Can my company read my iMessages?

[960design]

A lot of stuff said here.

Most (99.9999%) of trained personnel can only get your text messages if:

1) They own your iCloud account

2) You physically hand over your iPhone.

The other .0001%, well... we will see what Mr. Snowden lets out.
3) Yes

 

[kolax]

2. They somehow have your iCloud login username and password... in which case they could log in via a mac or other iDevice and see all your iMessage conversations.

1. They would only see new messages, not previous ones from before they logged in with the credentials.

2. If they did that, they'd be in deep trouble and you'd be able to drag them through the mud.

iMessages are encrypted, and so far, have proven to be unbreakable. If you work for a company with a high paranoia of information being leaked, then I doubt they'd even issue an iPhone and allow free use of iMessage.

If they pay the bill, they can see what numbers you've been texting/calling and time stamps, along with whether it was an MMS or SMS. But they can't see the content.

I'd hope your company has more important matters to work with than snooping on what numbers their employees have been texting/calling. Unless they have contact numbers for journalists and will be checking to see if you've been in touch with any to leak information.

 

[EK23]

Don't use your work phone for personal texts, problem solved.

You should consider a life in politics. You're claiming to have solved a problem unrelated to, you know, the actual problem that I was concerned about.

----------

I'd hope your company has more important matters to work with than snooping on what numbers their employees have been texting/calling.

I'm quite sure they do and this is probably a moot issue as we have 8000 employees on company phones. They wouldn't have the manpower to check behind all of us but it concerned me enough to ask.

Thank you to all of the folks that took time out of their day to respond.

 

[Grmnracing]

I have a company issued iPhone and I use iMessage a lot. My company has issued a directive that employees can use iMessage since it doesn't cost anything.

However, my brother has a tendency, no matter how many times I yell at him, to message me inappropriate things. He says that iMessages are stored on apples servers and even my company, who owns the phone and pays the bill, can not see the messages.

Is he correct?

I wouldn't, sometimes my iMessages are sent as SMS messages. Maybe it's when iMessage is down. But it happens often.

 

[mudman2]

all imessages exist in the backup made when you sync, including photos, and you can extract using software like Decipher Tools to extract the lot. So if they own the PC your syncing to the have it already, if they want it

 

[576316]

There is an encryption in iMessage meaning the messages you send can only be read by the sender and the recipient. The journey inbetween is totally encrypted to a point where Apple can't even decode your messages and read them. Unless your company are master hackers, they cannot read your messages.

 

[sjinsjca]

I'm quite sure they do and this is probably a moot issue as we have 8000 employees on company phones. They wouldn't have the manpower to check behind all of us but it concerned me enough to ask.

Much of what Ed Snowden has been claiming is still a bit vague, but it's certainly clear that many of the more feverish conspiracy theories are more credible than most us thought possible.

But you don't work for the NSA; your employer hardly has NSA-class capabilities. You're probably safe; iMessages are strongly encrypted, end-to-end, and it's highly unlikely your employer can see them without physical access to your phone and knowledge of its password (You DO have a password-lock enabled, don't you?), OR your iCloud username and password-- which is really all that's needed since any Mac or iDevice can be linked to your iCloud services (including archives) with that info... guard it carefully and mind any alerts from Apple regarding activity on your account.

But as to your point that you are safe in the herd, a word of warning: While you are undoubtedly correct that no one is watching you on an hour to hour basis, some companies do do spot-checks. On computers, it's distressingly common nowadays for companies to install screen-snap, keylogger, geolocation-logging and webcam-snapshot utilities to record employee behavior... not so much to enable 'round-the-clock surveillance as to enable occasional validation of employee (and consultant) activity, and to build a repository that might be useful for disciplinary, termination, legal defense or negotiation-strategy matters should an employee merit attention for other reasons. In other words, your repository of recorded activities and behaviors might not be looked at until you're in trouble for other reasons or have the company in a tight spot in some way or another ...and then you'd better hope your brother's nudie pics aren't available to them, that you've worked diligently at your computer and don't make a habit of surfing non-work-related sites or playing games on company time, that you didn't go skiing when you said you had the flu last winter, etc.

Bottom line, don't trust a machine or a service that you don't control. You have ceded partial control of your iPhone, so that's a concern. You have NO control over machines you did not purchase and configure yourself, and you should have no expectation of privacy on the company network (or any other) unless you favor services with good crypto hygiene-- like iMessages. All bets are off if you lose physical access to your devices, and who knows how deep the tentacles of governments (not just America's) really can go even if you do everything right.

I speak as a guy whose computer was physically hacked in a very interesting way when I left it in my hotel room in a country well-known for its ...inquisitiveness, shall we say. I've become something of an encryption evangelist as a result. It's a rough world out there, and anything you say or do can be used against you. Ideally you'd manage your own encryption rather than relying on any third party to do so for you, but as far as those go, Apple's encryption is better than most.

This is a very important and sobering topic, and I thank you for bringing it up.

 

[C DM]

I wouldn't, sometimes my iMessages are sent as SMS messages. Maybe it's when iMessage is down. But it happens often.

Pretty sure that shouldn't/wouldn't happen on its own if you disable that option in the settings for Messages.

 

[wordoflife]

Sometimes iMessages fail and get sent as a text message (or in your case, a picture message).

Not sure if your company can see those.

 

[C DM]

Sometimes iMessages fail and get sent as a text message (or in your case, a picture message).

Not sure if your company can see those.

But if you disable that option then that shouldn't happen, at least as far as messages that are being sent. You don't really have much control over messages that are being delivered, so if someone doesn't use iMessage for one reason or another, then you'll get a typical SMS/MMS that won't get the benefits of iMessage encryption or anything like that.

 

[wordoflife]

But if you disable that option then that shouldn't happen, at least as far as messages that are being sent. You don't really have much control over messages that are being delivered, so if someone doesn't use iMessage for one reason or another, then you'll get a typical SMS/MMS that won't get the benefits of iMessage encryption or anything like that.

Exactly.
And the company might be able to see what his brother is sending him.

 

[Jades]

All you guys need to do is simply go to settings - general - profiles and erase the profile that your company put you to control your phone

Simple as that, no questions asked

 

[C DM]

All you guys need to do is simply go to settings - general - profiles and erase the profile that your company put you to control your phone

Simple as that, no questions asked

With an Exchange setup there's really no profile or anything like that that is set on the phone, yet once you connect your account your company has some level of control over the phone, like being able to wipe it for example.

 

[scaredpoet]

1. They would only see new messages, not previous ones from before they logged in with the credentials.

Mm, not always true. People have freaked out on here in past threads when they've associated a new device to their iMessage account and a good portion, if not all, of their iMessages populate right away, and then demand to know how long Apple is retaining their data.

My theory on this is, iMessage is truly "syncing" all associated devices, pulling existing messages on other devices to populate the data on the new device. This would help explain the intermittent, unreliable nature of it.

2. If they did that, they'd be in deep trouble and you'd be able to drag them through the mud.

Maybe in a perfect world. And in that same perfect world the NSA would be dragged through the mud right now for all the things they're doing currently, and heads would be rolling in Washington over it. But that's not happening, and I have a feeling that if this hypothetical situation did happen, the OP's employer could probably outlawyer him, causing him to give up his fight due to lack of funds in the best case, and potentially winning the battle and setting nasty legal precedents in the worst case.

iMessages are encrypted, and so far, have proven to be unbreakable.

While I generally agree with your sentiments, I still wouldn't lull myself into such a false sense of security. If iMessage is truly un-eavesdroppable currently, I have a feeling that they may not be the case for too much longer.

Even so, I don't think the OP has to be THAT worried about his messages being snooped on, for now.

 

[kolax]

Mm, not always true. People have freaked out on here in past threads when they've associated a new device to their iMessage account and a good portion, if not all, of their iMessages populate right away, and then demand to know how long Apple is retaining their data.

I've yet to see this with my own eyes, and I've used iMessage across a range of Apple devices. It makes sense that all your iMessages are synced across all devices, but that doesn't happen yet - deleting an iMessage from one device doesn't delete it on another.

Maybe in a perfect world. And in that same perfect world the NSA would be dragged through the mud right now for all the things they're doing currently, and heads would be rolling in Washington over it. But that's not happening, and I have a feeling that if this hypothetical situation did happen, the OP's employer could probably outlawyer him, causing him to give up his fight due to lack of funds in the best case, and potentially winning the battle and setting nasty legal precedents in the worst case.

Government agencies will get away with anything. Non government companies don't. The OP would have a strong case, and I imagine it'd be well covered in the press if his company accessed his iCloud account without permission to snoop on him, given the hype the press are having with PRISM.

 

[drpellypo]

iMessages are encrypted at *both* ends. So they are encrypted at source and at destination. This is what makes it impossible to intercept unless you have access to the iCloud account or have the phone in your hand. Irrespective of whatever 'portal' the iMessages go through, they can only be decrypted by the receiving device.

 

[ReallyBigFeet]

We put AirWatch on all our sales people's iPhones, I assure you, if corporate set up the iPhone for you, and they configured it to do so, they can see everything coming to/from your phone even via some 3rd part apps like Google voice/text or Whatsapp. They do need your iCloud username/passwords, but we dont let end users set that up themselves....we control iCloud configurations.

 

[phrehdd]

By law, you can bet they are allowed to have access to any communications that comes to or is generated by company property. This is not a grey area either in the USA. However, companies in general usually either have an HR paper employees sign or somewhere in checking out equipment or in communications form on devices has some reminder of the sort that all information and data sent or received is company property.

The reason I mention this is that I have worked putting in company approved instant message systems and was involved in company cell phones and a bit more. Between the lawyers, vendors and industry standards, it became very clear and rather black and white.

It would be of value to your company to remind employees if not have them sign an understanding agreement that all of the above is acknowledged.