A couple of weekends ago I took a rainy Saturday afternoon to figure out which of my Apple devices at home were synced up to my other Apple devices at home. Some of my devices are for work and some are for play (i.e. personal use). While far down on my to-do list, I got the renewed inspiration from a new coworker of mine who is in his mid 40’s, is not particularly tech savvy, but is paradoxically a savant at 3D model development which ultimately landed him sitting next to me. Upon completing orientation, he was issued a company iPad; standard practice for all new hires. To be helpful, IT had conveniently linked to his personal cell phone to his company iPad via his personal iTunes account. Ah, the wonders of the Steve Jobs ecosystem, right? Well, halfway into his first weekly pipeline/sale leads meeting I see his face go flush white, his eyes darting frantically across the 10” screen. Being the reverse-mentor that I am, I leaned over with intentions to lend a helpful hand only to find that his iPad lock screen in full tilt with a live stream of text notifications. He apparently had all of the notifications settings activated.
I made a concerted effort not to read the texts themselves, but based on his reaction my sense is that the messages weren’t exactly work-appropriate. Nor were they positive (I did see a knife and middle finger emoji in there – UhOh). He clicked the sleep button and immediately turned his iPad face down on the table hoping the room didn’t catch his heart skip a beat.
A couple of years ago I decided to drop the bat phone and combine all of my contacts, text messages, photos, etc. to a single iPhone; my work phone. I did this due to a scheduled upgrade to the iPhone 7, around the time that Apple simultaneously enacted a policy that displayed “This iPhone is supervised and managed by [Insert Company Name Here]”, followed by a link to learn more. Well, I thought it was time to learn more. It was time to learn just what usage and information that my company can track.
For those curious, more information on restrictions per iOS update can be found here:
Within the iPhone’s General Settings is a tab for Device Management, which gives a snapshot of the device’s management profile. I have updated to iOS 12.1.4, which in combination with my company’s MDM (Mobile Device Management) profile allows for the following:
- App Lock (Single App Mode)
- Global HTTP Proxy
- Activation Lock Bypass
- Autonomous Single App Mode
- Web Content Filter
- Set background & lock screen
- Silent App Push
- Always-On VPN
- Allow managed app installation exclusively
I, like some of you, do not know what a single one of the above controls actually means. Most seem to be related to data security on the device itself, so if lost or stolen it can be remotely locked, located, or in dire circumstances erased completely. But, I decided to dive a little deeper into the MDM Settings, most specifically a tag that I noticed was a part of almost every listed URL, “airwatchportals”. I’m not sure that are many more big brother-eque terms than “AirWatch”.
With the help of Google, I learned that AirWatch (http://www.air-watch.com) is actually a firm based out of Atlanta that specializes in scalable platform solutions for multiuser mobile device management. AirWatch not only provides security and privacy services for mobile devices, but can also provide platform level data sharing and storage services, along with automated Application management. I found the Workspace ONE productivity tracking capabilities to be both interesting and a bit invasive (I could not find evidence that Workspace ONE is activated on my cell phone). Nonetheless, it proves that behind the veil of device management are tools that extend the company’s reach well beyond data security.
To exacerbate the big brother issue, at least for me, was the fact that via my Apple Account (now installed on my company phone), my company was also linked to content on my personal Macbook, personal iPad, and personal iPod Touch. Yes, I still have an iPod Touch. Here is where the cool/creepy line got crossed for me. And, what drove me to spend the rest of that same rainy Saturday manually desyncing each of the aforementioned devices. While I understand that virtually all of my activity on my cell phone is fair game, I am definitely not comfortable with Daniel from IT knowing my Chrome search history. “Don’t worry, those are just videos of cats DJing, Daniel.”
With platform becoming more the norm, does data sync pose a risk for you? Certainly something to think about for those making the leap from college into corporate America. Read the fine print and, “If you have any questions, ask your Administrator.”
A topic for perhaps the next post – the future of company tracking for “wellness”: