I’ve done this sort of work and my anecdotal experience was it is mostly used to flag blacklisted activities from occurring on the computer spanning things like porn and gambling sites to administrative privileges, but also to modify what level of access these computers had for interacting with different infrastructure between silos.
You could use the data to identify activity levels or behavior patterns of the people using the device but it would cost a ton more money and a larger team to do that plus the other responsibilities we had simultaneously.
My experience is also not with employee owned devices so in my mind there’s nothing wrong with doing it’s agreed to and is imperative to their function as an employees especially with HIPPA concerned.
I think there was some BYOD stuff that was starting at one point and we had to run an emulator on their personal devices so the programs we run to collect logs were sandboxed from their regular phones.
You could use the data to identify activity levels or behavior patterns of the people using the device but it would cost a ton more money and a larger team to do that plus the other responsibilities we had simultaneously.
My experience is also not with employee owned devices so in my mind there’s nothing wrong with doing it’s agreed to and is imperative to their function as an employees especially with HIPPA concerned.
I think there was some BYOD stuff that was starting at one point and we had to run an emulator on their personal devices so the programs we run to collect logs were sandboxed from their regular phones.