Hacker News new | past | comments | ask | show | jobs | submit login

I've had InTune and also some VMWare device management installed on my device in the past, and during installation you do get a warning that your admins will be able to delete everything on your device.

It kind of makes sense for them to do that if your device is stolen, but I still just don't like handing over control of my device like that.

They typically also enforce other annoying policies, such as not allowing rooted devices, not allowing swipe patterns and requiring a PIN/password. The VMWare one even required that all browsing went through their shitty browser app (and presumably they got all my history).

Again, some of this makes sense from an enterprise point of view, but as a user it's annoying and feels invasive.

Oh, it definitely feels annoying and invasive. Without sandboxing, the options are invasive MDM (because that's the only kind possible) and no MDM at all.

I once watched an employer go from unwilling to adopt MDM to requiring it for accessing substantive systems on personal devices. The CEO lost his phone, and suddenly appreciated what MDM was good for.

Users were given a choice: MDM, sandboxed if they had a device with modern technology, or no significant access on personal devices. A lot of users had phones that didn't offer sandboxing, so myself and several others found ourselves explaining quite often that there literally was no option available where remote wipe wasn't possible. If they didn't like that, well, they didn't actually need access from their phones, so...

Anyway. I'm quite glad Apple is starting to actually catch up a bit.

Registration is open for Startup School 2019. Classes start July 22nd.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact