2180
Work from home (lemmy.world)
submitted 2 weeks ago by The_Picard_Maneuver@lemmy.world to c/maliciouscompliance@lemmy.world
206 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[-] NegativeLookBehind@lemmy.world 120 points 2 weeks ago

I refuse to install any work related software on my phone. Not only because I don’t want to be contacted after hours, but companies often “require” full read/write access on your device, so they can remotely wipe their data if you quit or get fired.

Fuck that.

[-] Kit@lemmy.blahaj.zone 45 points 2 weeks ago

No modern MDM solution allows a company to access your personal data on BYOD. That's why containerization of work profiles exist. Anything else would be a massive privacy scandal.

Company-owned devices, though, do have that level of access when MDM enrolled.

[-] brax@sh.itjust.works 23 points 2 weeks ago

Intune installs as a device adminstration. I'm not sure how much I'd trust that on my personal device period.

[-] BarbecueCowboy@lemmy.world 14 points 2 weeks ago

That's a fair point. Microsoft says that they don't... but, not that they can't. It's especially tricky on iOS.

[-] corsicanguppy@lemmy.ca 5 points 1 week ago

They can say what they like.

VERY few companies have been sued for being as big a bunch of lying dinks as Microsoft has.

We need to learn from this shit. Ads on login screens? Privacy issues? Solarwinds sploit letting Russian hackers get to the windows source? How many more red flags are our security groups going to ignore?

[-] Kit@lemmy.blahaj.zone 1 points 2 weeks ago* (last edited 2 weeks ago)

You're talking about MDM in Intune which is only used on corporate owned devices. MAM is used for personal devices and does not have device administration access. It's in the name - Mobile Application Management.

https://learn.microsoft.com/en-us/mem/intune/fundamentals/intune-planning-guide#personal-devices-vs-organization-owned-devices

[-] tinkling4938@lemmynsfw.com 4 points 2 weeks ago

Good luck if you run a de-googled ROM. I can't install sandboxed Google Play Services inside the profile because its not approved. I could try and sideload it in, but I'd rather just go without.

[-] brax@sh.itjust.works 2 points 1 week ago

This implies that the company has a competent IT team that rolls it out correctly, and that there won't be some way to exploit it and dig in further than expected.

Also:

On personal devices, it's normal and expected for users to check email, join meetings, update files, and more. Many organizations allow personal devices to access organization resources.

(From the site)

Lmao WHAT? It's normal for users to do company shit on their personal phone? What kind of delusional Spongebob bullshit is that? Is the company gonna pay for data or subsidize the cost of my phone? Are they going to pay me to be on call if they expect me to of this shit outside of my working hours?

load more comments (6 replies)
load more comments (22 replies)
this post was submitted on 30 Jun 2024
2180 points (99.5% liked)

Malicious Compliance

18048 readers
2 users here now

People conforming to the letter, but not the spirit, of a request. For now, this includes text posts, images, videos and links. Please ensure that the “malicious compliance” aspect is apparent - if you’re making a text post, be sure to explain this part; if it’s an image/video/link, use the “Body” field to elaborate.

======

======

Also check out the following communities:

!fakehistoryporn@lemmy.world !unethicallifeprotips@lemmy.world

founded 1 year ago
MODERATORS
dystop@lemmy.world
Kaiser@lemmy.world
Imotali@lemmy.world
archonet@lemmy.world