My office has a pretty strict policy regarding using the internet for non-work purposes, and makes no secret that our IT department regularly monitors which websites staff are visiting. So I was wondering whether this applies to any surfing I do on my iPhone. I assume that if I am connecting through my office’s wifi that is the same as surfing through my desktop work station. But what about if I disable wifi and surf through the regular 3G network. They can’t track that can they?
They can’t track your 3G usage (I mean, it’s probably not absolutely technically impossible, but they won’t be doing that).
They can fairly easily track what you’re doing on their WiFi though - but are you sure that’s what your smartphone is using? You may have WiFi switched on, but unless you’ve explicitly connected to their network (and entered a passphrase or some such), your phone probably is not using it.
What about if the smartphone belongs to Orville mogul’s employer? It’s hard to imagine there’s not some way or another for a curious employer to monitor 3G traffic on their own plans.
Yes, I have set up my phone to use the office wifi, password and all.
Basically, I figured I could use my lunch break to pay my bills etc online and thought I would be all clever and do it with my iphone. But it’s not so clever if it is still through the office wifi :smack:
But crisis averted. Anyway, it’s good to know that 3G should be safe.
Unless the phone is actually issued by your employer, or you are using their network, unauthorized access to your phone would be a felony under the federal Computer Fraud & Abuse Act or your state’s equivalent (and under the federal act you would have grounds for a civil suit).
In order to access my companies email on my my privately owned smartphone I was required to give my companies IT department administration rights to my cell phone. This meant that they I had to password protect the phone and allow them the ability to wipe out the phones data if the phone got stolen (or if I left the company in a bad way).
I imagine most corporations make similar demands before allowing access to systems, possibly even if it is just casual use of their wi-fi connection. If there is a terms of use statement before you are allowed to log in I'll just bet that there is a clause in there that states you can be monitored, even if it is a blind threat and they don't have the technology or personnel to do so.
Most sites use SSL encryption (the little padlock icon) for financial transactions. Regardless of whether you use a desktop or a phone, if you see an unbroken padlock in the browser, it means that your employer can’t see what you do on those sites. (they may, however, be able to see that you’ve visited those sites which might be enough to get you in trouble).
True. I was referring solely to his use of a cellular network while at the employer’s premises.
I was checking my bank balance! I have a savings account at Back Door Sluts. com!
IT guy here, with a similar policy. I can force you to lock your phone, I can remove your access to company email, and I can wipe it remotely if it gets lost. That’s the extent of my powers. I cannot read your email (well, ok, I can, but through other means, and only your work email), see your text or photos, or monitor your phone’s web browser if you’re on 3G and not our wifi.
When you make a deposit, do you lose interest?
To access corporate email on your phone is vastly different from casual wifi connectivity imho.
Anyway, I’ve personally never experienced such agreements but I work in advertising, not a field like finance where I would expect such things to be enforced.
Your employer could easily (and legally) install a security camera in your office/cubicle and see what you’re doing on your phone.
Doesn’t this require a separate app being installed on the phone?
I rooted my android phone and even I wouldn’t be able to take control of it remotely without a hosting app to give me access - at least AFAIK.
So if control of the phone requires such an app, it should be a simple matter to sandbox it so that it has no idea that it is actually isolated and has none of the control that it thinks it has.
This is part of the Exchange ActiveSync protocol built into the OS of the iPhone.
Ah. Apologies. I glossed over the ‘iphone’ part in the OP and even if I hadn’t, I keep forgetting how different the 2 environments are.
Exchange for Android makes you agree to similar conditions if you set it up on your phone.
There’s also Google’s Device Policy for Android, meant to give admins the same powers over your phone.
That would depend on what state the OP is in.