1831

Not allowed to work from home (sh.itjust.works)

submitted 2 days ago by sjmarf@sh.itjust.works to c/maliciouscompliance@lemmy.world

226 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[-] TexasDrunk@lemmy.world 22 points 2 days ago

I really don't mind these days as long as they have a MDM so I can have it on a separate profile, but without that I'm totally with you.

[-] 200ok@lemmy.world 9 points 2 days ago

What's MDM?

[-] Knoxvomica@lemmy.ca 14 points 2 days ago

Mobile device management. Basically software to manage mobile devices owned by a company.

[-] TexasDrunk@lemmy.world 6 points 2 days ago

Or work profiles on BYODs

[-] 200ok@lemmy.world 3 points 2 days ago

Thank you

[-] 200ok@lemmy.world 2 points 2 days ago

Thank you

[-] Rekorse@sh.itjust.works 3 points 1 day ago

How does the separate profile keep the company from factory resetting the whole device?

[-] TexasDrunk@lemmy.world 11 points 1 day ago* (last edited 1 day ago)

Because they can only see, install, or wipe things inside the work profile. It's all sandboxed.

Quick edit: This is for Android. I have no idea about iPhones.

[-] Rekorse@sh.itjust.works 3 points 1 day ago

I don't believe iPhone allows this, or at least the customers at my work don't enable it for iOS.

I hadn't had to set it up myself though so I wasnt sure. I would rather avoid the MDM altogether if possible.

[-] TexasDrunk@lemmy.world 3 points 1 day ago

I get it, and I don't blame anyone for that choice. I made mine based on utility, convenience, and knowledge of the tool for me. I don't care how convenient it makes things for work. They'll give me a phone if it's that convenient for them. But I'm not qualified to make that decision for anyone else.

[-] TexasDrunk@lemmy.world 1 points 1 day ago

I shot a message to a colleague who is still in IT (I'm into other shit these days) and he says you're correct. IOS doesn't allow for this. The IT department running Mobile Device Management would have to set up Mobile App Management (MAM) on their side. So it's possible that they only get access to those apps without giving them access to the whole device but a lot of lazy departments won't do it.

[-] Rekorse@sh.itjust.works 1 points 21 hours ago

Well that explains why one of the other teams clients revolted against intune and switched to just using MFA for o365.

Its funny, they are so jaded by the MDM they keep grilling people about the MFA and if it gives access to their phones, etc.

I also think some people are starting to catch on to Microsoft's apps collecting too much data, including MFA. Theres a big banner when you first set it up asking for permission.

this post was submitted on 23 Oct 2024

1831 points (98.6% liked)

Malicious Compliance

20 readers

1045 users here now

People conforming to the letter, but not the spirit, of a request. For now, this includes text posts, images, videos and links. Please ensure that the “malicious compliance” aspect is apparent - if you’re making a text post, be sure to explain this part; if it’s an image/video/link, use the “Body” field to elaborate.

======

We ENCOURAGE posts about events that happened to you, or someone you know.
We ACCEPT (for now) reposts of good malicious compliance stories (from other platforms) which did not happen to you or someone you knew. Please use a [REPOST] tag in such situations.
We DO NOT ALLOW fiction, or posts that break site-wide rules.

======

Also check out the following communities:

!fakehistoryporn@lemmy.world !unethicallifeprotips@lemmy.world

founded 1 year ago

MODERATORS