What information can my organization see when I enroll my device?
Your organization cannot see your personal information when you enroll a device with Microsoft Intune. When you enroll a device, you give your organization permission to view certain pieces of information on your device, such as device model and serial number. Your organization uses this information to help protect the corporate data on the device.
What your organization can never see:
- Calling and web browsing history
- Email and text messages
- Pictures, including what's in the photos app or camera roll
What your organization can always see:
- Device model, like Google Pixel
- Device manufacturer, like Microsoft
- Operating system and version, like iOS 12.0.1
- App inventory and app names, like Microsoft Word. On personal devices, your organization can only see your managed app inventory. On corporate-owned devices, your organization can see all of your app inventory.
- Device owner
- Device name
- Device serial number
What your organization might be able to see:
- Phone number: For corporate-owned devices, your full phone number can be seen. For personal-owned devices, just the last four digits of your phone number are visible to your organization. You can see the Ownership Type for each individual device by opening that device's Device Details page.
- Device storage space: If you can't install a required app, your organization might look at your device's storage space to figure out if space is too low.
- Location: Your organization can never see your device's location, unless you need to recover a lost, supervised iOS device. Visit the Apple iOS documentation to learn more about supervised devices.
- App inventory details: If your organization uses Mobile Threat Defense, they will be able to view details about the apps that are on your iOS device. Find out more about Mobile Threat Defense.
- Network information: Some information about network connections for Android devices may be available to your organization support. For example, if your organization requires devices to remain within a certain building, your device would identify the network where it is connected.
Send feedback about: