Downsides to installing Intune on my personal Android phone?

Zarathustra[H]

Zarathustra[H]

Extremely [H]
Joined
Oct 29, 2000
Messages
38,858
Hey all,

Would appreciate your take on this.

My company is starting to require the installation of something called "Intune" on all devices used with company systems.

I'm trying to figure out if there are any downsides to this software, and if this is a good or a bad idea.

I have the option of getting a company iPhone and using that, but if I want to use my own device, I will be forced to install Intune.

I have no desire to carry more than one phone (besides, I refuse to use Apple devices), so for me the choice is to install intune, or to go without mobile access to my calendar and email.

Mobile calendar and email are a huge benefit to my daily work, but if there are any problems with this Intune software (privacy or control) I'd really just rather go without and take the productivity hit that implies.

So does anyone have any experience with this intune? The agreement is written in such vague terms that essentially it looks like I am giving them permission to spy on anything on my phone, remote wipe it if they so desire, and to encrypt my device (which I don't want, due to battery life, heat and performance concerns).

So is this actually the case?

I don't mind if they spy on my work email. They have access to that anyway, it's their system (and I only use it for work stuff) but if this Intune system allows them to look at my personal email accounts, social media or text messages, then it will not get installed on my phone under any circumstances.

Same thing with remote wipe. if they want to have the ability to remotely wipe my calendar and synced email, I have no problem with this at all, but wipe my entire phone, with my personal photos and other stuff on it? I can't allow that.

Also, why is this system even needed. When I connected to the Outlook server the first time, it forced me to use enhanced security settings, and made me consent to remotely deleting emails and calendar, etc. Why is there even a need for this additional garbage?

I appreciate any thoughts from anyone in the know.
 
Last edited:
Wow. I have been googling the hell out of Intune privacy concerns, and coming up blank.

Either Microsoft has done some SERIOUS search engine optimization to bury the hell out of any questions about privacy concerns with intune, or no one in the history of the internet has thought to ask these questions before...
 
Zarathustra[H];1041781460 said:
Hey all,

Would appreciate your take on this.

My company is starting to require the installation of something called "Intune" on all devices used with company systems.

I'm trying to figure out if there are any downsides to this software, and if this is a good or a bad idea.

I have the option of getting a company iPhone and using that, but if I want to use my own device, I will be forced to install Intune.

I have no desire to carry more than one phone (besides, I refuse to use Apple devices), so for me the choice is to install intune, or to go without mobile access to my calendar and email.

Mobile calendar and email are a huge benefit to my daily work, but if there are any problems with this Intune software (privacy or control) I'd really just rather go without and take the productivity hit that implies.

So does anyone have any experience with this intune? The agreement is written in such vague terms that essentially it looks like I am giving them permission to spy on anything on my phone, remote wipe it if they so desire, and to encrypt my device (which I don't want, due to battery life, heat and performance concerns).

So is this actually the case?

I don't mind if they spy on my work email. They have access to that anyway, it's their system (and I only use it for work stuff) but if this Intune system allows them to look at my personal email accounts, social media or text messages, then it will not get installed on my phone under any circumstances.

Same thing with remote wipe. if they want to have the ability to remotely wipe my calendar and synced email, I have no problem with this at all, but wipe my entire phone, with my personal photos and other stuff on it? I can't allow that.

Also, why is this system even needed. When I connected to the Outlook server the first time, it forced me to use enhanced security settings, and made me consent to remotely deleting emails and calendar, etc. Why is there even a need for this additional garbage?

I appreciate any thoughts from anyone in the know.
Click to expand...


I'm guessing it's Microsoft Intune?

If so I wouldn't let it touch my personal device simply because work doesn't need to have that type of access to my personal device.

https://www.microsoft.com/sam/en/us/intune.aspx
 
Okay, my tech folks just corrected me.

Intune is mostly just pushing group policy your device. It cannot spy on you. It can't even see your corporate email. However, that said, IT folks could read your corporate emails from Outlook Archive, Google Vault, etc.

Intune could ban you from adding personal mail, but it can't read your personal mail. Intune cannot see your texts, but it can disable texting. Intune cannot see your contacts, but it can set up a contact list. Intune also cannot see your call log, but it can set it to only people in your contact list, etc. Intune can disable your camera, copy & paste, etc. And Intune could install some applications to force you to use those applications to watch videos, etc.

Also they cannot see your social network, unless they are already following you or on your friends list, or if you post something global.

It's best to ask your IT department on what their policies are.
 
Last edited:
Vermillion said:
I'm guessing it's Microsoft Intune?

If so I wouldn't let it touch my personal device simply because work doesn't need to have that type of access to my personal device.

https://www.microsoft.com/sam/en/us/intune.aspx
Click to expand...

yeah, the details are limited on what it can and cant do, but I tend to agree with you.

I wonder if it is possible to create a small VM with android on it on my phone, and then register that with Intune, and only use the VM for company stuff.
 
Could have sworn I read about an Android VM host a while back, but can't find it now...
 
CHANG3D said:
I don't believe they could see your personal mails, social media (unless they are following you or on your friends list), or videos or photos.

Okay, my tech folks just corrected me.
Click to expand...

Corrrected you how?

And how would it know if a call were professional or personal?
 
Just updated my post.

Intune is mostly just pushing group policy your device. It cannot spy on you. It can't even see your corporate email. However, that said, IT folks could read your corporate emails from Outlook Archive, Google Vault, etc.

Intune could ban you from adding personal mail, but it can't read your personal mail. Intune cannot see your texts, but it can disable texting. Intune cannot see your contacts, but it can set up a contact list. Intune also cannot see your call log, but it can set it to only people in your contact list, etc. Intune can disable your camera, copy & paste, etc. And Intune could install some applications to force you to use those applications to watch videos, etc.

Also they cannot see your social network, unless IT/management are already following you or on your friends list, or if you post something global.

It's best to ask your HR/IT departments on what their policies are.
Click to expand...
 
Last edited:
I know this is an old thread but anybody else have thoughts on this? I'd rather not carry 2 phones (much less pay for a personal line). We don't use intune yet but it's coming.
 
Most of these types of apps include a remote kill switch in case the employee loses the phone. I've known people to get the kill switches triggered on them while they were travelling (once on purpose, once on accident) and it rendered their personal device bricked. I'll never put any of this device control shit on my personal device.
 
Yeah, this is a company paid line and if I want to get my work email even on a personally owned device, i would have to install on that. Probably just take the company iphone with this stuff and deal with it.
 
You must log in or register to reply here.
Back
Top