My company just started requiring Microsoft Intune Company Portal app to use Teams and Outlook. From a friend in IT infosec at another company said the app can push apps, require certain settings, password requirements, or OSs, and can see a lot of stuff on your phone. I don’t think this level of intrusion into my personal phone is warranted or ethical. Be warned. I’m just going to uninstall and suffer the internal political consequences.
It depends on the registration profile they require. If they have you register it as a company owned phone vs a BYOD device.
BYOD registration creates a separate partition on your phones hard drive for the apps installed via the company portal. They cannot see all apps on the device, or any web traffic, sms, phone calls etc. they cannot lock the device or wipe the device in its entirety, only the apps on the company partition.
So in short, it depends on how the IT / Security department setup the device registration, and the registration process will notify you of the access level and allow you to accept / deny.
The issue is they just triggered it without communication. That’s a breach of respect.
Depending on the industry / region in which you work, they will have regulatory obligations to protect sensitive data such as PII and PHI. From a business perspective they are trying to remove liability and decrease of obvious attack vectors they have limited control over. From an individual perspective, they are implementing controls that protect the privacy rights of their customers. As a security professional, it’s good to see. Personally I would always prefer to keep work and personal items separate to reduce the chance that I’m the cause of a breach.
They can send emails to their coworkers to communicate. They don’t. I understand there might be reasons they rolled it out.
happy cake day!