I just received a new iPhone from my employer. The company lets us use the phone as our personal phone, so many people do so and save hundreds of dollars a year.
However, I noticed on the new phone that it will automatically connect to the company’s corporate VPN at all times. If I go in to Settings to disconnect the VPN, after less than a second it reconnects again. This allows the phone to access the corporate intranet, and for me to access company email, just as if I were sitting at my laptop.
I’m not doing anything unethical on my cell phone. However, I want to have an idea of what my employer will see passing through its server in New York City before I truly use it as my personal cell phone. Can my employer see that I played Clash of Clans for an hour over the weekend, that I check Reddit 8 times a day, and that I spent time on Tinder last night? Can it see the camera roll photos that are being backed up to iCloud?
You’re securely connected to your companies network, that’s as private as it gets. You on the other hand have zero privacy from your company. They have MDM software installed which basically allows them to see and know everything you do on that device.
It’s actually reducing your privacy just carrying that phone around and using it as a personal device.
People need to stop thinking VPN means “privacy” because it doesn’t. You’re just connecting directly to remote network securely. You aren’t hiding anything from the eyes at the end of the tunnel.
Also keep in mind if there was ever any kind of investigation, internal or external, that included you, you may be required to turn in any company devices to the investigators. Do you want that device to have all of your personal information and lose access to your personal device for the duration of the investigation?
It’s likely they’ve got split-tunnelling, so not all your traffic would be going through the VPN.
The easiest way to check is to connect to your home WiFi on multiple devices and Google for “my ip.” If the IP address is the same for both then not all your traffic is going through your work VPN and there’s nothing to worry about. It’s highly unlikely that they’d be forcing all your data to go through their networks, that could reduce the speed of your phone’s network connection significantly.
That being said, treat it as you would a work device if at all possible and don’t do things on it that you wouldn’t do with any other company device.
Don’t do anything on a computer device that you don’t want the ENTIRE company to know about. Yes they can see you going go reddit or anything else. (Again, NO different from what your ISP does)
VPNs are not and has never been about personal privacy. It’s about creating a Virtual Private Network over an insecure network. What exits on the remote end of the VPN server is unencrypted network packets.
Consider it more like a virtual network cable you plug into the network of the remote VPN server.
Anyone who knows how the device works can see and control anything on the phone. Hackers and governments can use your camera and microphone whenever they want, even if you think the device is powered off. They have more access to your phone than you do.
If you are doing something you wouldn’t want people to know about, then I would suggest you find out what Snowden does. Otherwise it’s like having the Thought Police living with you at all times.
Thanks! I’d say that 50% of my co-workers cancelled their personal phone service and exclusively use a company phone. Someone told me that he saved thousands of dollars already in not having to buy new phones and plans… which is why this was so tempting. But you’re right — they are paying the bill and when I log onto our expense portal, it lists every single call and SMS (incoming and out) on my account.
I think most people are not that savvy about privacy and didn’t know about the VPN thing… and I’m going to spread the word.
Thanks. I checked the IP address, and it looks up as our corporate headquarters out of New York City (halfway across the country). Another time, I saw an ad for services in Silicon Valley, and checked the IP again and it was also our company name out in the California Bay Area. So at least the browser is definitely being tunneled through.
Some phone carriers offer free or discounted upgrades (Sprint used to do this. You get a certain amount of credit towards a phone upgrade every 2 years. I’m not sure about other carriers, though). So, unless you absolutely have to get the latest iPhone model the moment they come out, there are other ways of saving money that doesn’t involve giving up your privacy. And if you use Android, it’ll probably be even cheaper (or cheaper than iPhone, at least).
I’d say, having privacy is worth spending extra money paying for your own phone. Besides, what are you going to do if you lose your job? You’ll have to give up your phone and your phone number.