Jump to content

Hacking phone that connect to my wifi


zhenweefusion
 Share

Recommended Posts

Hi guys

Recently i face a problem which my company staff connect their phone with company wifi and i have no idea what there are doing , may i know is there anyway i can check their usage , and any other activities on phone ?  I was worry about company data leaking too , but i have no ways to trace them . Anything i can do ? Cause based on what i check on the web it usually able to trace only if they surf internet , what about email and whatsapp all those ? Cause there could be a possible that they leak out our company data , and all staff is deserved to use company wifi . Please assist on this ?

Link to comment
Share on other sites

Yes, many business grade routers have web dashboards that show data usage per device, some even showing what they were browsing.

Some examples (for SMB) are Ubiquiti, Aerohive and Fortinet (Fortigate). Taking Fortinet as an example, it can view data usage, what websites were being browsed, can control whether users can upload a Facebook post, view Facebook posts, use Facebook Chat etc. so it's pretty full on stuff but I wouldn't recommend it unless you have highly-qualified internal IT or an external IT service (preferably local). It's highly in-depth.

A "simpler" solution would be to put the company WiFi on a separate VLAN so anything connected to it cannot connect to internal services like file shares (where your data is more than likely kept). This limits it to just internet access, which is useful for everything - including emails.

Data leaks are a common problem but if your a small business (~5-30 people) then it would be easier to control them in a social sense rather than a limiting-their-access sense. What I'm saying is, if you hire them as a small business of 15 people or so you have to be able to trust them with access to your data. They're part of your business now, and if you, along with them, are planning to make money for the business they more than likely need access to business data. That's just how it is.

Hope what I've said helps!

Link to comment
Share on other sites

Are the phones company ones or private? In a few countries it is illegal to monitor private devices even if they are connected to a corporate network as there is an expected level of privacy.

If they are corporate phones then you can get monitoring software to install on the phone but doing this without informing the user is again considered a beach of their privacy even if they signed an agreement.

Link to comment
Share on other sites

Some routers also have the option to, broadcast a guest access point additionally to a wpa2 locked ap.?

Link to comment
Share on other sites

2 hours ago, digininja said:

Are the phones company ones or private? In a few countries it is illegal to monitor private devices even if they are connected to a corporate network as there is an expected level of privacy.

If they are corporate phones then you can get monitoring software to install on the phone but doing this without informing the user is again considered a beach of their privacy even if they signed an agreement.

 

5 hours ago, Dave-ee Jones said:

Yes, many business grade routers have web dashboards that show data usage per device, some even showing what they were browsing.

Some examples (for SMB) are Ubiquiti, Aerohive and Fortinet (Fortigate). Taking Fortinet as an example, it can view data usage, what websites were being browsed, can control whether users can upload a Facebook post, view Facebook posts, use Facebook Chat etc. so it's pretty full on stuff but I wouldn't recommend it unless you have highly-qualified internal IT or an external IT service (preferably local). It's highly in-depth.

A "simpler" solution would be to put the company WiFi on a separate VLAN so anything connected to it cannot connect to internal services like file shares (where your data is more than likely kept). This limits it to just internet access, which is useful for everything - including emails.

Data leaks are a common problem but if your a small business (~5-30 people) then it would be easier to control them in a social sense rather than a limiting-their-access sense. What I'm saying is, if you hire them as a small business of 15 people or so you have to be able to trust them with access to your data. They're part of your business now, and if you, along with them, are planning to make money for the business they more than likely need access to business data. That's just how it is.

Hope what I've said helps!

Thanks for your info , it helps ?

Link to comment
Share on other sites

2 hours ago, digininja said:

Are the phones company ones or private? In a few countries it is illegal to monitor private devices even if they are connected to a corporate network as there is an expected level of privacy.

If they are corporate phones then you can get monitoring software to install on the phone but doing this without informing the user is again considered a beach of their privacy even if they signed an agreement.

The phone are private but i would like to know is there any ways to monitor ? 

Link to comment
Share on other sites

4 hours ago, zhenweefusion said:

The phone are private but i would like to know is there any ways to monitor ? 

There are ways to monitor, just not "legally" since they're "private" mobile devices. In other words, you need to ask employees permission to "monitor" data on their "private" mobile devices.

There are ways "around" this "legally" (contract trap sort-of-thing?) but I'd rather not say ... One I can mention is creating / updating the EULA, Terms & Conditions, Privacy policy, Code of Conduct, etc. when being connected to the company's network.

Link to comment
Share on other sites

On 8/3/2018 at 9:36 PM, _0NiTy said:

There are ways to monitor, just not "legally" since they're "private" mobile devices. In other words, you need to ask employees permission to "monitor" data on their "private" mobile devices.

There are ways "around" this "legally" (contract trap sort-of-thing?) but I'd rather not say ... One I can mention is creating / updating the EULA, Terms & Conditions, Privacy policy, Code of Conduct, etc. when being connected to the company's network.

Thanks for the info 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...