If your company provides you with a device to use for work, then you need to assume they can see anything you do on it, regardless of who makes it. It belongs to the company, not you.
That’s a good rule of thumb, but as a direct point of comparison, it’s not that bad with iPhones. Apple’s MDM protocol is very particular about what admins are allowed to control even on company-owned devices. For example, admins can’t see the Apple ID used on the phone and can’t grant apps screen sharing permission without user approval.
Android is the same way with MDM managed profiles. Nothing in the personal profile can be seen by MDM. It goes as far as making you install apps twice, if you use them in both profiles. Even the clipboard can’t be used to copy from one profile to the other, and screenshotting the MDM profile is typically disabled.
Nothing about this is news to people who actually manage and use MDM, or unique to Android.
If your company provides you with a device to use for work, then you need to assume they can see anything you do on it, regardless of who makes it. It belongs to the company, not you.
That’s a good rule of thumb, but as a direct point of comparison, it’s not that bad with iPhones. Apple’s MDM protocol is very particular about what admins are allowed to control even on company-owned devices. For example, admins can’t see the Apple ID used on the phone and can’t grant apps screen sharing permission without user approval.
And we certainly can’t access iMessage.
Android is the same way with MDM managed profiles. Nothing in the personal profile can be seen by MDM. It goes as far as making you install apps twice, if you use them in both profiles. Even the clipboard can’t be used to copy from one profile to the other, and screenshotting the MDM profile is typically disabled.
Nothing about this is news to people who actually manage and use MDM, or unique to Android.
well as long as it’s not my employer that can see it, and it’s just the government, I guess it’s okay