 

Many companies don't require it but you benefit greatly from having work email on your phone.  No they don't spy on you, there are very few major corporations that put anything on your phone at all.  The majority just have you add an account to Outlook's app.  Easy peasy.

 

No need to stand on a soapbox about it.  It's not the end of the world and saying they're not worth working for is naïve as hell.  

 

Most times the expectation that you'll have email on your phone, work extra hours outside of the 9-5 grind, weekends, parking tolls, continuing education, etc... these are all usually built in your salary and acceptable.   When you get paid to be a part of the growth and leadership of the company it's all part of it.

 

Hard line in the sand just makes you an asshole at the office.  Companies want people who are part of the solution and work toward growth, not nit pick over childish things like email on a phone.

 

 

[LinusTech]

 

4 hours ago, rcmaehl said:

I mean you can add your work email to you personal phone but as soon as it starts asking for you to install

• Microsoft Intune
• ManageEngine MDM
• Google Apps Device Policy
• Whatever the heck Starbucks uses
• Literally anything else with MDM in the name
• Anything that wants phone admin rights on Android

Then, you should remove it. Until then, your company isn't using MDM or doesn't have it enabled on your account.

 

Speaking of which, I wonder if LMG uses MDM and how they see it. Do they see it as an
 

• Extra layer of account and data security
• Privacy overreach
• Somewhere in-between
   

I'd tag Linus but I'm unsure if we're allowed. 

I see it as an unnecessary hassle at this point.

[Warcorer]

I agree with jstidrawa's post, I work and manage MaaS360 MDM and were soon changing over to Meraki's Systems Manager (MDM). We don't spy on anyone's device at all, we even have it in our policy that we are unable to view any other information on the user's device as well as verbally stating the same thing during a new employee's training. We use an MDM because it gives us access to selectively wipe the user's work email in case they lose their device, the device is stolen, or if the employee leaves the company. As we have a BYOD policy at my work almost all of the user's do bring their own devices and we also can provide devices if necessary but so far no one has wanted or had the need to.

[mr moose]

I've got a better reason not to put your work email on your private phone,  Personal life and time away from work is very important, it's your time not your bosses. 

 

Don't take your work home with you unless work is your R&R. 

[Maticks]

most of these device controls that you get as an adminstrator mostly through Exchange.

All you get access to is Wipe the phone or remove the account from the device setup.

 

I have not seen any of these let people access a phones photo's, web history or other content.

I would imagine any application trying to do this would find itself remove from Google or Apple store right away.

 

I personally have one phone with my work and personal email.

If you have a worry about content on your phone or programs, sites you are visiting on your phone.

you probably should have a second phone, but being on work wifi running these things is likely a bigger problem than content stored on your device.

 

[justpoet]

Keeping work and personal life separate is always a good idea, as it always has been.  It is only natural that that continues onto our devices, which for most people is about as personal as it gets.

 

That being said, only when you are asked to install something vs just setting up mail/calendar is it an actual privacy/security worry.  It is pretty easy to view what the MDM profiles are set to do, at least on Apple devices (they show you when they're asking to be installed, in the profiles section once they're installed, and you can also just download and read the file).  Some MDM profiles are just account setups, and are pretty common and easy to use in larger organizations.  Others are access controls and remote wipe.