My wife and I were at a show, and she took out her phone to silence the ringer and she got the attached message on the screen. Oddly, when we got home, her iPad and Apple Watches had the same message, but not her MacBook Pro. This message has never appeared before until now. She changed her passcode for each effected device, and all was well.
The devices she uses are all personal to her, i.e., not provided by her university employer, although she is connected to university servers (MS 365 and Exchange) for email, calendar, etc. Anybody know why this is happening or if there is a setting we can change to prevent it from happening in the future?
Even if they’re personal to her, if she has installed an employer’s certificate – to access their servers or apps for example – then I believe they can still force a passcode change (and wipe the device, for that matter).
If you go to Settings on iOS and search for “cert”, it’ll point you to General>About>Trusted Certificates
That said, I have seen that item invisible on at least a couple occasions – once I think because it was an employer-owned device, and the certificate settings weren’t made available to employees; and the other time because the device had no certificates. Not 100% sure though
Installing an mdm certificate with the right authorisations will give full control of the device to the employer. It’s probably a password change policy that’s intentional (or misconfigured for personal devices).
You might be able to get the details form the certificate under settings → General → VPN & Device management → Mobile Device Management should have a profile listed
select the profile and look at “more details”. It probably has change settings and so on listed under the “MDM” heading
What most users do not know is that these MDM certs basically hand over full control to the issuer, and allow them to see everything, change everything and delete everything.
My advice: if you want to see work stuff on your phone: get a work phone separate from your personal phone.
