Need Help/Info Regarding MS Intune

paranoidguy on 13/02/2023 - 09:45

Hi,

(I apologise in advance for my stupid questions)

I have my personal android device and I have installed MS Intune on it as I was unable to read work emails on my phone's Outlook app or MS Teams. I have only installed the MS Intune app but not logged into it. As long as the app is in the phone, I can use teams and check emails on the Outlook app and receive login approvals on DUO app. The questions are as below:

Q1) What type of risk do I have on personal data? (Pics, msgs, calls, whatsapp)

Q2) Do I need a seprate device or I'm safe in the current set enviornment?

Q3) If I get another phone, how can I completey get rid of these apps on my personal phone. Will the simple deleting app will be okay or I need to reset the phone?

Thanks in advance!

Computing Microsoft Intune

Comments

  • Peter Enis on 13/02/2023 - 10:15
    +1

    Username checks out!

  • djsweet on 13/02/2023 - 10:33
    +1

    I think it depends on the management profile that gets pushed by your org. You will be told the level of access the profile grants and given an opportunity to decide if you are okay with it or not. Usually the org can't access personal files or apps. But, usually they can wipe and factory reset your device remotely.

  • abovethelimit on 13/02/2023 - 10:42
    +1

    It depends on how you have enrolled your device in Intune. See this link here for different types of enrolments. Best way to check in your phone is go to Settings > Security and Privacy > Other Security Settings > Device admin apps and see if Company Portal is an admin on your device, alternatively search for device admin in your settings and see what level of access the company portal has. If it has device admin, then yes your office IT admin have full control of your device, restrict apps, enforce various policies and of course they can remote wipe your device along with data.

    Q2. See above.

    Q3. Removing company portal app will remove any policies/certs that it has installed on your device. If the app get installed on your new phone, dont enrol and uninstall the company portal app from your phone.

    • paranoidguy on 13/02/2023 - 10:50

      Thanks for the details reply.

      …and see if Company Portal is an admin on your device
      There is a toggle switch if I need to make "Company Portal" an admin app, I have turned it off.

      One thing I don't understand is, I haven't signed-in to MS Intune app but I can receive the emails and use MS Teams. I just downloaded but didn't sign-in. If I deleted the app, I can't receive emails or use MS teams.

      • djsweet on 13/02/2023 - 11:01

        Well that is good… Seems odd, but maybe your device fulfils the basic security requirements required. I don't believe Intune always requires a management profile to be installed on the device. All depends on your org's config.

  • w3dge on 13/02/2023 - 10:59

    There is a MAM mode in Intune where you need Company Portal on Android but you dont need to sign in. Fairly safe mode for the user as it doesn't apply a device management profile i think.

    https://learn.microsoft.com/en-us/mem/intune/apps/app-protec…

    • paranoidguy on 13/02/2023 - 12:50

      Thanks for providing the link. It seems like that basic protection is just required by the ORG and because of that, enrollment of the device is not necassary.

Login or Join to leave a comment
Login Join