iPhone-ists; profile help

I’m considering using my personal phone for work for many reasons.  In doing so, my employer will apply some MDM software that upon my exit will wipe company data from my phone.  On the plus side, they’ll pay all of my Bill.  This means I can carry one phone, I’m in control of the apps (our company phones are very locked down).

What I want to know is, how can I be sure that company texts, messages on WhatsApp etc can be deleted without impacting all of my stuff and that I don’t fall foul of HR when my friends send “funny” but maybe offensive gifs, pics, links to dodgy sites etc as is inevitable ?

Sounds to me that you need to have a second, work-dedicated, phone.

I’m not an MDM expert but it’s unlikely they can read your whatsapp and sms messages (but not impossible I guess). Be surprised also if they can delete your whatsapp messages, and very unlikely they can delete “just” company related ones. Would be surprised if Whatsapp an authorised comms channel for company business tbh.

Usually you get access to a sort of company app store where you can download MDM controlled apps. They’re the ones that your company has more control over.

Having said that, putting MDM on your personal phone is a matter of how much you trust your company and the way it is run. Also how likely you are to be called up on some sort of disciplinary.

Again, I am no kind of MDM expert.

does anyone at work ring you, do you want your mobile number on intranets / in colleagues reach

after having a workphone i used for personal for the last 16 years, i got my own phone this summer, its good to keep them seperate,

i only ever take out my workphone if i go out during the day.

Is it a full MDM or just apps that can be managed ( wiped etc ). I have Teams and Outlook on my personal phone as I didn’t want to carry 2 phones. The only thing that work have control over  on my phone are those 2 apps.

It helps that I manage the companies IT.

I use an older (went in the drawer) phone for work. It was worthless cos it had a cracked glass back. It has no SIM so it needs to be tethered or on WiFi but it was ‘free’ and avoids any of the hassle of MDM.

However what I think you’re describing is probably MAM and company will only see / control specific work apps like Outlook, Teams, Slack. There isn’t co-ownership of stuff like WhatsApp but you won’t be able to cut / paste between managed and unmanaged apps, and the managed apps may refuse to work if you don’t keep your phone updated, or turn off passcodes or biometrics etc.

https://simplemdm.com/blog/mdm-vs-mam/

I had a look at the internal policy and it’s exactly what scuttler described.   I want one phone to carry, and not to have to get another phone out when I want to look at Google maps or access my personal whatsapp.

I already have a work phone, with class, texts, Safari and MS Outlook – that’s it.

MDM doesn’t enable them to see your messages or App content unless the App or data is being hosted by them. E.g they are giving you access to Outlook on a server or 365 instance that they own.

It just lets them set security settings e.g what apps you can install, wifi settings, screen lock etc.

You can likely get a free demo of the software they use and see for yourself. Likely just Intune or Jamf.

There are always ways around this as an admin running VPN etc but that gives them browsing data rather than your WhatsApp, it’s not like Windows where the can Remote Desktop onto your screen and watch you in real-time.