[missosoup]

It's not a perk, it's a liability. This was an option at pretty much every company I worked at and I never understood what moron would choose to put their personal data/life on a corporate device (or connect their personal device to the corporate network and its management policy) with typical policies dictating that not only can the device be remotely wiped, it can also be remotely snooped.

The only brief moment of this being acceptable was Samsung phones being able to have completely split personal/corporate profiles across 2 sims in a single phone and have 2 copies of each app, but that seems to have died.

If your employer is managing the device you're choosing to also use for personal data, it's 100% your fault and 0% surprise when it backfires on you.

If you work in tech and don't have a separate work phone+laptop and personal phone+laptop, you're either a founder or an idiot.

[endtime]

Moron here. I work for Google and use my work phone as my personal phone, via Android work profile, so the work stuff is siloed. This means I have less than full access to company resources, but I don't really want to read code or respond to bugs on my phone anyway.

My understanding is that Google can't see the personal stuff. But it doesn't matter that much to me, personally, if they can (I'm not doing any exciting corporate activism, anything illegal, etc.). At least, it doesn't matter more than a couple grand a year plus the inconvenience of two phones. I'm not saying everyone should feel this way, and obviously some people value privacy more than I do, but that's the trade-off that makes sense for this idiot.

[bitcurious]

I hope it also doesn’t matter to any of your friends. I would be pretty annoyed if I had a conversation with you and it ended up as property of google.

[Hello71]

if you're willing to assume that Google is willing to violate their presumably legally-enforceable policy that they will not view the items in the "personal profile", then one could assume that they would probably also be willing to read data from any Android device. so better tell all of your friends to never use Android or any other Google service.

[gcbw3]

You guys are insane.

You signed something at work that "all data in google owned devices are property of google". Period.

This is the same as using your company-provided computer for something else.

[freeone3000]

Yes. This. Exactly.

[michaelbuckbee]

fwiw - Apple is also working on a similar setup to sandbox corporate apps from personal (with restrictions in between)

[gcbw3]

> Android work profile, so the work stuff is siloed.

> My understanding is that Google can't see the personal stuff.

You are completely wrong.

First they have access to all your text and calls, since they own the mobile plan you are connecting trhu.

Second, the "device administrator", keyword: device, can wipe out the entire device, not just one account.

> But it doesn't matter that much to me, personally

So why comment on a thread where this is the topic?

[endtime]

Because the commenter I responded to said he couldn't understand why anyone would do what I do. There's an implicit question there that I was attempting to answer.

Good point about also owning the phone plan. But since I use Google Voice for everything (personal account) I'm not sure how much of that they can see (in their capacity as owners of my phone service), and like I said, I'm not doing anything interesting. If Google really wants to see my call logs of wife, wife, friend, mother in law, wife, wife, wife, dad, friend, etc. it's not worth thousands of dollars a year and an extra phone in my pocket to prevent it.

[gcbw3]

so, you have nothing to hide. cool. Just remember to not use your google voice or google meet for those union talks ;)

[endtime]

If I were involved in such things, of course I wouldn't use a corp device.

[0xEFF]

Over half of Google's workforce are contractors. Google does not provide a mobile device to contractors. The options for TVC's are to let Google control a personal device or take a significant productivity hit and opt-out of mobile email, chat, and docs.

[mekane8]

That's a really crappy policy if I'm understanding it right - not provide a mobile device but insist on completely managing one if they choose to use it for company business? What a shitty way to treat people working for you.

[CoolGuySteve]

It should be illegal. How much is your employer allowed to know about you or who you contact outside of work?

The answer should be nothing but there's a moral hazard wherein employees can't do much about it without limiting their career.

[tssva]

They are contractors. They don't work for Google. They either work for themselves and have a contract directly with Google, are an employee of a company which has a contract with Google or are a sub-contractor to a company with a contract with Google.

If they are directly contracted with Google or a sub-contractor through another company they should purchase an additional phone for this purpose. Both the phone and the service would be considered a business expense for tax purposes.

If they are a direct employee of another company then that company should be providing a phone for this purpose. If Google or their employer won't provide a phone for this purpose than neither considers it a requirement for the job and they should not worry about it.

[zaroth]

How else could corporate IT possibly do it?

A contractor can deduct work expenses from income, a phone is just one item on a long list of things that will be deducted.

If there is corporate information on a device, it would be a breach of their fiduciary responsibility not to manage that device and have the ability to remotely wipe that data.

[chipotle_coyote]

> If there is corporate information on a device, it would be a breach of their fiduciary responsibility not to manage that device and have the ability to remotely wipe that data.

I don't think, in a legal sense, that's true. It feels like it comes from the same mindset that corporations have a "fiduciary responsibility" to their shareholders to always put profits above all else; in fact, there's nothing in corporate law or financial regulations that requires that at all.

The IT department has responsibility for network and systems policies and company-owned equipment, and it's perfectly reasonable for them to have the ability to wipe data on that equipment or set policies that disallow personal devices on company networks at all. But they have no requirement -- and I would argue no business -- to wipe a non-company device just because someone added a corporate email account to it.

Does that make it marginally more likely that someone could keep corporate email that they weren't supposed to? Sure. But there are other legal ways of handling that which aren't destructive to non-company property. No one would argue that a policy of "if you take physical work home, upon termination the company can set fire to your house to ensure all copies are destroyed" is enforceable.

[zaroth]

I’m pretty sure GDPR protection of “personal data” applies to employees and not just customers.

If my personal calendar and work emails are being copied onto your device, you better believe the GDPR data protection regulations apply.

The house example is ridiculous. The point is if you commingle the data in ways such that the endpoint protection software no longer supports delineating the corporate data, then the user (employee/contractor) has opted into that situation with eyes wide open.

> Computing devices need to be protected from loss or theft through mobile device management capabilities, such as remote wipe and kill. A lost device could be the weak link in the data protection chain, leading to a data breach based on information stored on the device or accessible through still active user credentials. Enforcing certain settings in order for a device to connect to the network at all – such as local encryption, password complexity, the presence and currency of security software, and the removal of the local administrator account – will be an essential part of protecting the organization within the GDPR framework.

[1] - https://www.actiance.com/wp-content/uploads/2017/03/WP-GDPR-...

[chipotle_coyote]

The house example is exaggerated, but as I wrote in another reply: just as my personal physical property does not become company property if I am on their physical property, my personal data should not become company data if I am on their network.

> If you commingle the data in ways such that the endpoint protection software no longer supports delineating the corporate data, then the user (employee/contractor) has opted into that situation with eyes wide open.

You're assuming the user has been given a clear understanding of the situation, and frankly, I think you're letting the IT department off the hook here. They need to either provide protection that can prevent "commingling" to their satisfaction, to grant a comparable level of trust to users with personal devices that they do in other aspects of conducting business (which was the real point of the example you didn't like), or just to ban personal devices.

[mcguire]

"But they have no requirement -- and I would argue no business -- to wipe a non-company device just because someone added a corporate email account to it."

Personal devices are excellent attack vectors if allowed on the internal network unmanaged. The alternative is not accessing internal resources, email, etc., unless the employee is given a company-owned device.

[chipotle_coyote]

I'd genuinely argue that if the company's worried about that, they should either (a) to disallow personal devices on the internal network, period, or (b) find a management solution that does not involve putting data they do not manage at risk. Just as my personal physical property does not become company property if I am on their physical property, my personal data should not become company data if I am on their network. I understand that segregating data that way may be a hard IT problem, but if they can't do it, the solution should not be "welp, we control your data now."

[EpicEng]

>or take a significant productivity hit and opt-out of mobile email, chat, and docs.

I'd call that a quality of life improvement. Why are contractors required to be available 24/7? I've never experienced that as a contractor, nor would I agree to it.

[dleslie]

And this is why I do not have any access to work accounts on my phone.

If it's so important that it must be done during my personal time then my manager can call me and request as much.

Remember pager duty and overtime pay? Doesn't that seem quaint now that many people seem to have accepted that they must make themselves available at all times?

[Joe-Z]

>Remember pager duty and overtime pay? Doesn't that seem quaint now that many people seem to have accepted that they must make themselves available at all times?

I'm too young to remember, but I have a few years of working experience under my belt now. The amount of people that greenlight everything a supposed authority demands of them just baffles my mind. I'm not even mad if a company tries to maximize their gain on the expertise that I bring to the table. That's just the game: You work for what's in your best interest, I work for mine. But when you push back against a perceived worsening of workplace conditions and the people not supporting you are your colleagues, because they somehow see themselves as being on the same side as the boss... I'm kind of sad about the social achievements people are willfully throwing away in the hopes that they themselves will 'make it' one day

And by the way, this is coming from someone who loves his job and has a good relationship with his boss. Doesn't mean I have to be delusional about what's going to happen when push comes to shove

[oncalleng]

Google does pay employees for time spent on-call outside of normal work hours. On-callers for services with tighter SLOs get payed more.

[PopeDotNinja]

I put work Slack on my phone, but that's it. Maybe 2FA stuff as needed.

[bussierem]

>I put work Slack on my phone

This instantly qualifies you as "available 24/7"

[PopeDotNinja]

It does. I work remote and off hours, and my phone doesn't blow up to much, so I roll with it for now.

[neves]

They can freely choose to stay unemployed

[EpicEng]

Incredibly insightful, thank you. We all know how hard it is to find a programming gig these days.

I'm not convinced you have any knowledge of how things actually work in Google, but my point is that you can give me a ring if something requires immediate attention. If you don't provide a company phone I'm not using mine instead.

[hvidgaard]

Buy a "Google phone" and use it for that, keeping your private phone, well private. It's just the cost of doing business with them.

[d1zzy]

Unless your job requires work email/calendar while at home I really don't see how having corp access on mobile can be a justification for productivity.

The moment my company announced a requirement for having to install a corp policy enforcement application on my personal phone if I wanted to have access to the corp account (a reasonable request, in terms of company policy/security) was the moment I stopped having corp account on my phone (or any phone for that matter). It's been working fine for years.

[cloudwalking]

Contractors are not expected to work after hours. This is a reasonable stance for the company to take.

[m-p-3]

Seems like Google isn't leveraging their own tools properly then.

They can make a non-corporate device have a work profile with Google Apps Device Policy, and only that profile will be purged if the device is wiped by a Google Admin.

[52-6F-62]

Even simpler for corps as large as Google is simply having a supply of contractor devices they completely wipe upon the termination of the contract. That's what my last company did.

They didn't require contractors to bring their own computers and phones to the office if they were needed for their work.

I'm sure Google could afford that as well as to manage it...

[c0achmcguirk]

Google does do that. Lot of misinformation in this thread.

[threatofrain]

It is a net perk because phone calling or mobile messaging is inevitably part of work and you don't want to buy your own separate phone. It's only awkward for anyone who isn't used to having two phones.

[LadyCailin]

Calling and messaging are paid for by my company, and I can also sign in to my email. They have a program where I can get full access to all work resources, but it’s optional, and I will never sign up for that program, because exactly what’s being discussed here. But I still only have one phone, and they still pay for it, so.

[thrwy20191203]

Is the contract in your name and you pay the bill yourself and then expense it? Or is the contract in company's name they get full itemized bill from the carrier? If it is the latter, it sucks.

[LadyCailin]

They get the bill directly, but I'm not sure they can have access to the messaging or call data directly. I live in Europe, so I feel like the GDPR addresses this, but now that you mention it, I don't know this for sure.

[tyingq]

Android does support a work profile and "two copies of each app", with some limitations. https://developer.android.com/work/managed-profiles

[mcguire]

"...or connect their personal device to the corporate network and its management policy..."

I've done this.

You are absolutely right.