What can the College see if I install . . . on my device.
The following is intended as a guide to what information the college can see if you chose to install one or more application or certificate on your personal device.
Application / Certificate
Platform
Purpose
Prerequisites
What can the college see?
What can the college do?
Alternatives
EDURoam Certificate
The college follows the Government's requirements contained in KCSIE[1]. As a result, we need to be able to report on what activity is taking place on our devices and devices connected to our network, including personal devices.
N/A
When connected to the college's network, the following can be reported on:
- Websites visited
- Data entered into websites i.e. search terms, chat messages etc.
- Rough location of the device
Once disconnected from the network, we have no visibility of personal devices [6].
Report on the data collected.
Using a college device [4].
Using a mobile connection on your personal device [5]
Microsoft Authenticator
To provide second-factor authentication for Microsoft 365 accounts
N/A
That MFA has been enabled on your Microsoft account(s).
Nothing
Android and iOS have built-in support for rolling MFA codes. Google also offer Google Authenticator.
Company Portal
On a personal device, this initially supports the user to ensure their device is compliant and then as a signpost to the compatible apps from the native app store.
N/A
Nothing without the
Needs either MDM profile or work profile.
N/A
MDM Profile (iOS, iPadOS and Mac OS)
Ensures that the device is compliant:
- has a secure pin
- automatically locks
- software is up-to-date
- isn't jailbroken
Company Portal
Device details and which user it is associated with.
- Allows the college to remove college-owned data from your device if necessary
N/A - See specific apps
Work Profile (Android)
Ensures that the device is compliant:
- has a secure pin
- automatically locks
- software is up-to-date
- isn't jailbroken
Company Portal
Device details and which user it is associated with.
- Reports back the device details, including serial number
- Allows the college to remove college-owned data from your device if necessary
N/A - See specific apps
Teams
Team collaboration and classroom app.
Company Portal and either MDM or Work profile.
All messages and content that are sent and received using the app [2]
Restrict access to functionality within the app
Web version available without MDM or Work Profile [3]
Outlook
Email
Company Portal and either MDM or Work profile.
All messages and content that are sent and received using the app [2]
The college gains no additional functionality by the end user utilising the native app.
Web version available without MDM or Work Profile [3]
Excel, Word, PowerPoint & Onenote
Office applications
Company Portal and either MDM or Work profile.
All content created and stored within the college's Microsoft 365 tenant [2]
The college gains no additional functionality by the end user utilising the native app.
Web version available without MDM or Work Profile [3]
OneDrive
Cloud storage
Company Portal and either MDM or Work profile.
All content created and stored within the college's Microsoft 365 tenant [2]
The college gains no additional functionality by the end user utilising the native app.
Web version available without MDM or Work Profile [3]
Please note: There is no requirement for you to install these on your personal device.
Leaners, staff and visitors are encouraged to familiarise themselves with the college's Acceptable Use Policy available on the college's intranet.
- KCSIE - Keeping Children Safe in Education.
- All content is visible to the college if the native app is used or not.
- Restrictions are already in place to prevent college data from being downloaded onto non-college devices.
- Web activity is still recorded and monitored for all users of college devices.
- Connecting a college-owned device to a mobile connection or other network still reports back web activity.
- Unless company portal and the MDM / work profile have been installed.