Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

In most cases wouldn't that session info be tied to physical hardware to which the employee no longer has access? Sure, tick all of your boxes, but I would think that losing the company laptop/phone/VPN would be a pretty significant barrier to maintaining access to other systems.


Not worth 3rd party vendors with basic SSO. They have no idea when the user leaves the company because there's nothing updating the vendor's sessions.


Not with BYOD


I refuse to BYOD, so I am not familiar with the nuances, but wouldn't the corporate controlling entity wipe/reset/deauthenticate the corporate partition of the device?


That entirely depends on how it's implemented. At least Windows, Android and iOS have the functionality to delete Work accounts / profiles.

But I've also seen companies with no MDM at all, so YMMV.




Consider applying for YC's Summer 2026 batch! Applications are open till May 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: