@Dashrender said in Remote management of employees personal cell phones ...:

@flaxking said in Remote management of employees personal cell phones ...:

@IRJ said in Remote management of employees personal cell phones ...:

@flaxking said in Remote management of employees personal cell phones ...:

@IRJ said in Remote management of employees personal cell phones ...:

@flaxking said in Remote management of employees personal cell phones ...:

@IRJ said in Remote management of employees personal cell phones ...:

@flaxking said in Remote management of employees personal cell phones ...:

@IRJ said in Remote management of employees personal cell phones ...:

You can certainly do this with Intune and office 365. Basically you'd be able to wipe all corporate data as long as it's kept in office 365.

With Office 365 MDM, you can't disable the ability to do a full remote wipe. You do have more control over that with GSuite. Does Intune give you more control?

I'm pretty sure you can do what I described, but I'm not 100% sure.

https://support.office.com/en-us/article/Choose-between-MDM-for-Office-365-and-Microsoft-Intune-c93d9ab9-efb2-4349-9b93-30c30562ee22

It's not a question of what you can do, it's a question of what can the IT department be prevented from doing. The difference between wiping company data and wiping the whole phone just being different buttons does not reassure me.

This is how you do it - from MS link I posted earlier

"Enable your users to more securely access corporate information using the Office mobile and line-of business apps they know, while ensuring security of data by helping to restrict actions like copy, cut, paste, and save as, to only those apps managed by Intune."

If you restrict actions like copy, cut, paste, saving, screenshots, etc then you keep the data inside Office Mobile. Then you just remove the Office Mobile app remotely.

Are you able to enable remote removal of the app with just this feature?

You actually dont even have to do that. If they cannot login they cannot get to any of the data.

Assuming an encrypted cache, this sounds like a viable option. We have 100 Intune licences, so I can insist on being one of the users managed by Intune rather than Office365 MDM. But based on my recent experiences, I'm not too keen to have email or Teams on my phone.

what experience is that?

Nothing to do with the application, just to do with being always working. I did a 108 hour week followed by a 90 hour, followed by a 70 hour. I've now removed all work communication from my phone in order to try to get some peace when I can.

@dashrender said in PORT - Rant about unsupported OS connecting to company VPN:

@dustinb3403 said in PORT - Rant about unsupported OS connecting to company VPN:

Why did it take 30+ calls to find out that the doctors personal equipment is running Ubuntu?

It took 30 calls and a 6 hour round trip to discover it was running Ubuntu - because their remote access solution wouldn't work either - likely because local kid didn't want them to know it Ubuntu - he was likely saying - aww, those idiots at the hospital, they don't know anything, Ubuntu will run anything.. LOL

Even if the application that the hospital is using, was built for Windows 2000, has no bearing on the matter of the VPN dropping the client.

Why the vpn server didn't have logging to say it was dropped because it was a blacklisted OS or anything else is the part that is insane. Even Cisco has this functionality. . (lol.. . )

@scottalanmiller said:

And would a campus agreement cover them after they leave school?

Don't know, I don't work there.
I'm not defending either party. I do think one party has shot themselves in the foot while the other has shot their mouth off.