I’m non-techy. I work for a public school district and visit with kids in about a dozen schools. I like having my work email on my phone so teachers can get in touch if they need me. For years we’ve just used the outlook app with no real issues that I’ve noticed. We’re seeing more and more micromanagement and it sucks. We recently got notice that we have to install Cisco Duo on our phones if we want to have our email on it. Should i do that? Or just say no and be ok with being out of contact?

  • cm0002@lemmy.world
    link
    fedilink
    arrow-up
    14
    ·
    edit-2
    2 months ago

    I work in IT and have implemented quite a few MDM systems. For Android, a work profile will be entirely isolated personal data wise. IT can’t see anything beyond the work walls, however, there are a few shared things.

    If work enforces a tougher screen lock setting, it’ll take precedence over your regular lock screen setting. You might also have a few other things change while it’s active, like display time out (if work has a shorter setting).

    We can also see certain shared info like device serial number, IMEI number, OS version, security update version etc. Depending on the configuration, GPS/location info can be obtained as well (via an force-installed policy app for example)

    You can pause the profile at anytime which suspends ALL work profile app activity (So if there was an app they install that they could get GPS info from, that app would no longer be functional until unpaused again (no it can’t “run in the background” and collect info on the background either, it’s wholly suspended)) and the pause feature can be set on a schedule so if you have a 9-5 you can set it to that and avoid the whole “always available” problem.

    • MattMatt@lemmy.world
      link
      fedilink
      English
      arrow-up
      5
      ·
      2 months ago

      I wish work profiles were more separate. My company’s work profile ended up locking me out of my phone (including the personal profile) and forced me to wipe and start over with it. They disabled fingerprint unlock and required my unlock password to change monthly, and I got the periodic “you have to change your password NOW” notice while plugged into my car with Android Auto. I couldn’t enter a new password and the phone never unlocked again.

      I know, probably a super rare set of circumstances, but I’m not going to allow my work to root my phone again. They can buy me a phone if they need so much control.

      • Maestro@fedia.io
        link
        fedilink
        arrow-up
        6
        ·
        2 months ago

        Periodically rotating passwords is against NIST policy. Ask IT why the insist on using it when everyone, even the government, says it’s insecure