The One Key Reason Why Mobile Device Management (MDM) Is Incomplete
by Volker Weber
By putting the barrier around the entire device and not simply around sensitive data, you actually expose your data to greater risk. Hands up for anyone who’s ever let someone else use their device.
I have seen enough mobile deployments to agree with this sentiment. IT breaks devices by locking down services, demanding convoluted passwords, and creating a miserable experience. Security theater.
Comments
I always tried having the e.g. passcode requirements scaled back to something senbsible (e.g. 6 digits, numerical). I would also never disable such great things as touch id. But I can see that others did it, for theoretical attacks, all a lot harder than looking over the shoulder.
Of course, if there were higher ups in the chain, who liked theater, things could get complicated.