My employer IT grinds my gearsSupport

Last Updated:

  1. Robhimself

    Robhimself Well-Known Member

    So I took a job with this company a little over a year ago that is much less responsibility and more pay plus I get to work from home and hang out with my giant dog. They pay my Internet and part of my cell phone and things are awesome.... Until last night.

    My phone suddenly wanted me to create a password for exchange and I was like WTF?! I did it thinking that work was doing something lame and then I realized it wasn't just for my mail I needed a password to unlock the phone to do anything. Apparently IT department is starting new security that will make this necessary for everyone without regard for people that are on the move a lot. I never got an email that they were doing this and when I asked about it they immediately changed the policy but said it was going into effect next month.

    I used to be a system admin at my last job which was in a HIPA compliant IT office. I had to sign my life away so I couldn't talk about patient information but they would never in a million years think about doing this. My current job really doesn't have secure information other than in our software which cannot be emailed anyway.

    I guess what I am getting at is if any of you guys are in charge of your IT/telecom people do not institute this policy on your employees, especially when they are using their own phone.

    PS once you turn on the password is there any way to turn it off?

  2. ctc

    ctc Well-Known Member

    Sorry dude, if you want to access the company systems on your phone you gotta follow their policies.
  3. jskolm85

    jskolm85 Active Member

  4. Terabethia

    Terabethia Well-Known Member

    Okay, I am so confused...

    Do you mean that you will now have to use a password to unlock your company related features? Such as the mail?

    Or do you mean that you have to use a password to unlock anything and everything on the phone, including your apps and stuff? Cause I don't see how they can do that (as in, technically speaking... as that would require installing software on the phone remotely and being able to monitor it so you don't turn it off, which I don't think is possible).

    If it's the former, that makes total sense and every company I have worked for (or have friends work for) does this! It's so that people can't pick up your phone and start messing with your company data. Or worse yet, you lose your phone and now someone has access to all that stuff.

    Frankly, it's VERY smart of them to do that and I am surprised that it wasn't already in place. But good for them for finally putting it in.

    I don't really see the problem... it's an extra 2 seconds to unlock and ensures that your companies information stays safe.
  5. Dmtalon

    Dmtalon Well-Known Member

    Pretty sure the Exchange Policy's will make it so he has to have a password to unlock the phone at all. Thus protecting any company information. (calendar/mail/contacts)
  6. Robhimself

    Robhimself Well-Known Member

    It requires me to enter a password to do anything on my phone not just access mail. I agree its their policy but locking the mail is one thing locking my ability to make a call is another. Hopefully they don't go ahead with it but if they do I am just going to let them buy me a phone and I'll carry 2. Sadly their company phone is an iphone or a blackjack.... UGH yuck
  7. ctc

    ctc Well-Known Member

    It is the same with my company blackberry. Their policy requires an unlock PW.
  8. Terabethia

    Terabethia Well-Known Member

    Yes, I understand that. I was wondering if he had to simply unlock the phone or if he had to also unlock each and every program separately.

    I really don't see the problem, TBH. Like I said, I am surprised that they didn't have this already. While it's the "OP's Phone"... the company is helping to pay for it. And they are allowing their programs to be accessed remotely on that phone. They have to protect themselves and their company data.

    If you don't want to deal with this on "your" phone, then I can only suggest that you add another line to your plan and get another phone for work purposes only.

    But maybe the OP is just having a bad day and this seems like a bigger problem that it really is :(
  9. binary visions

    binary visions Well-Known Member

    If you're going to store internal company information (e.g. email/contacts/calendar) you are beholden to the internal company IT policies.

    I've worked in IT my whole life and I would be pissed if someone lost their phone full of internal emails and had no password on it. Security policies are there because people can't be trusted to know what is secure and what's not.

    Any exchange server I've administered has had security policies in place to protect the corporate data. Devices that did not support the security profiles were not allowed to connect.

    Just because it's not government mandated compliance (HIPAA) doesn't mean it's not important... and maybe it's me but I really can't see the hassle of owning/carrying/charging two phones to be easier than hitting 4 digits to unlock.
  10. mcapozzi

    mcapozzi Well-Known Member


    Lockpicker (available through the market) will circumvent your company's mobile device security policy and disable the mandatory PIN lock. The only way they'll know you did it is if they take possession of your phone.

    potterdood likes this.
  11. JaredRS

    JaredRS New Member

    Want to bet? I work in hospital IT. In order to be HIPAA compliant, this is a requirement now. Doesnt matter if its a personal device or a company device, if it stores company email it must be password protected (it has to store on the phone.. not access via webmail), and they must be able to remotely wipe the device if it is lost.
  12. A.Nonymous

    A.Nonymous Well-Known Member

    I'm a sysadmin and I support a password policy. To clarify what the OP is saying, the password lock doesn't require you to enter a password every single time you try to run a program. It simply locks the phone after a predetermined time. It's the same thing you have the option of setting yourself inside the phone if you wish. The OP is just frustrated that every time his phone locks he has to put in a password. While I can relate to that, you have to realize that you do have proprietary data on your phone in terms of contacts, e-mails, calendar appointments, etc......

    If I'm a company, I don't want my entire customer list to fall into the hands of someone who may not have my best interests in mind. So I'm going to enforce a security policy on every client of mine I can convince to go for it. It makes too much sense not to. If you don't want to have to unlock your phone, then you have the option to not get company e-mail on your phone.
  13. BringinTheHeat

    BringinTheHeat New Member

    No way to turn it off except at the Exchange Server.

    Also, your old office wasn't HIPAA compliant if they didn't require you to have a password. Simple as that. Just be thankful that your employer still allows you all the control over the rest of your phone and allows you to use an Android device. A lot of my customers will only allow their employees to have access to a BES server...Wackberry only.

    Be very could be a lot worse.
  14. Robhimself

    Robhimself Well-Known Member

    Definitely was a HIPAA compliant shop. We had BES so we ould wipe what we needed to also could change the PW if it got lost. What I meant was can I turn off the local password on my phone once it is entered. I didnt really see a way to do it but I didnt try deleting the exchange account from my phone.

    I guess my deal is when im on the road. I havent tried my hands free yet but if i cant dial a client I really dont want to be one of those people typing while driving. Not a huge deal but I guess they just got on my nerves cause it came out of nowhere, no email, no call, no memo. Its their network and their info I guess moving to a much lower position than I was used to I just see what I would do differently.

    Yes sort of having a bad day because verizon cant follow instructions and install a dmarc where we requested even though the guy who was on site insisted they were putting it in the wrong place. LOL! If this is the most stress I have all week I'll take it.

    I just hope next time they roll this out I am told about it not flipping out because my phone was going to erase my data in 4 mor tries and me being like WTF?
  15. Bundy

    Bundy Well-Known Member

    Doesn't "much less responsibility and more pay plus I get to work from home and hang out with my giant dog" trump having to type in a password on a phone?
  16. rcicu

    rcicu Well-Known Member

    I use this App and it works great!

    If you are concerned about security and want the pattern lock remove the exchange account, verify that you nolonger need a password, create the pattern lock, add the exchange account, and install lockpicker

    I believe that your employer still has right to wipe your device as a security measure...

    Good Luck!
  17. benson304

    benson304 Well-Known Member

    Company policy for me too, the largest public accounting firm in the world.

    Seems like a pretty normal thing to request, they don't want someone just coming along and picking up your phone and having easy access to your exchange server, which has the emails of the entire company on it.
  18. callmeox

    callmeox Well-Known Member

    Life lesson:

    Company owned devices are for work information, personal devices are for personal information. If they want you to have access to your company email on the road, they should provide the device.

    Never EVER allow your employer to access your personal device.

  19. jamor

    jamor Well-Known Member

    Imagine what they could do in terms of looking into your personal information?

    Anyways, a solution is to get a secondary phone/line that you just use for your company e-mail.

    With that kind of access to your phone, they could probably look anything you've done on company time and fire you if they want. What if they bricked your phone for false reasons or looked up your call, text history.

    I would have a secondary phone in a heartbeat for personal use.

    Not doing so gives them lots of leverage and power over you. Don't let them have that power.
  20. & droid

    & droid New Member

    Lurked around for months but first post I had to chime in on.
    I set this up for myself not just because of the work information stored but if my phone was ever stolen or lost I would not want anyone to have access to anything on my phone. Just think about how much someone would know about you digging around in it. Scary.

    Even the girls I date that want to use my phone I will unlock it and dial the number for them. I'm not that shady but it's my own s*** on there.(different topic on it's own)

    Its bad enough the premissions that some apps use. Which is why I don't use some of them.
    I am lucky that my employer is owned by my dad and don't worry to much about them accessing anything.
  21. jamor

    jamor Well-Known Member

    Agreed - along the lines of what I was saying.
  22. Android&Dom

    Android&Dom Well-Known Member

    I had the same an app called'll solve all your problems
  23. slackfumasta

    slackfumasta Well-Known Member

    No, they can't, at least not on a non-blackberry phone.

    What they can do is require that your device has it's PIN lock feature turned on in order for you to access company mail. They cannot read your phone.

    However, they can initiate a remote wipe of your phone if it is tied in to their Exchange server. Since we are talking about Android phones, I'm sure there are apps that can be used to prevent this feature from actually happening on your phone, just like the one that will bypass the PIN requirement. Of course if they ever found out, they'd likely not allow your device to access mail anymore, and may even try to wipe it (or tell you to so you don't get fired).

    Incidentally, at my current job I set up the Exchange environment before I moved to a different department, and I made sure that my account was listed as an exception to these security requirements :)
    jamor likes this.
  24. kyler13

    kyler13 Well-Known Member

    This. Period.
  25. jamor

    jamor Well-Known Member

    Ah! Good to know. I was gonna say.. if they did have access to all of your personal information it would seem like an invasion of privacy.

Share This Page