Colleges and Universities cannot wipe or regulate your phone because of you receiving emails sent from them to your mobile device. It is a completely different situation and principle than in a employment situation.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
My employer can wipe my iPhone?
- Thread starter Corrode
- Start date
- Sort by reaction score
Colleges and Universities cannot wipe or regulate your phone because of you receiving emails sent from them to your mobile device. It is a completely different situation and principle than in a employment situation.
Recall the old saying about assuming?
Two words: due diligence. No one likes having to research and read up but it's each person's responsibility. Granted, the employer should be ensuring that employees are aware of their specific policies on this matter but each of us has to take the initiative to understand what we're getting into. We can't just expect to be spoon fed everything. If you aren't sure, don't know, aren't having any luck with searching, etc then ask.
That's a matter of opinion. It's a slippery slope IMO as iOS can't notify you of every potentially harmful eventuality for every action you take on your device. Where does the line get drawn and why do we use your placement of the line versus everyone else's?
IMO if it's important to you then you should be looking into it. I'm not just preaching here. That's precisely what I do. It's why I've never used company devices for personal use and person devices for company use.
Start up a business, allow your employees to have sensitive company data on their devices and then tell us it's crazy. You have to consider more than just your own perspective on the matter. Could there possibly be a less heavy handed approach? Sure but it is what it is.
Last edited:
Obviously, they shouldn't, but *can* they?
Exchange was before my time, so I never dealt with it in a University/College setting. I'm curious to know how academic institutions handle this.
Wrong. Yes you can. Exchange has full control over that iPhone and can and will wipe it. I am a Network admin as well and have had to do it MANY times to our employees phones already. It's security for the company and Exchange and the iPhone do not care about credentials.
----------
It's not about allowing, it's about security for the company. It's a requirement for HIPPA.
I'm not aware of Microsoft having made a special version of Exchange for universities that removes the capability of remote wiping student devices.
AFAIK, any university CAN wipe a students phone, but from googling around, most have a policy stating that they won't, unless contacted by a student (in the context of a lost phone). Also seems like most of the universities enable the remote wipe feature so the STUDENT can remote wipe their phone from the Exchange web interface, if it's lost.
Looks like at least one university had a separate policy for staff, where they would automatically wipe any device reported as lost.
Interesting info, thanks!
If you (or any other poster) could indulge my curiousity further, why do universities use Exchange on student devices? Is it just for email, or does it serve additional functions? If just for email, can you say, use IMAP instead?
HIPAA is more for securing patient information in a medical settings. It is a requirement to lock down devices that have access to medical and patient information. Other companies that don't deal with that sort of information aren't required to secure their data by any federal regulation such as HIPPA, they just do it out of self interest for how valuable their data is and how it would effect their image with the populace if there was a breach. Of course there are exceptions for companies that might deal with important US trade secrets or dealings... not sure of what regulation might be around for that.
How is it crazy? This is in place to protect the company and their sensitive information.
It's crazy that you think this is crazy.
"Additionally, there are issues with employees giving consent for these types of policies in the EU. Though not impossible, most EU Data Protection Authorities view consent in workplace as coerced, therefore, not freely given. (more on that in the Article 29 Working Party documents WP48, WP114, and WP187)"
http://blog.ericgoldman.org/archives/2011/11/employers_deman.htm
Last edited:
For US public companies, the Sarbanes-Oxley Act and the Gramm-Leach-Bliley Bill mandate strict controls over disclosure of financial information.
A lost device could put a company in violation of either, in terms of information being stored on the device (emails, txts, saved Office/PDF files, etc), or the device itself being used to reach back into the company to access the data.
There are a lot of US public companies!
I wouldn't be that sure. If it's my phone, my property, then stay away from it, no matter who you are, a boss or a god. Is it a company's property, even in this case I'm not sure a company should be given that level of breaching my privacy. Either way, it's a highly controversial matter, at least for me.
The second you agree to the terms of some Mobile Device Management policy and place your companies sensitive information on it things change. Don't like it? Don't put company information on your personal device. If your company pushes for you to do that, then you make them provide the device.
It's not a breach of privacy when you agree to it. You can't just have it your way, companies need a way to protect their data when it's on mobile devices.
Do you realize that your employer also has access to literally everything you do on their network?
Where are they breaching your privacy? They don't have the ability to remotely look at your phone, read your emails, peak at your pictures, or see what your high score on Angry Birds is, all they can do is wipe it all clean.
That's why I'm saying it's not all black and white, and that's why I've posted here this quote about the EU view of this issue: you're almost never free in these kind of situations:
"Additionally, there are issues with employees giving consent for these types of policies in the EU. Though not impossible, most EU Data Protection Authorities view consent in workplace as coerced, therefore, not freely given"
----------
It's sad to read something like that, sorry. They breaching my privacy by wiping off my phone. Even in the case it's my own phone. You find it ok. Extrapolate this on your own private Mac: what would you say if your boss could format the hdd on your personal comp?
People/Company's alike highly value their data.
It's sad to read someone can't understand this, and refrain from putting their employer's data on their personal handset when they can't abide by the wishes of the owner of the data.
And why would I connect my personal mac to my employers network?
If works needs me to have equipment to do my job then they provide it.
When they introduced the law about mobile phones and driving then work said that they would only be providing hands-free kits to people with car allowance or company car.
A colleague of mine asked what if the company wanted to get hold of me on the way to a customer whilst driving to say the customer has cancelled.
I said pull over before you get to the customer site and phone the office. If it becomes an issue for work then they will soon buy the car kit for you.
Just don't connect your personal kit to work systems and then work can never do anything with your personal items.
I consider individual freedom higher and more valuable than the corporate ones. That's my point.
Man, I didn't want to offend you in any way. Once again sorry if it sounded offending. It's just my viewpoint. I will never, never in my life put rights of any possible boss / company higher than these of mine -- and broadly -- of these of any individual. We're giving our rights away all too easy, I think.
And why does an employee use his/her personal phone on the employers network? I don't know, I'm my own boss.
Last edited:
You don't lose any rights to do what you want with your personal device, if you don't put someone else's data on it while agreeing to their terms.
