So my company decided to migrate office suite and email etc to Microsoft365. Whatever. But for 2FA login they decided to disable the option to choose “any authenticator” and force Microsoft Authenticator on the (private) phones of both employees and volunteers. Is there any valid reason why they would do this, like it’s demonstrably safer? Or is this a battle I can pick to shield myself a little from MS?

  • @[email protected]
    link
    fedilink
    46 months ago

    Who cares? It’s a work phone that is used only for work, they are entitled and expected to track it as much as my work laptop or any other company equipment. That’s not a privacy issue unless you’re using company resources for personal stuff. If I don’t want them tracking me I just turn it off or leave it at home.

    • @[email protected]
      link
      fedilink
      1
      edit-2
      6 months ago

      They might expect you to be available via the phone 24/7 and carry such sensor packed device anywhere.

        • Saik0
          link
          fedilink
          English
          16 months ago

          The point is that the phone will be tracking 24/7 regardless of your actual availability.

          • @[email protected]
            link
            fedilink
            1
            edit-2
            6 months ago

            The point is that the phone will be tracking 24/7 regardless of your actual availability.

            A faraday cage on your work desk can take care of that during off hours, especially since most batteries have become non-removable and phones don’t truly shut down anymore. Just put your work phone into the cage when your shift ends, take it back out when your next shift starts. Easy peasy!

            And if they demand 24/7 access, they will need to provide 24/7 pay.

            • Saik0
              link
              fedilink
              English
              16 months ago

              Not sure I understand what the faraday cage would accomplish. It’s the companies device. You’d be skipping this presumption outlined earlier in the thread

              they are entitled and expected to track it as much as my work laptop or any other company equipment.

              Leaving the work phone at work is a valid answer to me. Assuming that doesn’t actually come with any other downsides (working offsite and having to return to the office on unpaid time just to drop off the phone for example).

          • @[email protected]
            link
            fedilink
            06 months ago

            And my point was that a separate corporate device makes it trivial to manage my privacy and availability. Using my personal phone for work is a hard NO.

            • Saik0
              link
              fedilink
              English
              -16 months ago

              Your point is illogical.

              You stated

              they are entitled and expected to track it

              Just to turn around and back-peddle

              If I don’t want them tracking me I just turn it off

              Are they entitled to it or not? If they’re entitled, then why do you have a right to cut it off? I’d argue they have no right to it to track me off hours at all… regardless of the device used. u2f tokens like yubikey would be just as sufficient for 2fa with none of the tracking.

                • Saik0
                  link
                  fedilink
                  English
                  06 months ago

                  Or I brought up a point that you didn’t consider, and rather than addressing it you need to resort to low level ad hominem. You contradicted yourself. Either explain the contradiction or move on. There’s no point in this comment unless you’re attempting to discredit me without reason which just makes you look bad.