Friday, July 17, 2015

How IT Can Spy on Your Smartphone

So what can your employer see about you on your smartphone if you let IT manage that device through an MDM tool?

On an iPhone or iPad, Apple's iOS restricts IT's visibility, so your private data stays iOS IT can see only your full list of apps. If you give IT permission, it can see your location. Respondents' other sensitive areas are shielded: personal email, personal contacts, texts, voicemails, phone and Internet usage details, and data stored in apps.

IT can see anything in your corporate email, contacts, and calendar since it manages those servers, and it can see your Web activities conducted on its network since it can snoop that traffic.

...IT can see what apps you have installed (not only those deployed by IT), your battery level, your storage capacity and amount used, your phone number and its hardware ID (called an IMEI), your carrier and country, and your device's model and OS version. Plus, if you give IT permission to do so, it can track your location (iOS forces apps and websites to ask for your permission first, so they can't do it secretly).

Android shields almost as much as iOS does, but IT can change that... The default situation for Android users is slightly less private than for iOS users. The big difference involves location information access. iOS asks you when an app first requests access, and it lets you revoke the access at any time in the Settings app. Android asks when you install an app and does not let you revoke the permissions later; however, the forthcoming Android M changes that, working like iOS. more

What you want kept private, and where mobile devices oblige...

Device information All adults' discomfort in IT seeing Young adults' discomfort in IT seeing iOS shields from IT Android shields from IT
Personal email 78% 66% Yes Yes
Personal contacts 75% 63% Yes Yes
Texts and instant messages 74% 62% Yes Yes [2]
Voicemails 71% 63% Yes Yes [2]
Phone and Internet usage details 69% 59% Yes Yes 
Information stored in mobile apps 71% 60% Yes [1] Yes [1]
List of all installed apps 67% 57% No No
Location 66% 57% User decides User decides [3]
Source: MobileIron
[1] Except data sent to corporate servers from apps
[2] Apps can access this data, so IT could monitor it if desired through an app
[3] At install only in Android 4 and earlier