Workspace ONE (Android) and Jamf (iOS/iPadOS) mobile device management (MDM) enforce and periodically report on your device's configuration to ensure alignment with the Minimum Security Standards.
Stanford University respects your privacy, and MDM cannot access your application data, call history, voicemail, or SMS messages on your mobile device. We cannot and do not collect your personal data, and while the capability exists, we do not collect GPS location information. Here's what information we collect and why:
- Device and network ID, and information on storage capacity, operating system, carrier, and firmware (to uniquely identify your device in MyDevices and to ensure that we're looking at the correct records if it’s lost or stolen).
- List of apps installed by MDM, not including your personal apps (needed by MDM to confirm whether apps provided by Stanford have been installed). MDM can list all installed apps, but we have explicitly disabled that capability.
- Jailbreak or root detection (indicates whether built-in security features have been bypassed. Jailbreak or root detection informs you if these features have been disabled).
Here's what permissions are requested and why:
- Add/remove accounts (to set up Stanford Email and Calendar, if you opt-in).
- Add/remove restrictions (to establish minimum security standards, such as requiring a device passcode and auto screen lock).
- Remotely erase Stanford data (if you leave the University or lose your device). The capability exists to wipe your phone fully, but the university will never do this on your behalf.
The collected data is considered Moderate Risk data in the University's risk classification system.
See the Administrative Guide for Stanford's official policy regarding privacy. If you have any questions about this policy, please submit a Help ticket.
For each device, we store the following:
- Name
- UDID (Unique Device Identifier)
- Wi-Fi MAC address
- Phone number
- Cellular technology
- Cellular network ID
- Model
- Model name
- SIM carrier
- Last carrier
- Serial number
- Carrier settings version
- Modem firmware version
- Capacity
- Jailbreak or root status
We also store the time of enrollment in the service and the time of each access to the service by your mobile device.