I do both personal and work stuff on my Mac, iPhone & iPad, all using the same Apple ID.
Now I’m thinking of retaining my old iPhone when I buy my next one and use one phone for work, the other personal.
Work is very much BYOD. I have separate home/work email accounts. I don’t think I’ll mind apps on both devices sharing data via a single iCloud/Apple ID account. But are there any other “gotchas” I might need to worry about, using two iPhone with separate phone numbers with the same Apple ID?
One thing to think about is privacy. If you are based in the US and working for a US company, your employer essentially has unlimited rights to monitor and archive everything you do on the devices and online accounts used as part of your job.
I have seen this in action: a colleague had years and years of emails and direct messages pulled from a corporate archive as part of a lawsuit. The company did not have to ask permission; the legal department simply notified my colleague one day their information was now in the hands of lawyers on both sides and that was that.
Personally, if I were facing a similar situation, I would at a minimum, use dedicated Apple ID and macOS/iPadOS/iPhoneOS user accounts for everything work related. My default, though, if I was not working as a limited-period consultant or for a startup or small business (say, 100 employees or less), would be to use separate devices with for-work-only online IDs and accounts.
Is this true if it’s a personal device, as it is in the OP’s case? Can a company demand you hand over your personal phone because you happened to read and respond to work emails on it? If I were the OP, I’d set up a second Apple ID simply to keep work stuff cleanly separated from personal stuff.
About the only thing I do that’s work-related on my phone is text my colleagues. I want my phone to myself with no intrusions from work.
You might end with the need of a bigger iCloud.
Also common apps (Calendar, Contacts, etc) will sync, which may or not be what you want.
If you don’t want them to sync you will have to set it in your new iPhone.
(I’m not a legal professional)
Thanks for driving me to dig into this some more. It looks like there are both federal and state regulations so the OP, if they are sufficiently interested, should look into what rules apply in their area.
I found this source, which lists a few cases that have gone through the courts.
What they are entitled to legally and what they have the capability to do technically are two distinct things, with a lot of overlap.
In particular, I would suggest that @bob32 should consider whether their employer will require the phone to be managed by the company by enrolling in MDM (like MS Intune or Jamf.) Doing that grants the employer’s IT department powers that might include monitoring all network traffic, wiping the device remotely, or tracking the device’s location, among other things.
A lot depends on the sophistication of the employer’s IT department.
Most competent IT departments will require you to enroll in a “mobile device management” (MDM) program to access company respources from a phone. If personal devices are allowed to be used for business email, a better-than-average IT department will allow selective erasure of work items while leaving personal accounts intact via something called “user enrollment” in MDM or business containerization, rather than the simpler “whole device enrollment”. If your company used “whole device enrollment”, they have access to everything on the device and can erase the whole thing at any time.
You should double check the type of MDM in use and avoid whole device enrollment on a personal device. If you allow whole device enrollment, you may legally own your device, but technologically speaking, your IT administrators will have full admin rights on it.
You also should double check any employment agreements you have. @Halfsmoke shared a good article about some rights you may have under US federal law, but some companies will require you to sign agreements that give them permission to do a lot on your enrolled devices. If you are elsewhere, particularly some EU countries like France, the laws place significantly more restrictions on company’s ability to access your personal information, even if you access personal email on a company-owned device. Nonetheless, you still need to check your employment agreement.
Personally, if you’re going to carry two phones, one for personal use and one for business use, I would only use the business phone for business purposes, regardless of who actually owns the devices. That would be true even if it is convenient to do things like share notes and contacts across phones using a single personal Apple ID.
This is similar to having an iPhone and iPad using the same Apple ID as “owner”. The cell connection on the iPad will have a different phone number from the iPhone. It is not a problem. Most iCloud services can be used on both. Mail can connect to multiple services and user accounts on both.
The real issue is clear separation of functions. Employer having management access to the device must be considered along with proprietary data residing on the device. Note that company account email using IMAP is already in the possession and control of the company. BYOB policy seems to allow accessing this from Mail on a personal device.
One approach is:
You can configure your personal email account on your old iPhone, if needed. Apps on either can access data by individual logins, so you can visit your Amazon account (or similar) using Safari on either iPhone.
The goal is to logically separate your devices to reduce the chance of commingled data between personal use and business use. Backup your devices and make certain you have a current copy of your employers requirements so that you can confirm compliance.
Maybe use two seperate Apple IDs but share some data, as you would with a family member?