Skip to main content
Suomeksi
Search

FAQ - Mobile device management

Tampere University and TAMK

This page contains the most frequently asked questions about Microsoft Intune mobile device management. 

Please also see the Mobile Device Management intra page that contains information and guidelines on Intune and full instructions (pdf) for deploying it.

Do I have to start using mobile device management?
Which devices are regarded mobile devices?
Does this also concern students?
Does this concern students who are also employees?
Why is phone use made more complicated by separating personally and organisationally managed applications?
Which information can mobile device management see in my own phone?
Can the employer access my phone or tablet remotely?
Should I remove my TUNI id from the applications in my personal profile and reactivate them in my work profile?
What information can I share from my work profile to my personal profile in my Android phone?
How does mobile device management affect the employees of other companies who come to work part-time at the universities community?

Do I have to start using mobile device management?

Intune must be enabled on all phones and tablet computers with which an employee wants to access M365 apps and services (such as Outlook, Teams, OneDrive, Teams). Mobile device management improves information security both in the mobile device and in the information systems.

Employees will not be able to access M365 services using mobile devices where Intune is not enabled. The block applies to the M365 apps and using a browser to access those services.

However, services that use HAKA sign-in (such as Intranet, Sisu, Promid, eParking (personnel parking), SportUni, library e-resources) are available also with no MDM.

Which devices are regarded mobile devices?

From the point of view of mobile device management, mobile devices are Android, iPhone, and iPad devices. Devices that use other operating systems, such as Windows, are not regarded as mobile devices.

Does this also concern students?

Mobile device management does not concern students.

Does this concern students who are also employees?

If a student is also an employee, he or she has more access rights to information systems, which means that enabling Intune is mandatory in the mobile devices with which he or she uses the M365 services.

Why is phone use made more complicated by separating personally and organisationally managed applications?

In Android devices, mobile device management places work applications in the work profile which is encrypted and protected from the other functions on the phone. This means that a malware – which has potentially invaded a personal profile – cannot access the information and applications in the work profile. In addition, the work profile containing organisational data can simply be deleted at the end of an employment relationship and the personal things will remain intact. iPhones have the same protection mechanisms even though the division of the two is not shown to the user.

Which information can mobile device management see in my own phone?

Intune can see general information contained in the phone, but it does not see, for example, the following:

  • Calls and browsing history
  • Emails and text messages
  • Contact details and calendar
  • Passwords
  • Photographs
  • Location

For the full list, please see the document Microsoft Intune MDM General info (pdf) on the intra page Mobile Device Management.

Can the employer access my phone or tablet remotely?

Intune cannot be used to access phones and tablets with a remote connection in a manner that would enable seeing or changing the data in the phone. The only way to control an employee’s own device is that the system delivers the general information security settings and work apps into it. As a separate measure, it is also possible to empty a lost device upon your request.

Should I remove my TUNI account from the apps in my personal profile and reactivate them in my work profile?

In Android devices, the TUNI account will stop working in the M365 apps in your personal profile and the TUNI account should be removed in those apps. Start using the M365 apps in your work profile.

In iPhone or iPad, the M365 apps should be deleted before the deployment of MDM.

What information can I share from my work profile to my personal profile in my Android phone?

You can start sharing data in the apps in work profile and you can select as the target an app in personal profile. However, if you open a file by tapping the file in an app, you can open the file only in an app which is in the same profile. You can share the contact information from the TUNI Outlook in work profile to the personal profile. See the pdf instructions for Android devices.

How does mobile device management affect the employees of other companies who come to work part-time at the universities community?

  • If the person has a resource agreement but not a Tampere University or TAMK work phone, he or she does not need to enable our Intune.
  • If the person has a resource agreement and the University’s or TAMK’s work phone, he or she must deploy Intune in the work phone.
  • If the person has a regular employment contract, we recommend using a work phone where Intune must be enabled. If it is not possible or appropriate to get a work phone for such a person, please contact the IT Helpdesk and a suitable solution will be assessed case-by-case.

 

IT Helpdesk
+358 294 520 500
it-helpdesk [at] tuni.fi (it-helpdesk[at]tuni[dot]fi)
helpdesk.tuni.fi

Published: 7.2.2022
Updated: 7.12.2022
Print this page

Tampere University and Tampere University of Applied Sciences (TAMK) constitute the Tampere Universities community. Our areas of priority in research and education are technology, health and society.

Tampere University: +358 (0)294 5211
Tampere University of Applied Sciences : +358 (0)294 5222

TUNI IT Services