Hey everyone, so I just jumped through a million hoops to get my iPhone setup to receive my companies emails so that I have full access to it on my iPhone.
This entailed me setting up a trusted certificate for a VPN and using an app called comp portal, and also outlook to view my email.
Can anyone tell me if by doing this did I just give my companies IT department full access to all of the information on my phone?
Or is it only using the VPN and certificate when I am logging into Outlook?
I am concerned that they will now be able to monitor all of my activity on the phone, and see all of my personal data since I became a trusted device in their system.
I hope this is not the case, but I figured I would ask around here and see if anyone has any feedback about it. If they do have access to my personal stuff besides just being approved and using a VPN for my Outlook email, then I will be uninstalling everything ASAP.
Thanks for any help that can be provided!
If you got company portal you’re enrolled. They have access. Source: I’m an it admin giving iphones to my users on a weekly basis
The approach you used to unenroll (“Remove Management”) is fine if you’re comfortable just checking company email on your company laptop.
But the info you were given is wrong. Being enrolled does NOT give your company full access to your iPhone. Due to the way iOS compartmentalizes things in secure silos. MDM (Mobile Device Management) does NOT have access to things like Messages, Photos, personal email etc. You’re personal data and iCloud are all encrypted.
Source,… I’ve done MDM (VMware Airwatch now called Workspace One) for roughly 10 years.
It also sounds like your company IT are morons. You do not need company portal to access email within Outlook. Sounds like they treated your personal device like a company device. Luckily Apple cares about your privacy more than Android. They will have limited access, but more than they need. Your IT needs to look into MAM for unenrolled devices, but it does not sound like they are setup for it.
It is my personal iPhone and yes I used comp portal app to get access to outlook. So you’d recommend I delete everything? Because I am not comfortable with them having access to everything on my personal device just so I can see an outlook email. Thanks!
They are not morons. They could’ve used the prevent launch options or access from managed devices. We do not know the sector op works in
Yeah if you tell enrolled. I have the same problem I got shit I don’t want to share with my team either. Thats why I carry 2 phones.
Look to delete it follow this
On the iOS device, go to Settings > General > Profiles & Device Management (for iOS 16 go to Settings > General > VPN & Device Management)
Select your mobile device management profile.
Click Remove Management or Remove Profile.
Authorize the removal.
Would I simply go to remove management on my iPhone to get rid of the certificates, and delete my comp portal and outlook app? Or is there still a way they’d have access to my personal phone now that I enrolled it?
True, I rescind my moron bit. If they allowed it at all, then they are not sector which prohibits it. Even GCC High allow you to setup Outlook in restricted ways. I’m in GCC, but we do not allow it for political reasons. What I should has said, them still using a MDM to manage personal devices may be because they are not comfortable with new methods.
I just took care of it, thank you very much, guess I’ll be accessing email through my work laptop only now lol