A lot of us have work provided phones, and throughout the years (and at different companies) the topic of what you're divulging to your employers on the work phone usually comes up.

My understanding is, unless they have tracking software installed on the phone, they can only get basic info off of the phone... like the location, name of apps installed, battery level, emails that go through the corp email server (of course), and call log (through the phone company). If you have a work iPhone, I believe iMessenger can't be recorded w/o tracking software installed on the phone.

Just curious what people's experiences has been.

the best a company can see on your phone without any software is the call log and sms log (not the actual messages), and only after the bill for that month is ready.

Once they install software, the can track everything. Set permissions on who you can and can't call, sms, what programs you can download, emails, the whole works. They can even disable certain features of a phone like the camera.

Mobile isn't my area of expertise, but for a medium-sized company I've consulted for, they can see absolutely everything. Call history, messages, location, location history, app usage, even force the web traffic through a proxy with SSL interception, decryption, and certificate replacement and see even things you thought were encrypted. Software can be installed that you can't see. It all depends how seriously your company takes security. There are really freaky tools readily available that can activate the cameras and microphone without alerting the end user, but fortunately those are not in use at the company I'm speaking of.

Basically, if the company manages it, the sky is the limit. Even the common MDM platforms have pretty good out-of-the-box toolsets nowadays. The common sense answer is "Don't do anything on a company asset that you can't defend to your boss, and his boss, and his boss."

It entirely depends on what they install and what they choose to manage. We just shifted to Comp Portal and it explicitly says in the setup that they cannot read your browsing history or text messages. However they can see what apps you have installed and remotely install or remove apps.

When they first installed MDM on our phones I asked our IT department if this means they would see all my dick pics because it took a long time for me to take all of them and it would be a shame if I had to do it from scratch again. Thankfully they said they had no access to my pictures.

Originally posted by schurchill39
When they first installed MDM on our phones I asked our IT department if this means they would see all my dick pics because it took a long time for me to take all of them and it would be a shame if I had to do it from scratch again. Thankfully they said they had no access to my pictures.

This is how I approach all corporate bullshit as well. :thumbsup:

They shouldn't be able to see WhatsApp chats via company WiFi because of end-to-end encryption, but they can see anything you browse online, calls, and SMS texts. Our internet filters trickle down to the phones as well when on company WiFi (i.e. no games, weapons, etc. related websites) so make sure to swap back over to LTE before googling those sex dungeons.

My last company I worked for gave no fucks about how their phones were used, as long as the RCMP/CPS never showed up of course. One phone I got for field use had imagefap.com as a bookmark .... nice

But some places I know, monitor every fucking thing - in fact one small financial services company (<10 people) on the West Coast had a contractor put in to literally watch one (former) associates phone almost 24/7.

There was some shady shit going on with the company and the owners were worried this guy would spill the beans and thus were monitoring every email, phone call and sms from this associate.

Originally posted by Mitsu3000gt
They shouldn't be able to see WhatsApp chats via company WiFi because of end-to-end encryption,

P2P encryption does not matter if the phone has been setup to monitor everything it does.

Originally posted by revelations


P2P encryption does not matter if the phone has been setup to monitor everything it does.

Interesting - so it would be a key logger then or something?

Good thing I have 2 phones to keep work/personal phones separate :rofl:

Any employer I have ever had never had anything on our phones. All they've ever done is a was filled in the exchange credentials and took care of billing lmao.

I would watch what you do on the company wifi though.

Just depends on what kind of shop they run end of day. For example do they encourage running to hr when your feelings are hurt? If so maybe watch what you do on your phone lol.

Edit: was just chatting with our it guy, got the confirmation that there is 0 monitoring of our phones aside from the standard fact that our emails run through the exchange server and could be monitored. Again just make sure you don't do something illegal lol. Lucky us I guess.

https://support.apple.com/en-ca/HT202837 For how the actual apple phone supervision tools work.

Originally posted by revelations


P2P encryption does not matter if the phone has been setup to monitor everything it does.

Exactly. If I screenscrape / keylog, I don't care what program you use, what encryption, etc. Even applications I've never heard of are covered. At a specific company I can think of, this process is done regularly, but only as a response to a concern, not as a global practice for everyone.

Originally posted by pheoxs
It entirely depends on what they install and what they choose to manage. We just shifted to Comp Portal and it explicitly says in the setup that they cannot read your browsing history or text messages. However they can see what apps you have installed and remotely install or remove apps.

CPC? :thumbsup:

Originally posted by Mitsu3000gt


Interesting - so it would be a key logger then or something?

Good thing I have 2 phones to keep work/personal phones separate :rofl:

I always prefer to have two phones. That way I don't feel connected to work all the time too. That way I go home, work phone goes in the drawer and doesn't come out til the morning.

But if I was up to some shit, I'd just get a burner. :D

What's the point of having a work phone if you don't answer it when you aren't at work?

Has anyone just considered not accepting a work phone if you don't need one?

Here I always thought my work phone was for more than just playing clash of clans in meetings.

Originally posted by killramos
What's the point of having a work phone if you don't answer it when you aren't at work?

Has anyone just considered not accepting a work phone if you don't need one?

Here I always thought my work phone was for more than just playing clash of clans in meetings.
Some of us don't sit in an office all day, always reachable by land line

Originally posted by sexualbanana


I always prefer to have two phones. That way I don't feel connected to work all the time too. That way I go home, work phone goes in the drawer and doesn't come out til the morning.

But if I was up to some shit, I'd just get a burner. :D

This, I would prefer if I didn't have a work phone or laptop but because I am technically a "mobile" employee it is required hardware. I have a clear understanding with my manager and director that outside of work hours, I'm not reachable.

My company calls me if I go over 120gb in a month but engineering uses over 200+ so im not concerned.

I would only get in shit if they had reason to believe I was doing something illegal or shady with the company.