I looked through your links. I don’t see anywhere that SMS can be read.
From the link, emphasis mine. SMC is the MDM in question
Read SMS or MMS
Allows an application to read SMS messages stored on your device or SIM card.
Malicious applications may read your confidential messages.
SMC usage:
Read the initial configuration and further server notifications. 2. Read all SMS for Backup.
This link provides more information and explicitly states the following:
Sophos Mobile does not track privacy data such as contacts, SMS and call history, browser history, bookmarks, or emails. Sophos Mobile does not access any data outside of the Sophos container.
and
Sophos Mobile does not track privacy data such as contacts, SMS and call history, browser history, bookmarks, emails, or data on the SD card.
Sophos has a strong cybersecurity focus which, I’d imagine, is why they have the message filtering option that they do.
I’m not a Sophos admin, never have been, so I can only speculate but it might be to restore a message that was altered due to the filtering if captured incorrectly.
I’m also not sure why it specifies SMS but not RCS. I do know Sophos uses SMS to communicate between a device and Sophos Central.
Without more context and information it’s hard to say what exactly happening from the permissions KB.
I can’t definitively say it’s not possible but I’ve never heard of an MDM that allows an admin to read user texts. I appreciate the links, it helps to understand where you’re coming from.
I still remain skeptical but, like I said, better to be over cautious than under. I’d be leery of any company that tried requiring me to use my personal device with MDM.
Everywhere I’ve worked with BYOD it’s been optional to use your personal device. If you were in a role that required it you’d get a company provided device.
From the link, emphasis mine. SMC is the MDM in question
2. Read all SMS for Backup.
Yep, it’s part of their message filtering that I mentioned.
This link provides more information and explicitly states the following:
and
Sophos has a strong cybersecurity focus which, I’d imagine, is why they have the message filtering option that they do.
…why would they need to backup all SMS messages for a filtering option? That just plain does not compute.
The short answer is to restore it:
I’m not a Sophos admin, never have been, so I can only speculate but it might be to restore a message that was altered due to the filtering if captured incorrectly.
I’m also not sure why it specifies SMS but not RCS. I do know Sophos uses SMS to communicate between a device and Sophos Central.
Without more context and information it’s hard to say what exactly happening from the permissions KB.
I can’t definitively say it’s not possible but I’ve never heard of an MDM that allows an admin to read user texts. I appreciate the links, it helps to understand where you’re coming from.
I still remain skeptical but, like I said, better to be over cautious than under. I’d be leery of any company that tried requiring me to use my personal device with MDM.
Everywhere I’ve worked with BYOD it’s been optional to use your personal device. If you were in a role that required it you’d get a company provided device.