Use of Personal Apple ID on work MacBook

[wagmi]

I have multiple Apple devices and recently switched work windows laptop to a MBAM2

Personal Apple ID Assigned to:
- MBAM2 personal
- iPad Pro
- IPhone 13 Pro
- Apple Watch 8 & Ultra
- AirPods Pro 2

A separate Apple ID for work currently assigned to:
- MBAM2 work
- IPhone 13 work

I’ve liked using separate apple ID’s previously as it means there is no crossover on photo’s, app history, browser history etc - it’s important to me that I don’t have to worry about clicking on a site that may not be allowed at work etc

However, I’m finding it not so efficient to use my AirPods Pro for work calls on my Work MacBook and iPhone - I like the ability to switch between personal and work devices frequently.
I would also like to use the ‘watch unlock’ feature for MBA, and even track all devices in Find my.
Finally, I use goodnotes a lot for my personal iPad to take work notes - it would be great to sync this to other devices.

Based on above it seems I should change the Apple ID account on my work devices to be my personal one.

Is this something that is recommended to do? Is there a way of doing this but switching off specific device settings to manage risk? Such as browser history, app history, photo sync, file sync etc on the work MBA and work IPhone?

Or, is there an alternative route available that just assigns device permissions without any syncing and crossover of content at all?

Keen to hear of experiences others have faced on this and how they’ve gotten around it. Thanks.

 

[kitKAC]

I'm signing into my work machine with my personal Apple ID, just to use the Watch unlock feature. I've got every single iCloud data option switched off as I don't want any of my data on it, works just fine including Universal Control.

 

[kaardowiq]

I just raised an more or less equal post. However, my work one is a MDM (managed) device. This could potentially give the possibilities of the remote admins to access my private files. Who would technically avoid to enable iCloud Photos and to take a look on my shots (including my wife).

On my old and unmanaged one I just used my personal one… especially for iMessage, calendar, emails and watch unlock and air pods pairing.

however, on my new and managed one I currently use a dedicated ID. I’m not sure if I’ll keep this forever but knowing someone could access my files gives me pain.

if you’re using an unmanaged device I’d take the personal ID for services you really need to use, but turn off file Synchronisation, passwords etc. - this business stuff should never be saved out of your company. This means you should deactivate within the iCloud options:
- iCloud drive (Including and especially synchronization of desktop and documents)
- safari browser sync
- Keychain (!!!)
- Photos (depends)
- Backup (!!!)

ensure, no company or secrets are replicated or stored out of your Mac or comoany approved solutions.

 

[ian87w]

I have multiple Apple devices and recently switched work windows laptop to a MBAM2

Personal Apple ID Assigned to:
- MBAM2 personal
- iPad Pro
- IPhone 13 Pro
- Apple Watch 8 & Ultra
- AirPods Pro 2

A separate Apple ID for work currently assigned to:
- MBAM2 work
- IPhone 13 work

I’ve liked using separate apple ID’s previously as it means there is no crossover on photo’s, app history, browser history etc - it’s important to me that I don’t have to worry about clicking on a site that may not be allowed at work etc

However, I’m finding it not so efficient to use my AirPods Pro for work calls on my Work MacBook and iPhone - I like the ability to switch between personal and work devices frequently.
I would also like to use the ‘watch unlock’ feature for MBA, and even track all devices in Find my.
Finally, I use goodnotes a lot for my personal iPad to take work notes - it would be great to sync this to other devices.

Based on above it seems I should change the Apple ID account on my work devices to be my personal one.

Is this something that is recommended to do? Is there a way of doing this but switching off specific device settings to manage risk? Such as browser history, app history, photo sync, file sync etc on the work MBA and work IPhone?

Or, is there an alternative route available that just assigns device permissions without any syncing and crossover of content at all?

Keen to hear of experiences others have faced on this and how they’ve gotten around it. Thanks.

Never use any of your personal accounts on a company-owned device, ever. They are company-owned device, aka they are not yours. So the company has every right to the content in those devices, no matter how "personal" you think they are.

 

[JamesMay82]

I have the same dilemma.. i offered to use my personal mac for work but they insisted on a new one owned by them but they don’t give me work phone so doesn’t make sense really as my work emails are on private phone. the work mac is newer than my personal one so I’m tempered to just use it for all my personal files.. i work from home as well.. what to do ?

 

[kaardowiq]

If the device is managed, do not use your personal account on it.

 

[JamesMay82]

If the device is managed, do not use your personal account on it.

What do you mean by managed? i have their office 365 account on for outlook and one drive and the IT guy just installed AVAST virus software and that’s all i have on. so I should be safe right? Providing I don’t save things in the one drive account.

 

[kaardowiq]

Managed is, when there’s something like Microsoft Intunes or similar installed. In that way, the internal IT will manage the device, including the schedules of updates, restrictions and of course everything by having full access to that device. Therefore, private stuff on a managed device is a no go. If it’s just a casual retail device, no worries. But you should still take care of company policies regarding clouds and never store corporate stuff in your private account. That may happen really fast by using iCloud Drive or Keychain.

 

[JamesMay82]

Managed is, when there’s something like Microsoft Intunes or similar installed. In that way, the internal IT will manage the device, including the schedules of updates, restrictions and of course everything by having full access to that device. Therefore, private stuff on a managed device is a no go. If it’s just a casual retail device, no worries. But you should still take care of company policies regarding clouds and never store corporate stuff in your private account. That may happen really fast by using iCloud Drive or Keychain.

Thanks for that - I should be safe then and like you said to be careful where I save documents. I've only just got the device but I hated the thought of having to split things mainly because I do like to do a bit of work at night as well so I can quickly flip between personal and work etc

 

[Fishrrman]

Don't mix work with personal.

You have a "work" computer for work.

For your personal things, you should have a SECOND, "personal" computer.

That way stuff that's meant to be private -- STAYS private.

 

[KaliYoni]

Thanks for that - I should be safe then and like you said to be careful where I save documents. I've only just got the device but I hated the thought of having to split things mainly because I do like to do a bit of work at night as well so I can quickly flip between personal and work etc

I don't know anything about you or your employer, obviously, but in general a complete separation of work and personal activity and documents is the safest way to go.

Some important reasons:

• Anything you make or do on your work computer can be considered the property of your employer.
• If your employer becomes involved in legal or regulatory action of any kind, anything that was done or stored on your work computer could be subpoenaed or transferred to a legal team.
• Many employers monitor and archive everything that is done on the computers they provide to employees.