Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Centrify on iPhone

andiwm2003

andiwm2003

macrumors 601
Original poster
Mar 29, 2004
4,402
475
Boston, MA
The company i'm working for is using outlook and we use our own private phones for email and calendar through the outlook iOS app. Now the company wants to install "centrify" to secure our phones.

Does anybody know that system and what are the drawbacks to have this on our iPhones? Can they access out private data? Can the iOS get unstable? Can I lose my private data? Be locked out of my own phone? What happens when I want to do a systems update or restore my phone?
 
andiwm2003 said:
The company i'm working for is using outlook and we use our own private phones for email and calendar through the outlook iOS app. Now the company wants to install "centrify" to secure our phones.

Does anybody know that system and what are the drawbacks to have this on our iPhones? Can they access out private data? Can the iOS get unstable? Can I lose my private data? Be locked out of my own phone? What happens when I want to do a systems update or restore my phone?
Click to expand...

Your phone your rules. If you don't like the idea of it I wouldn't do it. Tell them to provide you a phone if having all that will become the new job requirement.
 
Are you being paid to do this? If not just tell them your phone is broken. Let them supply the phone. I would not put this on my personal phone...
 
It's an MDM (Mobile Device Management) system. They can't access data like messages, or passwords. BUT, they will be able to see all the apps you have installed, force a certain complexity passcode, REMOVE that passcode, track you, and remote wipe your phone. It basically has more depth into the phone than we have as consumers.

If you do let them use it on your personal phone, I'd ensure that the agreement doesn't allow them to wipe your personal phone if/when you leave employment with them.
 
theshoehorn said:
It's an MDM (Mobile Device Management) system. They can't access data like messages, or passwords. BUT, they will be able to see all the apps you have installed, force a certain complexity passcode, REMOVE that passcode, track you, and remote wipe your phone. It basically has more depth into the phone than we have as consumers.

If you do let them use it on your personal phone, I'd ensure that the agreement doesn't allow them to wipe your personal phone if/when you leave employment with them.
Click to expand...

Thanks that was helpful. I do not want to be too negative about this. If this was limited to the centrify app then I would be ok. But if they have system access it's a no go for me.
 
blairian89 said:
Demand a company phone. Forget that noise.
Click to expand...

Agreed. I know someone who has one of those apps on his phone and ... they force a 14 character alphanumeric password for his lockscreen password and disable touch id. lol. He doesn't use his phone that much so he goes along with it but that would be a HUGE dealbreaker for me.
 
  • Like
Reactions: blaine07 and blairian89
BigMcGuire said:
Agreed. I know someone who has one of those apps on his phone and ... they force a 14 character alphanumeric password for his lockscreen password and disable touch id. lol. He doesn't use his phone that much so he goes along with it but that would be a HUGE dealbreaker for me.
Click to expand...

That would be a huge deal breaker for me. My rule of thumb has always been that if you want for me to use a mobile phone for work purposes you are going to provide it to me AND pay for it as well. The once exception that I would make is if you are going to pay for me to open an account for business use and compensate me for the monthly costs associated with that line and phone.

Otherwise you can keep your mittens off of my stuff!
 
  • Like
Reactions: BigMcGuire
I managed centrify and other mdm for some time. Resist them if you can for your personal devices. The level of access depends on how the policy configured. I am NOT an advocate of Byod, forget the trends.
 
Hi Everyone!

My name is Ryan and I am a Sr Technical Support Engineer for Centrify, supporting the MDM platform. We noticed this thread, and wanted to add some clarity here to help with your decision to enroll your device using Centrify for your orgs MDM roll out.

Although this CAN give the Admin the ability to do the standard MDM things such as Admin lock your device, or Wipe your device, these should not be an issue as this is normal for MDM with any vendor, including once you set up email using Exchange Active Sync policy. One of the benefits of using Centrify, is that the Admin does not HAVE to wipe the device (like you do with ActiveSync) in order to remove the corporate data (including the "Work" email profile) for the apps you get SSO access to once you enroll the device.

Furthermore, regarding the location services on iOS, you can choose to not allow the Admin to monitor your location, but completing enrollment after will be contingent on your company's corporate security policy with regards to non-compliant devices. (ie. Email may not be allowed except for from compliant, corporate enrolled devices, etc)

Last, and something you as the End User may want to share with your Centrify MDM Admin, is that Fingerprint (rather than PIN code or password) is supported for enforced lock screen on the device. See more info here

There is huge benefit to enrolling your device, even for the privacy minded End User, but ultimately, the decision to enroll is based on how much access to your Corp data do you need on your mobile device?

If you are at the point where your org is using Centrify to secure their corporate data on mobile devices, then it is likely that the ONLY option to access it is via enrolling your device.

For reference, here is a link to some helpful info for End Users on using the Centrify platform once your device is enrolled.

Using Devices with Centrify

Cheers!

RyanV
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back