Remote management of employees personal cell phones ...
-
@Dashrender said in Remote management of employees personal cell phones ...:
What MDM are you using?
We "own" workspace one/AirWatch.
-
@Dashrender said in Remote management of employees personal cell phones ...:
Huh - I can't say i agree with you at all. Why do you need access to non company servers over SSH?
In any regulated industry preventing the efiltration of data is a hard requirement. allowing outbound SSH would make it trivial for people to sneak data out (or bad stuff in).
-
@Dashrender said in Remote management of employees personal cell phones ...:
@flaxking said in Remote management of employees personal cell phones ...:
@IRJ said in Remote management of employees personal cell phones ...:
@flaxking said in Remote management of employees personal cell phones ...:
@IRJ said in Remote management of employees personal cell phones ...:
@flaxking said in Remote management of employees personal cell phones ...:
@IRJ said in Remote management of employees personal cell phones ...:
@flaxking said in Remote management of employees personal cell phones ...:
@IRJ said in Remote management of employees personal cell phones ...:
You can certainly do this with Intune and office 365. Basically you'd be able to wipe all corporate data as long as it's kept in office 365.
With Office 365 MDM, you can't disable the ability to do a full remote wipe. You do have more control over that with GSuite. Does Intune give you more control?
I'm pretty sure you can do what I described, but I'm not 100% sure.
It's not a question of what you can do, it's a question of what can the IT department be prevented from doing. The difference between wiping company data and wiping the whole phone just being different buttons does not reassure me.
This is how you do it - from MS link I posted earlier
"Enable your users to more securely access corporate information using the Office mobile and line-of business apps they know, while ensuring security of data by helping to restrict actions like copy, cut, paste, and save as, to only those apps managed by Intune."
If you restrict actions like copy, cut, paste, saving, screenshots, etc then you keep the data inside Office Mobile. Then you just remove the Office Mobile app remotely.
Are you able to enable remote removal of the app with just this feature?
You actually dont even have to do that. If they cannot login they cannot get to any of the data.
Assuming an encrypted cache, this sounds like a viable option. We have 100 Intune licences, so I can insist on being one of the users managed by Intune rather than Office365 MDM. But based on my recent experiences, I'm not too keen to have email or Teams on my phone.
what experience is that?
Nothing to do with the application, just to do with being always working. I did a 108 hour week followed by a 90 hour, followed by a 70 hour. I've now removed all work communication from my phone in order to try to get some peace when I can.