So my company decided to migrate office suite and email etc to Microsoft365. Whatever. But for 2FA login they decided to disable the option to choose “any authenticator” and force Microsoft Authenticator on the (private) phones of both employees and volunteers. Is there any valid reason why they would do this, like it’s demonstrably safer? Or is this a battle I can pick to shield myself a little from MS?
You work in cybersecurity, yet you have company-controlled assets on your personal phone?
X DOUBT
Either you don’t give a single sh*t about your personal privacy, or…
And no, this isn’t “Microsoft bad”, this is “your company is inherently and fundamentally untrustworthy”. The app is, IMHO, one of the best ones out there, I would just never trust any company I worked for to keep their nose out of my personal life. A lot of the software that companies use to lock down mobile devices are hella invasive, and any company asset on a phone typically includes a demand to install the security software as well. Any of that shit should ALWAYS be on a company-provided phone, bro.