iPad "Remote Management" or MDM Privacy

Information

Bowdoin College uses a service called Jamf as a management platform (MDM) for all Bowdoin-owned Apple mobile devices (iPads, iPod Touches, iPhones) and Macs. This platform allows us a way to maintain hardware inventory, application updates, application installation and enforce security requirements as needed. Jamf leverages Apple's own MDM tools in order to provide the functionality we have. Apple has very strict privacy guidelines and ensures customer privacy in everything that they build. Because of this, Bowdoin has no ability to see into anything that you do on your Bowdoin-issued mobile device. Below is a list of what we are "controlling" and a list of what we can and can not see.

What settings Bowdoin IT maintains

Information Technology is charged with the safety and security of your information and Bowdoin-owned devices. When an iPad is enrolled in MDM, the following settings are enforced:

  • A lock passcode with a minimum of 6 digits.
  • The device is encrypted.
  • An activation lock is enabled. If you must erase your device, you may need to contact the Service Desk in order for us to unlock it one time and allow you to reset it. If a device is lost or stolen and a thief tries to erase and resell the device, they won't be able to. 
  • The device can not be "jailbroken". Only a certified Apple OS can be installed on the device, and only Apple's own App store can be used to install apps.

What Bowdoin IT can see

There is a variety of information that IT can see, however this information is limited to the hardware information on the device, and the inventory of the apps installed. For example

  • Hardware information such as make, model, serial, number, IMEI number
  • Software information such as OS version, when it was last updated, if an update is available
  • App information such as App name, install date and app size
  • A person to device assignment. This allows us to map a person with an asset in case of theft or loss, we'll know who is supposed to have what.

What Bowdoin IT can't do or see

Due to Apple's strict privacy policy, we can not see any personal or private information

  • We can not see any websites, web traffic, page or surfing history or anything related to your web browser.
  • We can not see any files, folders or other personal data.
  • We don't have access to any photos, videos or images.
  • We don't have access to any Messages, FaceTime calls, or anything of that nature.
  • We can not see any GPS information or track where the device is or has been going. 
  • Even if you asked for remote support on your iPad, we are limited to what we can do within the support app itself. We can't access any apps outside of the support app.
It is important to note, we don't have access to anything on the device. If you do not backup your files using OneDrive or some other application, or backup your iPad to iCloud, you could risk losing everything on it as it is unrecoverable in the event of damage, erasing, theft, loss, etc.

Details

Article ID: 115056
Created
Sat 8/29/20 11:10 AM
Modified
Sat 8/29/20 11:21 AM