Is there any infrastructure out there to limit or securely monitor what apps or features are enabled on company/institution mobile devices? Or are we for the most part in a "we expect you not to do this or that" era?
I used to work for a small institution a while back (not USA), they used a Word file of approved apps, authored by a non-IT employee. Their whole idea of InfoSec was equivalent to taping a water balloon to a steering wheel and calling it an airbag. Can't imagine the situation is much better in most other places. Scary really.
Any serious corp will have some kind of MDM deployed: https://en.wikipedia.org/wiki/Mobile_device_management This can be used for various purposes - making a list of allowed apps, restricting internet / configuring VPN, enforcing auth methods, remote wiping the device, etc.
Deployed service members often (usually?) can’t connect to the internet using their personal devices. They use public government computers connected to govt networks.
