Privacy on a corporate managed mac

Discussion in 'macOS' started by funkylaundry, Aug 20, 2016.

  1. funkylaundry macrumors newbie

    Jul 27, 2011
    My employer has given me a very nice MacBook Pro and I am considering using it as my private computer, since it is more practical only having one laptop.

    It should not be a problem with my employer as long as I don't install any pirated software and generally don't use it for illegal activities. The only thing that concerns me is my own privacy, since remote management is enabled so IT admins can go check on my system at will. Additionally, the work account is set up with active directory.

    So today I got this idea: What if I set up a separate user, disable remote management for that user and enable filevault for the entire system. That way they should only be able to access my work user, but would they be able to override file access permissions by enabling the root user? I know you can do that without filevault enabled, but would filevault stop them from seeing my files? They still have remote access to one account after all.
  2. grahamperrin macrumors 601


    Jun 8, 2007
  3. hallux macrumors 68030


    Apr 25, 2012
    If you've been given a corporate management Mac that doesn't have FV enabled, your company needs to review their security practices.

    That aside, there should be zero expectation of privacy on a company-issued computer. I don't know that you can disable remote management on a user-by-user basis, it's the COMPUTER that is remotely managed/monitored.
  4. Weaselboy Moderator


    Staff Member

    Jan 23, 2005
    No it won't.

    What kind of files are we talking about? Just some personal documents? What you could do is make an encrypted disk image and put all your personal files inside that disk image and nobody would be able to see the files inside. You would just need to double click the image each time you want to see the files inside and enter the password.
  5. maflynn Moderator


    Staff Member

    May 3, 2009
    It's not your computer and you may save yourself a lot of headaches if you just consider it a work computer and not use it as your own (since its not your own).

    When I had a work laptop, I still used my own computer as I didn't want my personal and business life to intertwine that way.
  6. Fishrrman macrumors G5


    Feb 20, 2009
    Agree with maflynn above.

    Keep a work computer (theirs) for work, and a personal computer (yours) for personal business.

    Things will just work out easier that way.

Share This Page