Some time back i had them lock me out on my phone while on the road with a password reset.. I had to a full factor reset of my phone while on the road in China!..
Its a major pain to have IT lock down your corporate laptop to the point that you can't do squat..
Its to another level of pain to have them lock down(and sometimes out of) your personal cell phone just to get corporate email on it...
I simply left corporate email off after a while, I was not going to give them those administration rights over my personal devices to have their corporate email
Then the Samsung’s Knox feature came along.. so cool.. just set up in my personal phone the secondary VM smartphone “sandbox” with my corporate email and calendar inside it and give them full admin rights to that vm phone while keeping there paws and eyes out of my personal phone.
Any problems just blow out the vm phone and reset up the email ..it all backed up on the corp outlook server..
All the while never touching my primary phone (and my personal files)...the vm is running on.
If your IT im sure your run VM’s on your PC and servers you know how useful it is to sandbox a virtual machine inside a real machine runing as hypervisor.
and I know you probably seen where some IT guys have to carry two cell phones...a corporate cell phone along with their personal cell phone.
it's super cool to have a corporate smartphone in a vm sandbox inside your personal phone Knox security features is a Samsung concept and it is my understanding Google is adding to all Android will be part of the Android L release.. and are shooting for Android L to be the platform a choice from a security perspective for IT Corporate
That IS cool ;o)
What is hilarious is that I know someone who works for a company that has their Windows network VPN so locked down they have an expensive digital key requirement to log on that is synced to a specific digital clock that generates a random matching access code. if the key is not entered in a specified time, the user has to log off the Windows computer and start over. The digital key changes every minute. However, I can log on with any Apple Mac and get access to everything. Hilarious. No digital key necessary. . . Just the user name and password. . . but at least it DOES require those. Their IT department doesn't seem to have a clue. The Mac just set up the VPN and voile, connected!