Are passwords in my keychain readable by enterprises MDM tools?

So, our company is starting to push MDM (VMWare Workstation One) around... I understand they want to be safe... But I'm worried about my safety. Question: Is my keychain still safe after MDM is pushed to my macbook?


Solution 1:

You should not be installing work-issued MDM solutions on a personal computer, and you should not keep personal content on a work computer unless you are okay with IT management at the company accessing it. Assume they have the same permissions as an administrator account with screen sharing enabled.

To answer your question, your keychain is protected by your account login password in most cases. In the "assume they have an administrator account" scenario, that does not give them access. However, they probably also have your account password accessible if they use any sort of managed login system (my work requires enterprise passwords to be used for machine accounts) which would allow access.