Part of my job includes mobile device management so I can explain.
There is a class of software that can be installed on phones that has the privilege of an administrator on the phone. This called Mobile Device Management software or MDM. This management software can disable certain features by policy, install, remove or block software, remote wipe, monitor and backup the device.
It’s most often used on company-owned devices. But people understandably don’t want to carry two phones.
So some companies like Apple allow employees to opt-in to using a personal device for work, with the trade-off that company has some management options on the phone to comply with their security and data privacy policies.
It sounds like in this case Apple offered employees to stay hands off their personal phones and connected accounts by using a second work-only phone. The employee opted-in to connecting their personal device to Apple and was then frustrated that Apple had more access to their device.
To answer the question directly: This mobile device management software isn’t running on most personal devices. See for yourself under Settings: Device Management. If the device is managed, you’ll see something there.
This is likely corporate-mandated MDM software on work phones, which is not native software on iphones. So no, this does not affect non-employees unless your phone also has some sort of MDM software installed on it.
Love that they included the doc in the article. Does this affect average users?
If Apple employees can be monitored, why would you think non-employees cannot?
Part of my job includes mobile device management so I can explain.
There is a class of software that can be installed on phones that has the privilege of an administrator on the phone. This called Mobile Device Management software or MDM. This management software can disable certain features by policy, install, remove or block software, remote wipe, monitor and backup the device.
It’s most often used on company-owned devices. But people understandably don’t want to carry two phones.
So some companies like Apple allow employees to opt-in to using a personal device for work, with the trade-off that company has some management options on the phone to comply with their security and data privacy policies.
It sounds like in this case Apple offered employees to stay hands off their personal phones and connected accounts by using a second work-only phone. The employee opted-in to connecting their personal device to Apple and was then frustrated that Apple had more access to their device.
To answer the question directly: This mobile device management software isn’t running on most personal devices. See for yourself under Settings: Device Management. If the device is managed, you’ll see something there.
I don’t understand why Apple doesn’t do what Android does and create a sandboxed work profile with MDM software.
I agree. Android a has sandboxed work profile that limits what the org has access to. The employee can also turn off all the work apps at once.
I see nothing better about Apple’s all-or-nothing access approach.
Maybe this lawsuit will nudge Apple towards the Work Profile approach of Android. Sounds like it could have addressed the employees concerns.
This is likely corporate-mandated MDM software on work phones, which is not native software on iphones. So no, this does not affect non-employees unless your phone also has some sort of MDM software installed on it.