This article was originally posted on OneZero. I have to say that I have been in this position in the past and did not succumb to the wishes of the company trying to same money. When I encountered the Mobile Device Management (MDM) profile, I said no and requested a company phone for other reasons.
Very good article for those like me that hate to double-phone-it. For your own security, don’t accept MDM on your device. Please read as there is great and insightful information article and echos my same sentiments.
Mobile Device Management potentially gives your company the ability to spy on your location, your web browsing, and more
Many of us have given up on the idea of carrying around a dedicated work phone. After all, why bother when you can get everything you need on your personal smartphone?
Here’s one reason: Your work account might be spying on you in the background.
When you add a work email address to your phone, you’ll likely be asked to install something called a Mobile Device Management (MDM) profile. Chances are, you’ll blindly accept it. (What other choice do you have?) MDM is set up by your company’s IT department to reach inside your phone in the background, allowing them to ensure your device is secure, know where it is, and remotely erase your data if the phone is stolen.
From your company’s perspective, there are obvious security reasons for installing an MDM on an employee’s phone. But for employees, it’s difficult to tell what these invisible profiles are collecting behind the scenes, as they provide people at your company with invisible control over your device. That’s why when it comes to your phone, no matter how much you trust your IT department, it’s a good idea to keep work and pleasure separate.
Peering into your life
MDM profiles, paired with device management tools, allow companies to track employee phones in a single dashboard. They can mitigate security breaches or potential harm from a rogue employee; if you work for a law firm, say, and your boss worries you’re leaking sensitive emails from your smartphone, they could remotely wipe your data. MDM profiles can also force you to use a long password on your device, rather than a simple PIN, among other policies.
Until the iPhone debuted over a decade ago and brought smartphones to the masses, it was common practice for companies to issue a corporate BlackBerry or Palm Pilot, allowing their employees to check email on the go, and do more work.
When the iPhone arrived, employees suddenly wanted to use their slick, new phones at the office, not the chunky, work-provided one with the physical keyboard. They added their work emails to their smartphone if they could, or devised sneaky workarounds to gain access to it.
MDM functionality was around before this shift, but with the smartphone boom, it became a core part of IT policy. Companies were happy to let employees access their email on their own devices, which saved the cost of buying separate work phones and data plans, but it also meant that individuals who accepted the arrangement lost control over their sensitive data.
In many cases, MDM gives companies the ability to track your location and install a corporate VPN. This means they can route your traffic through a network the company owns — and if they own that network, the company can monitor traffic on it, providing a one-way mirror into your life, with no way to peer back.
Some third-party MDM tools relate all of this to worker productivity. Hexnode, for example, markets its tool by saying that “employee performance can be evaluated by monitoring the location report of these devices” and that “the duration of time spent on a particular location gives an overall idea about their performance.” Sound familiar?
Technically, iOS and Android don’t allow tracking location data without a user’s consent. But third-party solutions can circumvent this by forcing you to install an app that performs the tracking itself when you add a corporate email address to your device.
These tools often allow administrators to pry into how the phone is used as well, retrieving call logs, SMS history, and in the most extreme cases, full logs of web browsing. You might reasonably expect this kind of monitoring on a dedicated work device, but perhaps not on your personal phone. Once your work email and MDM is installed, however, the two are essentially the same thing.
Do you trust your admin?
A bad actor in the IT department could abuse their access to track employee location, or peer into the private lives of people without them ever knowing it is happening. There’s essentially no way for you to see who has access to your data, or whether or not it’s been viewed. Only the administrator has access to the logs that would show this, despite it being information about a device that you own.
Last year, the New York Times wrote about how the internet of things has enabled domestic abuse, and there are many parallels in how little consideration corporate IT tools give to the safety of users being subjected to their surveillance. You probably sort of understand that your boss can access your email — albeit only with genuine cause — but how about tracking your every move, on demand?
These tools blindly assume that the IT department and management are trustworthy and infallible, and they seem not to consider whether an abuser might have direct access to them, or how these tools may be used to harass someone within the company.
So, it’s a good idea to pause as you’re adding a work email to your device, and it prompts you for the installation of an MDM profile. How can you be sure there are proper controls in place to stop someone from exploiting access to your device?
On Android, there are tools that help prevent IT from reaching into your phone. If it’s allowed by your admin, you can create a separate “work” profile that contains sandboxed versions of your apps to avoid blurring the line between personal and work. The work profile can then be disabled on demand and flipped back on only when you need it, providing a level of control that iOS doesn’t yet allow.
For iOS users, if an app is required to be installed with your work email, flip off location access in the settings to cut it off from GPS, or consider adding a “restriction” via parental controls that doesn’t allow it to start in the first place.
Personally, I would prefer to keep work off of my personal phone altogether. The most powerful thing you can do to protect yourself in the first place might mean keeping your work email off your own phone and demanding a work-provided one. At least nowadays it won’t be a Palm Pilot.