Disqus - Latest Comments for jasonreese

Re: UPS Complaints

jasonreese — Thu, 12 Aug 2021 13:47:26 -0000

UPS lost a shipment of mine on June 15th (tracking history literally states UPS incorrectly sorted the package and misplaced it in transit). I filed a claim in July with the order details, cost, tracking history and screen captures of the UPS misplacement in the tracking details.with No direct response from anyone UPS. On August 11th, I check and UPS *closed* the claim with Zero action taken. This has been the SECOND claim UPS has closed with no action in the last Four Months (the prior instance an entire case of wine was damaged in transit with UPS claims department again closing as not responsible for the damaged delivery).

I contacted the UPS claims department, and after an hour of being transferred had a service agent tell me UPS closed the claim as they were not responsible for the package (that's the ONE JOB UPS has...to deliver packages reliably to customers). I was told by the service rep that UPS already contacted the business I purchased the package from and they (the shipping business) would be responsible. Another 3 hours of calls and I confirmed the business NEVER received any such communication from UPS. I'm now out of $115, an order that was misplaced SIXTY days ago and, yet again, horrible customer service from UPS.

Re: Never accept an MDM policy on your personal phone

jasonreese — Thu, 13 May 2021 11:39:50 -0000

you don't need mdm to 'wipe the device'. Exchange will prompt you to let you know just accessing email gives the mail admin the option to do this. MDM is better, as modern options only revoke/remove corp apps managed by the company. Not your facebook, instagram or anything else personal. MDM separates corp from personal. And, again, a big 'NO' to IT / company being able to view your web browsing, texts, call info or personal app data (data inside an app) from MDM. That's not how it works.

If you're on your company wifi then yes your NETWORK admin could see the packets when you're ON the COMPANY NETWORK. Not at home or at starbucks. What the author of this article describes is not IT/MDM. His fear mongering is a security breach and malicious compromise/hack -- not your IT; and not something done via MDM.

Re: Never accept an MDM policy on your personal phone

jasonreese — Thu, 13 May 2021 11:36:13 -0000

if paranoid, yes. just use another phone or don't access work data on your phone. Easy.

Re: Never accept an MDM policy on your personal phone

jasonreese — Thu, 13 May 2021 11:35:40 -0000

I don't believe you have admin'd an MDM. Maybe you looked over someone else's shoulder and saw a console once. Nothing you're emphasizing in this article is accurate. If you were versed in this area, you'd already be familiar with Android Enterprise, Apple User Enrollment (BYOD options that fully prevent what you describe in your hysteria ridden fear tactics to scare people from their companies). Nor are MAM options discussed. Same for conditional access. Stating MDM can view texts, web browsing is just not correct.

Anyone claiming to be an admin that doesn't know and communicate the basics should not be writing articles on the topic.

Re: Never accept an MDM policy on your personal phone

jasonreese — Thu, 13 May 2021 11:32:44 -0000

whataboutism.... and the answer is no you don't just accept/install things because you have beers with your IT admin buddy. Again, where are these companies where IT has no controls or bounds. Fiction.

Re: Never accept an MDM policy on your personal phone

jasonreese — Thu, 13 May 2021 11:31:46 -0000

Sysadmins nothing better to do than prying? Yes, risk jail time as well as your livelihoods to see what Jim and Jane do. That's utter nonsense. I don't believe you've administered an MDM. SEIM, audit logs, legal requirements (GDPR, EU Work Councils, etc.) -- there is so much in regards to checks and balances...what you describe makes for a good Jason Bourne movie but is poorly misinformed for IT/tech/company provisioned device management.

I'd recommend going through training and actually working with these things before posting. There are great resources that are fact-based out there.

Re: Never accept an MDM policy on your personal phone

jasonreese — Thu, 13 May 2021 11:29:01 -0000

That scenario is not your company or MDM Christopher. You're now talking about a MITM attack or other malicious compromise. Not something done via company MDM. This article is extremely ill informed and lacks a great deal of technical accuracy.

Re: Never accept an MDM policy on your personal phone

jasonreese — Thu, 13 May 2021 11:27:34 -0000

I am also not an MDM consult giving two cents about selling a solution to a company. Merely a 20-year IT and Security professional who actually uses and implements these solutions and works with employees to address unfounded fears. Everyone thinking they're being spied upon should realize they are far less interesting than they believe; and IT/companies really don't care that much. Companies just want to protect their data from employees that still put simple passwords on post-its and get malware on their phones from PornHub, then expect their companies not to care when they cause a security breach.

Re: Never accept an MDM policy on your personal phone

jasonreese — Thu, 13 May 2021 11:25:22 -0000

Nope. A 'rogue actor' would be a malicious hack. Not your IT department at your employer. Maybe ask your company to invest and put you through MDM training before spouting unfounded and factually inaccurate fears.

Agree with the point a company can and should provide the option for giving you / employee a phone for work needs. But that, like your company laptop, comes with the option IT can remove/revoke access to that device from accessing corp resources as they require (the 'wipe' scenario). In that case, anyone has the option to use two phones. Get a company provided one if paranoid, and then keep your personal phone off. But MDM does not do what many on this thread claim; plain and simple.

Re: Never accept an MDM policy on your personal phone

jasonreese — Thu, 13 May 2021 11:22:41 -0000

exchange mail access does not allow anyone to 'see everything' on your device. can an exchange mail admin in your company view your corp email mailbox in their O365/Exchange admin center - yeah, but unless you're on a legal hold (which would mean you have far bigger problems), there would be zero cause. You'd also be notified.

email on phone does not give access to someone to view web browsing, texts, call logs, etc. so much is wrong with all these assumptions. Maybe ask your IT to conduct a road show/presentation where they pull up the tools used in IT for managing corporate email/exchange and MDM. You'd be shocked how little and how boring it is and hopefully have unfounded fears addressed.

Re: Never accept an MDM policy on your personal phone

jasonreese — Thu, 13 May 2021 11:20:01 -0000

false

Re: Never accept an MDM policy on your personal phone

jasonreese — Thu, 13 May 2021 11:19:46 -0000

Then there would be an MDM app ('Hub' for AirWatch/Workspace One, 'Company Portal' for Intune). you can open the app and remove it/uninstall. You can also go into settings on iPhone and remove the management profile (settings - general - device management - open the profile, bottom tap 'remove'). It can't be installed on a personal phone without someone going through that registration process ON THE DEVICE itself.

If what you've described is not that type of app, it sounds like malware and you should reset your phone. Not likely something from your company as there are absolute legal requirements. If you tap through things and accept and install, then perhaps you agreed to install it but anyone should/would remember given it is a process of multiple screens, sign-ins and acceptance options to even do this via a company MDM.

Re: Never accept an MDM policy on your personal phone

jasonreese — Thu, 13 May 2021 11:16:10 -0000

Apple Business Manager / DEP would require the device be fully managed and supervised. To do that, the device is registered with Apple from the reseller so your IT/company issues the device directly. That is far different from a personal device you purchase. BYOD scenarios for iOS can use 'user enrollment' which, like Google's Android Enterprise, fully partitions company apps and services from personal and prevents IT from doing anything with personal data/apps. Only revoke/selective wipe (remove) corp app access.

Text, location and other app data? not via MDM or ABM directly. Maybe hooking up to take console logs (device+apple configurator), or wireshark over a network; but not via MDM or Apple Business Manager directly.

I don't think many answering in thread have actually managed/deployed any MDM solution based on the assumptions and responses.

Re: Never accept an MDM policy on your personal phone

jasonreese — Thu, 13 May 2021 11:12:38 -0000

check your phone settings (e.g., in iOS go to settings > general > device management. If anything is 'there' it is in a management config profile). Also, don't install random things (especially certificates) on your phone without knowing who is providing it (zero trust...verify ) and what it is doing.

MDM profiles can typically be removed - and wouldn't be 'installed without your knowledge' on a personal device. Fully managed devices require (android) factory reset. I don't think most just reset their androids -- then install things willy nilly. If it is a company provided device, it shows in the settngs (and there would typically be a terms of service communicated by your company). For iOS, supervised = DEP / Apple Business Manager. You can see if it's managed in settings with the same terms ref'd previously.

Your company/IT wouldn't be spying. If you sideload or download things elsewhere, there's a good chance these days you're opening yourself up to MITM, malware, etc. But that is certainly not coming from your company or IT.

Unless you're a gov't spy ;)

Re: Never accept an MDM policy on your personal phone

jasonreese — Thu, 13 May 2021 11:08:10 -0000

Paranoia. Many companies, if implementing BYOD and mobile device services merely do so to prevent mobile devices being the 'weakest link' in a security attack surface. It's typically 'opt-in' for most companies supporting BYOD. If you don't want to access company resources (vpn on a mobile device, company apps, etc.) then the company can typically secure the apps and data with Conditional Access or App Protection Policies (O365 environments) without you ever needing to register/enroll your phone in mobile device management. But the company and CISO/SecOps get to decide 'what line' of confidential corp data you may access from your mobile phone. If they say email access requires it, you can use OWA through a web browser or just use your company provided laptop. Your IT dept doesn't care about your phone; just the corp apps and data being protected.

Bottom line: you self-enroll for BYOD. It's your choice. You don't have to. You just may not be able to access every app or corp service on the phone otherwise. Then use your company laptop (that's also managed by your IT and security teams).

Blatant misinformation and ill informed responses all round in this article.

Re: Never accept an MDM policy on your personal phone

jasonreese — Thu, 13 May 2021 11:03:20 -0000

Fear Uncertainty Doubt (FUD). You believe your employer and IT dept 'spy' on you? Tin Foil hat sales must be spiking. 1 - you're really not that important. 2- Legal implications (GDPR, Standard privacy laws, etc.). If that paranoid, queue up a lawsuit with your employer and they can simply provide SEIM logs, audit logs (but if really paranoid I assume you think they would all be lying and out to get you anyway).

Your IT staff doesn't really care nor have the ability to spy on your personal phone. Truth be told, as soon as you purchased and turned on your phone, the manufacturer and carrier already had this option. Not your IT dept.

Re: Never accept an MDM policy on your personal phone

jasonreese — Thu, 13 May 2021 10:56:51 -0000

Then your network activity is visible through Cisco ISE, not a mobile device management / UEM/ EMM/insert acronym platform directly (which is always the case -- on your company network.).

Bottom line, IT using AirWatch, MobileIron, Intune, MaaS360, et al do not have access to view your calls/texts/web browsing or network data. Now, if you start wiresharking and capturing packets on clients on your network then yes...but that is ON THE NETWORK, not MDM.

This article is fear mongering and extremely technically inaccurate.

Re: Lets Do a Little More for Haiti

jasonreese — Fri, 15 Jan 2010 09:58:51 -0000

Donated to American Red Cross via SMS, as well as thru online channels. Spreading word re: matching gift opportunity

Re: Please Join Me in Congratulating …

jasonreese — Fri, 18 Dec 2009 16:13:12 -0000

Wow! Congratulations!!

Re: Sleeptracker Elite – Wake up time for sleepyheads

jasonreese — Mon, 20 Apr 2009 17:20:03 -0000

I'm a big fan of the Sleeptracker Pro (due to the vibrate alarm) and happy to hear the Mac compatibility will be backward compatible for the non-Elite Sleeptracker users. Glad to see they are coming out with new models. Yes, the Pro is hefty. I wear it to sleep only. It's not something I wear to work or when I go out ;)

The features between the Elite and the Pro series seem on par (read, exactly the same:) ). But, I already saw the Pro is temporarily out of stock. They must be phasing the model out for the Elite. Hopefully, the next models will be a little more, um, stylish and a little less Casio. Not that there's anything wrong with Casio :)

Re: Name that Tune in One-Click! BlackBerry Gets Shazam!

jasonreese — Wed, 15 Apr 2009 12:07:46 -0000

Hi Paul - the $4.99 is a one-time flat rate fee. There's *no* monthly subscription for the app -- you would pay one time and own it. You can download and trial Shazam on your BlackBerry for 60 days to see if it's something you use enough to pay the $4.99 to use after the trial concludes.

Re: QuickLaunch 1.4 for BlackBerry provides nearly unlimited shortcut keys

jasonreese — Mon, 13 Apr 2009 16:35:56 -0000

I really like this application. Before, I was using BBSmart's Shortcut app. BBSmart's app lets you create shortcuts, but I found QuickLaunch to be much more intuitive -- and the execution is better IMHO. Using QuickLaunch, you can bring up one menu and scroll down to the item you want. Using BBSmart Shortcuts (even after you map it to one of the side convenience keys on your BlackBerry), you have go go through *separate* menus for SMS, phone, web, etc.

It's just a matter of scrolling, but for usability QuickLaunch wins, hands down! Well worth the $4.99 -- and it was a painless download from the BlackBerry App World.

Re: QuickPull 2 now available for BlackBerry OS 4.2+

jasonreese — Fri, 10 Apr 2009 14:01:10 -0000

Neat app. I usually just do a quick press of ALT+SHIFT+DEL on my BlackBerry devices if I don't want to do a full hard reset via Battery Pull. While this is a soft reset, it does the trick 9 out of 10 times (you can also do this twice -- press ALT+SHIFT+DEL again when you see the screen turn on if you want a full hard reset without pulling the battery. Handy if you use skins or cases that make it a pain to unlatch the batt door).

Some other ways of freeing up memory (besides removing apps) is pressing ALT+LGLG. This takes you to the BlackBerry Logs. Clear your warning logs and it will free up space as well (only folks who run into frequent or odd errors they need to send their BES admin or RIM will likely ever really use the logging feature on the device).

Of course, this app makes the above even more painless since it's Free and you don't have to worry about remembering to pull the battery or go through a series of QWERTY key presses :-)