Can I have reasonable privacy on an employer-provided Android phone?
April 13, 2012 12:06 PM Subscribe
Android PrivacyFilter: I will soon be issued a shiny new Android smartphone at work, and my employer's policies allow limited personal use of the device. What's the current state of best practices for keeping a reasonable degree of separation between personal and work stuff?
I am well aware of the legal pitfalls of engaging in any personal communications on a work device (and, in fact, have supervised numerous forensic acquisitions and examinations).
Our use policies allow the installation of applications for personal use, as well as the purchase of apps through a personal Google account.
I would like to use the work Android phone to check my personal email, which uses Google mail (for my domain). My understanding is that using the standard Android mail client would wind up storing large quantities of my personal mail on the device in unencrypted form.
Are there mail clients available which would enable me to access my personal email in a (relatively) convenient way, but which would offer slightly more protection from prying eyes? Obviously, I know my employer can monitor my activity, sniff my network traffic and otherwise compel me to disclose lots of stuff if warranted. I would just prefer not leaving everything in plaintext on the device.
Side question: For storing (encrypting) passwords on an Android device, what's the current conventional wisdom? Is KeePass all I need? Or is there something "better" out there?
I am well aware of the legal pitfalls of engaging in any personal communications on a work device (and, in fact, have supervised numerous forensic acquisitions and examinations).
Our use policies allow the installation of applications for personal use, as well as the purchase of apps through a personal Google account.
I would like to use the work Android phone to check my personal email, which uses Google mail (for my domain). My understanding is that using the standard Android mail client would wind up storing large quantities of my personal mail on the device in unencrypted form.
Are there mail clients available which would enable me to access my personal email in a (relatively) convenient way, but which would offer slightly more protection from prying eyes? Obviously, I know my employer can monitor my activity, sniff my network traffic and otherwise compel me to disclose lots of stuff if warranted. I would just prefer not leaving everything in plaintext on the device.
Side question: For storing (encrypting) passwords on an Android device, what's the current conventional wisdom? Is KeePass all I need? Or is there something "better" out there?
To me, limited personal use means absolutely nothing that i wouldn't want all of IT, my boss, my boss's boss, and all of my coworkers to see. This includes caches of my personal emails and texts. Because my boss at least has that power and has looked and had a talk with me just to remind me not to do anything he wouldn't want to see (soooo embarrassing).
Even if your password is encrypted, they can still look at the cache, as as my work does to my computer, take random screen shots throughout the day.
So, I have two phones now.
posted by cakebatter at 12:35 PM on April 13, 2012 [2 favorites]
Even if your password is encrypted, they can still look at the cache, as as my work does to my computer, take random screen shots throughout the day.
So, I have two phones now.
posted by cakebatter at 12:35 PM on April 13, 2012 [2 favorites]
I'd use 1password for password storage: https://agilebits.com/onepassword/android
There is a desktop client available for mac and windows.
posted by TimeDoctor at 1:17 PM on April 13, 2012
There is a desktop client available for mac and windows.
posted by TimeDoctor at 1:17 PM on April 13, 2012
This thread is closed to new comments.
posted by radioamy at 12:30 PM on April 13, 2012