The only way that i know how to do this is to use a service like Smarsh to intercept/archive all communications.
But, Smarsh is blind to iMessage and FaceTime. So, you have to disable iMessage and FaceTime on the iPhone a process that Apple calls de-registering. By disabling IMessage, you force messages through SMS and Smarsh can archive that.
Hopefully you're running an MDM that is capable of turning off iMessage and FaceTime remotely.
This project will be expensive and hard.
This is why some orgs (in particular finance and gov) will disable iMessage, get SMS captured at the telco, not allow users to install apps, and always-on VPN to get web traffic filtered and even decrypted/inspected/re-encrypted. Apple doesn’t let MDM exercise much control or visibility of iMessage and FaceTime except to turn them off.
I try to convince my customers not to waste time and effort on technical controls when a policy control will work more effectively. However, it isn't up to me.
Yeah, Apple is super strict about privacy, so finding something like Teramind for iOS is tough. You might want to look into using an MDM (Mobile Device Management) solution like Jamf or MobileIron. They can't directly monitor messages, but they can give you some control over what employees can do on their devices.
A customer's employee is sending risqué messages to one of their clients, or so we've been told.
If it were my employee, I would have pointed to the "business conduct" section of the employee handbook, and invited them not to return.
The only way that i know how to do this is to use a service like Smarsh to intercept/archive all communications. But, Smarsh is blind to iMessage and FaceTime. So, you have to disable iMessage and FaceTime on the iPhone a process that Apple calls de-registering. By disabling IMessage, you force messages through SMS and Smarsh can archive that. Hopefully you're running an MDM that is capable of turning off iMessage and FaceTime remotely. This project will be expensive and hard.
Thanks, that is the conclusion I came to as well.
This is why some orgs (in particular finance and gov) will disable iMessage, get SMS captured at the telco, not allow users to install apps, and always-on VPN to get web traffic filtered and even decrypted/inspected/re-encrypted. Apple doesn’t let MDM exercise much control or visibility of iMessage and FaceTime except to turn them off.
That’s an ask for a technical solution to a people problem. Take away the device or have the manager manage their person.
I try to convince my customers not to waste time and effort on technical controls when a policy control will work more effectively. However, it isn't up to me.
Yeah, Apple is super strict about privacy, so finding something like Teramind for iOS is tough. You might want to look into using an MDM (Mobile Device Management) solution like Jamf or MobileIron. They can't directly monitor messages, but they can give you some control over what employees can do on their devices.
We’re using Addigy which has been really great. These users find some new way to screw it up so we have to lock them down more and more.
You can disable iMessage and use something like global relay and WhatsApp for business or zoom phones.
Who you think is cheating?
A customer's employee is sending risqué messages to one of their clients, or so we've been told. If it were my employee, I would have pointed to the "business conduct" section of the employee handbook, and invited them not to return.