Slashdot Mirror
When Your Company Remote-Wipes Your Personal Phone
Xenographic writes "NPR has a story about someone whose personal iPhone got remotely wiped by their employer. It was actually a mistake, but it was something of a surprise because they didn't believe they had given their employer any kind of access to do that. This may already be very familiar to Microsoft Exchange admins, but the problem was her iPhone's integration with MS Exchange automatically gives the server admin access to do remote wipes. All you have to do is configure the phone to receive email from an MS Exchange server and the server admin can wipe your phone at will. The phone wasn't bricked, even though absolutely all of its data was wiped, because the data could be restored from backup, assuming that someone had remembered to make one. But this also works on other devices like iPads, Blackberry phones, and other smartphones that integrate with MS Exchange. So if you read your work email on your personal phone or tablet, you might want to make sure that you keep backups, just in case."
We have the same policy and will only allow smart phones to connect to exchange when they have the remote wipe capability. It's to protect the company's interests should a phone be lost or stolen. When the users sign up for ActiveSync they have to "read" the terms and conditions where it states that it may be remotely wiped. I don't think most people read it but when you think about the type of proprietary (and often confidential) data your email inbox has, you have to understand why the company does it.
"Wisdom is not a product of schooling but of the life-long attempt to acquire it." -Albert Einstein
If you keep a ton of data you need on your phone, or anything, you should probably keep backups. There's plenty of ways to have your device wiped out or destroyed.
Is it just me or does the iphone in the picture of the article look really small? Or the person has really large hands?
Flexible bare-metal recovery for Linux/UNIX
Sure, any phone or client that supports Exchange Provisioning will allow the server administrator to do it.
Incidentally, I lost access completely to my work's Exchange server after they enabled provisioning, as did everyone using Android. All the iPhone users have access still, and they're all open to being wiped once someone flips the switch.
Company asserts remote-wipe control over devices that access company systems and data. News at 11.
There is nothing interesting going on at my blog
Wiping someones personal data is a felony. I think it likely that the employer prosecute if the tables were turned. Hacking tools are illegal in some jusridictions, I think anything providing this level of unauthorised access would be illegal under German law. Guess they don't use exchange there?
This is common knowledge for most System Administrators (or should be).
With Blackberry, you can remote wipe, or just lock the device and change the password. The iPhone can be wiped.
By default, whenever you connect your iPhone to your computer it does a backup/sync. Blackberry does not.
Most companies I know first lock the device with a new password, and give the user a chance to bring the phone in (or a # of days before it is remote wiped).
If a company is unwilling to provide you with a phone for work, then you should not have your work email on it. If there is some form of bill reimbursement, there should also be clear terms as to who owns the device, and what can be done to it in the event of quitting/firing.
Employees should be made aware of what is possible, including the ability to remote backup user data (so they know not to store questionable content on the phone).
You'd be crazy to use your own phone for work related email or any other tasks. Work and business don't mix and this is a perfect example of that.
"We are just a war away from Amerikastan. When god vs god the undoing of man." Dave Mustaine
Tell them to pay you $10,000 for your troubles or you will be suing them and pressing criminal charges for hacking your phone.
Is this meaning that the Mails were deleted on the server?
No, that wouldn't wipe a phone or raise questions about it being bricked if not for backups. Did you even read the summary?
This is more like the inverse or the equal-and-opposite of (previous?) MS e-mail clients that would automatically execute code from unknown sources as a "feature". Instead of an MS e-mail client it's an MS e-mail server, and instead of downloading and executing code automatically without asking the user to confirm it wipes the phone automatically without asking the user to confirm.
The solution is a simple one. If a company requires you to use a phone for business purposes that will be sending/receiving business e-mails and subject to remote wiping by that company, then that company needs to issue phones to their employees that may not be used for non-business purposes. Then there wouldn't be any problems with a company wiping a phone that is actually company property.
It is a miracle that curiosity survives formal education. - Einstein
...and despite communicating the company policy regarding separation and removal of company data from devices, I've still had to hear the distraught cries from people who lost pictures of their kids, personal emails, etc. It seems excessive that Exchange Remote Wipe destroys data across the whole device (eg Pictures, Notes, other email accounts). I don't know if that is something Microsoft or Apple has to fix but it needs a fix. I'm happy to not be in that role now.
I don't think most folks are shocked at the remote wipe capability - they just expected that it would be confined to the exchange data only, not the MP3's, games, photos, etc.
A marriage made in heaven.....
IANAL but write like a drunk one.
... use IMAP. Connecting to Exchange via IMAP doesn't enable remote wipe, but still allows you to access your mail and get access to the GAL.
But honestly, if you're needing access to a company's Exchange server, there's no reason why the company can't enforce a security policy, like a PIN or password on your phone, or remote wipe capabilities. There may be sensitive data in your emails or in your contact list, that should not be accessed on a device which has no protection (or even weak protection like a PIN). It's in the best interest of the organization to be able to remotely-wipe a device connected to their Exchange server.
That being said, if you don't want to give the company access to do that to your phone, then don't connect to Exchange. If IMAP isn't enabled, then you have to take the tradeoff.
Unless your company specifically forbids it, I'd use TouchDown for Android. I've set it up for my mom and it seemed to work ok. I couldn't get her tasks to sync, but I'm sure I could have figured it out with some more effort. The email came down fine. It isn't quite as chic as having everything integrated into the native apps on your phone, but the interface seemed serviceable enough, and it keeps more of a firewall between your work and personal life.
Many companies don't specifically check the client string. If they do, and you really want to, you can masquerade as an iPhone. It supports Exchange remote wipe (but only for the TouchDown data store), all your personal data on the phone will be unaffected. I have Prey on my phone to wipe my personal data in case it gets stolen.
Keep personal items and work items separate. CRAZY I KNOW.
... they're using an Exchange-Server for all the students' email. Fun parts include: You're only able to install a Forwarding rule if you use the Internet Explorer (otherwise the button for rules is simply not there - something their FAQ omits.) SMTP does not work at all for some strange reason. I finally tried to configure my Android phone to use the Exchange account as an additional email account. That worked. However, whenever the screen went black to conserve power, I had to reenter my Exchange password to unlock the phone! With a nontrivial password containing special characters, numbers, small and big letters at a length of 10 characters, this became a serious pain in the ass. Normally, to unlock the phone I just have to swipe the on-screen button from right to left. Needless to say, I quickly removed the Exchange account. And it was only a month later that I actually got an answer from them regarding my problems. So, if our university of incompetent morons Exchange server means that they could erase my data, I won't touch their offering with a ten-feet pole. Fun fact: They're "offering" a user administration tool for all the dorms' routers based on PHP. This little "tool" does an include of remote PHP files based on the unsanitized GET request data. As a plus, this tool has to be run as root. Which means that any disgruntled dorm administrator could do a pretty powerful attack on nearly the whole dorm network infrastructure.
...why would you use your own resources to access company resources?
If the company intends for you to be accessible via email remotely, then they can damn well supply you with the means to be accessible via email when out of the office.
Unless you get paid for the use of your own resources (and reimbursed for the cost of obtaining them) then there is no sane reason why you would use them.
In Xanadu did Kubla Khan
A stately pleasure dome decree
It wasn't "not bricked" because the data was restorable from backup. The iPhone was still completely functional after the data wipe hence it was "not bricked" because nothing was done to render it inoperable, even without a backup.
I am becoming gerund, destroyer of verbs.
was the first mistake.
If your employer wants you to read work email on a mobile device, make them issue one.
Don't run your personal mobile's wireless through the company access points. Use your damn 3g/4g data plan for that.
Seriously. If it's your data, your employer has no business going anywhere near it or the devices that contain it, and you don't let them get that impression by never giving them a sniff of the thing.
Welcome to the Panopticon. Used to be a prison, now it's your home.
You can only remote wipe something which connect to the internet and is not in offline mode. Even all the best iphone ipad, PDA, will not remote wipe if it do not get the remote wipe command. Which would not happen if somebody is motivated enough to cleverly remove any connection capability before going through the mailbox offline mode. And somebody stealiong it and not sophisticated enough to know that would not even care about the data, almost cetrainly. So it is really a useless feature.
By giving a corporation control over corporate property(virtual property in this case, but established property as far as the law is concerned)?
I think you'll need to hate pretty much every company in the world.
The solution is a simple one. If a company requires you to use a phone for business purposes that will be sending/receiving business e-mails and subject to remote wiping by that company, then that company needs to issue phones to their employees that may not be used for non-business purposes.
Why require they be used strictly for business? If the user is willing to take the risk of losing it all, then let them. One less low-value rule to worry about enforcing.
When information is power, privacy is freedom.
Simply by plugging your device into iTunes, it automatically makes a backup. This is something you can turn off if you really try, but by default making a backup is a standard part of the sync process with iTunes.
Specialist Mac support for creative pros, Melbourne
http://en.wiktionary.org/wiki/spick-and-span
Also, from the wikipedia article on the product, someone did try boycotting it in 1999 (http://en.wikipedia.org/wiki/Spic_and_Span). I think that's stupid. "Spick and Span" was first recorded in the 16th century. "Spic" has only existed since early 1900s, wasn't documented until 1910, and even then was documented as "spiggoty" as a slur against Italians. I'd say it's pretty safe to say that when "Spic and Span" was created (1933 in Ohio), "spic" being a slur wasn't even on the radar for them.
I think the situation is similar to the word "niggardly" (http://en.wikipedia.org/wiki/Controversies_about_the_word_%22niggardly%22). People see something that, without any context (context like the spelling of the word or idiom...), could be conceived as racist. People take offense as something because of their own ignorance.
The problem is, you're not being color-blind. You're seeing color issues where there aren't any. You're trying to get people riled up at racism that isn't even there. You're not helping to stop racism, but you are helping to chill language and communication and encourage ignorance. You have, by trying to be on the right side of something, wound up on the wrong side of everything.
And there goes my karma...
No trespassing. Violators will be shot. Survivors will be shot again.
She was in the 'States, which tends to ignore minor crimes and expect the victim to sue/shoot the culprit (;-))
You're better off in Germany, and the Americans are better off than some of the third world, where our American cousins and we send volunteers to teach the concept of the rule of Law, as in http://www.lawyerswithoutborders.org/Pages/Default.aspx
--dave
davecb@spamcop.net
I'd love a source for that please, it doesn't really sound that believable!
This is the sig that says NI (again)
If you don't want to risk such things happening, don't mix business and personal.
Laptop, VPN, Cell Phone, etc. Keep your life separate from your work. Don't do work on personal equipment, and don't use work equipment for things you want kept private.
If you chose to mix them (for convenience) then understand the risk.
"You want to know how to help your kids? Leave them the fuck alone." -George Carlin
That was probably their policy and they gave everyone a free Black Berry. Then a few Apple "Fanatics" started whining they wanted to user their UBER sweet iPhones and the company is being racist against their phones if they don't let them use it.
Or, since I already have a device capable of accessing the company exchange server, I consider it a waste and a burden to carry around another device. This is what I do. While I am not happy about the possibility of a remote wipe, on balance it is worth it to not lug another device/charger/etc. To mitigate the small possibility of a remote wipe, I perform backups. I can't think of a single piece of data on my phone that I couldn't live without, so the backups are really just a convenience so that I don't have to reassemble everything (music, photos, contacts, etc). If I lose a day's worth of new data, who cares? It would only be notes or phone numbers or texts. None of that is critical, and if it was, I would immediately copy it off the phony by emailing it to myself or similar. Hell, I would do this even if no one could remotely wipe my phone, because there is always the possibility that I would lose the thing or accidentally destroy it.
There aint no pancake so thin it doesn't have two sides.
You'd really rather a thief had easy access to your email and other personal info?
Having said that - when my last phone got stolen, they took the SIM out pretty much immediately anyway, which would stop any wiping from taking place until further connection to the net, or never if they disabled the Exchange account. They could then browse anything if they wanted. We had the IMEI blacklisted so the phone was basically useless. Hopefully the thief didn't manage to sell it.
Needless to say I now make sure to use a code to even allow unlocking of the phone (a swype-code on Android, so it's not a pain in the ass).
which is totally what she said
Shouldn't it be just an option to remote wipe the exchange store? Why force a pin lock on the phone, and remote wipe it? Why not just pin lock the app and remote wipe the email store instead? This applies to Android too. My phone forced me to pick a pin lock because someone in IT checked a box over the weekend. I immediately removed corporate email from the phone.
I'll forward the TouchDown recommendation on to my co-workers that are using Android, however most of them are beta-testing software in development here (system level stuff) so they tend to get their devices reset frequently. I use an N900, so there's no real options for me short of my employer buying me a device, or reverse engineering the ActiveSync protocol such that I can lie and claim I support provisioning when I don't.
Why would ANYONE allow their personal device to touch the Exchange Server, BES or whatever?
Because most people don't expect that reading email allows people to remotely wipe their phone?
Blackberry Enterprise Server and Blackberry Enterprise Server Express have the exact same capability to remotely wipe all data from an employee's Blackberry phone.
Wow, I had no idea that adding an Exchange email account for your iDevice would give sysadmins that power. Good thing my last company had ActiveSync disabled on their Exchange server forcing me to find alternate ways to get my emails, one of which was a tool that let me set a middle man server to act as a IMAP/LDAP/CALDAV server, sort of a proxy via the WebMail interface. This would keep the admin's off my phone while giving me full functionality.
"Where is my mind?"
I am not sure that many here understand this feature. Basically it is not a selective thing whereby it only removes certain data or administrators have any choice what it wipes - it has one option and that is to wipe the entire phone including the OS. The process leaves it in a state where it will not even boot up. You have to plug it into iTunes and download/install the OS/firmware back onto it before it can even be used again. See the link below on how the process works and what is required.
Basically it comes down to this - Blackberries have always had this capability and it is part of the reason why they have been popular with businesses. You have employees wandering around with devices that may well contain confidential employee information and/or have the capability to send messages on behalf of the company. The solution was to give the employer the ability to wipe the device remotely when the employee reported it stolen or if they had to quickly terminate an employee in the field. Microsoft was told by business that in order to be competitive with BES they had to offer the same functionality and thus require it as part of the ActiveSync API. Many other vendors (Microsoft, Palm, Nokia) implement the API call to only wipe the company data and leave the phone in a usable state but Apple, for whatever reason, implemented it in a way as to toast the whole phone. As such, this has to be Apple's fault as others do it better.
I've only done it once or twice when an iPhone was missing/stolen. In one case the person found the phone 10 minutes later (after saying they had searched everywhere) and they did lose quite a bit of personal info. It also took nearly an hour to even get the phone working again (reloading the firmware). That is the chance you take with these...
Why? It is already documented.
Sounds like you learned the lesson.
If you don't want to risk such things happening, don't mix business and personal.
Laptop, VPN, Cell Phone, etc. Keep your life separate from your work. Don't do work on personal equipment, and don't use work equipment for things you want kept private.
If you chose to mix them (for convenience) then understand the risk.
Yeah, 'cuz creepy backdoor capabilities surreptitiously placed into standard-issue corporate software is the natural risk of mixing work equipment with personal equipment, duh. This guy was just as dumb as that kid in Pennsylvania who took his school-issued laptop home and didn't expect to be videorecorded and monitored by the school. Idiots.
Anyone who doesn't have at least 2 phones and at least 2 laptops is also an idiot.
"I don't care about the Constitution!" --Bill O'Reilly, November 17, 2009
This is a non-problem. You should have backups of your iPhone even if this weren't the case. Remote wipes from your office is not remotely (hah get it?) the most likely way to lose all of your iPhone data. I can think of a hundred more likely scenarios starting with dropping the phone on a street and moving on through my dog burying it.
Back up all your data, or consider your data already lost. It's just a matter of time.
- For the complete works of Shakespeare: cat
The solution is a simple one. If a company requires you to use a phone for business purposes that will be sending/receiving business e-mails and subject to remote wiping by that company, then that company needs to issue phones to their employees that may not be used for non-business purposes.
Why require they be used strictly for business? If the user is willing to take the risk of losing it all, then let them. One less low-value rule to worry about enforcing.
In most companies, it is expected that equipment bought and paid for by the company is to be used only for business purposes. This is standard practice with company computers, landline phones, etc. Not to mention it's rather unprofessional to conduct your personal business while you're on the clock and certainly a sign of poor time management.
Also, I support the notion of private property when I retain the right to eject an unwanted person from my home. I likewise support the notion of private property when a company that lends you a phone and pays all the costs of that phone gets to tell you how you may use that phone.
Now the requirement that company-paid phones should only be used for business might be backed up by potential disciplinary action. Or it might be backed up by "our company data has been secured; don't cry to us if you put something else on there and now it's gone". Either way is alright by me, and which one it is would be up to the company and employees to work out.
It is a miracle that curiosity survives formal education. - Einstein
I believe NandroidBackup will allow them to back up their apps and other local data and restore after a system wipe, if they know when the system wipe is coming.
That's what most people use when they are upgrading rooted versions of Android like Cyanogenmod. I haven't had to try it yet, because I'm on CM6.something. CM6.1 will be out soon, and I'll get to try NandroidBackup then.
Beta testing system level Android software? Cool.
I would think most companies, like my own, ask each user to agree to this risk when they agree to use a personal device to hold company data. This is pretty standard stuff, and the ISS shop wouldn't even sign off on personal devices used in this way without that capability. It is definitely a feature.
As to the impact? Not much of an issue. Any iPhone that is synced in iTunes (the large majority I would think), automatically makes a backup when it syncs, meaning any new device could get a total restore of all apps, data, music, notes, etc, at the time it was plugged into the users PC that contained the backup.
In Soviet Russia, phone wipes you!
Many don't realize that when they connect their devices (iPhones, iPads, Etc) to corporate networks they are handing over control to their employer. I wrote a piece about this back when iPhone 4 was released and one of the it execs we interviewed mentioned that fact: http://www.securityweek.com/iphone-4-enterprise-new-features-expected-drive-adoption-iphones-enterprise
For the curious, LWN covered the remote wipe capability back in September.
Jonathan Corbet, LWN.net
Read that as in "may not be used for non-business purposed ". Meaning nobody cares, but it's the policy so if you want to complain about the remote wipe later they can just say "and what against-policy personal data would that be?".
Just because you access company mail with your phone does not mean that the company should be allowd to wipe your phone
Tell it to Sarbanes-Oxley
What's so special about a phone that they get extra special wipe privileges? Can an Exchange admin remote-wipe my laptop if I have it hooked up to my corporate account?
No.
Why my phone then?
I suspect many of the misgivings about remote-wipe policies have to do with the clarity of explanation. Explain to users clearly what ‘remote wipe’ means, and what they can do to protect their data.
Just today, I wrote a new document for our users about our remote wipe policy and how, with iOS 4.2, they can too thanks to Find My iPhone. Here’s what I wrote, under the heading ‘A brief but important note about your privacy and data:’
Companies have a right to secure their smartphones —there’s a lot of data on them. End users have a right to protect their personal, non-company data. These are not mutually exclusive. Can we agree?
I am not sure if you comprehend the idiocy of this policy - saying your employees are responsible for their own data backups in case you have to remote wipe the phone "to ensure data is kept safe"
How are you going to ensure that these employee data backups are kept safe? After all they will also contain all the phones contacts and confidential emails. Knowing most people they will just be on some random laptop or out in the clound someplace unencrypted.
The point being IMO if a company is going to enforce remote wiping they damn well also enforce their own backup policies and also enforce that the phone owner IS NOT ALLOWED to make their own backups.
the lesson is that "friend" is a douchebag. i have acquaintances like that, they never got promoted to friend for the very reason of such behavior.
Snowden and Manning are heroes.
This is why most companies use virtual desktop such on VPNs when remote computers log in. The actual data can be accessed without being permanently stored on the remote PC which is logging in. Many large corporations have specific rule regarding thumb drives. For example, my last employer only allowed files which cleared compliance for client consumption to be put on thumb drives.
If I deleted files on my employer's computers with malicious intent it is a crime. Why isn't this the same thing?
The employer is given permission to add and remove emails, contacts and calendar items. That's it. What's happening here is scorched earth.
I agree on your solution but the problem here is technical, not policy related.
an application removes more data than it should
big fail of ms but even bigger for the walled garden=security theorem.
not that i care,if the theorem were true I'd stay out the walled garden anyway...
---- MISSING MISCELLANEOUS DATA SEGMENT --- [sigdash] trolololol
This will also work for Google when you connect through the Exchange interface. You know, the one that sync calendar, email and address book in one sweep. So most geeks using iPhone is using that.
Just one more reason never to buy iPhone, Macbook Pro or iPod again.. Yeah, I'm disgruntled owner of all these and more junk, like Apple's Wifi offerings.
http://www.debunkingskeptics.com/
I did not call anyone an idiot... although you did, repeatedly.
I said that mixing business and personal is to be avoided, and that if you choose to do it you should know the risks first.
"You want to know how to help your kids? Leave them the fuck alone." -George Carlin
I did not call anyone an idiot... although you did, repeatedly.
You're right, I'm more blunt than you are.
"I don't care about the Constitution!" --Bill O'Reilly, November 17, 2009
MS infects your Apple phone like a Sony rootkit
Bzzt. Wrong. This is an *Apple* API in iOS that third parties can call.
http://connectedplanetonline.com/business_services/news/apple-mdm-ios4-062210/
I don't know if it's true with your company, but I would consider that an overreach if you want me to connect my personal phone with your network and give you the ability to delete all of my pictures and other personal data solely at your discretion.
It's not connecting your personal phone "with their network". You're connecting with, synchronizing, and providing the ability to send email from, an email account your employer provides for work purposes. Those are radically different things.
This is a non-issue if you don't configure your personal phone to connect to your employer's email system, which you probably shouldn't be doing anyway for a variety of reasons. Example #1: If it's necessary for your job, your employer should be paying for it. Example #2: If it's not necessary, have some work-life separation and don't check your work email from your personal phone.
I know a number of people that carry a blackberry or smartphone for work, and a non-smartphone or iPhone/Android phone for personal use. Among other things, it's the ultimate level of control over whether or not you can be reached via such a device, billing, voicemail, separate numbers, etc.
Please help metamoderate.
and as far as I can tell that's not even the usual ignorant slashdot poster's wrong idea about what bricked means. It's a whole new level of wrong.
Like anyone can even know that
Your data is still gone, *Apple* API, MS, Amazon ... the trend would be to have a dumb phone for work belonging to your master and a Linux phone for your real life. A dual boot phone? One section for your boss, one for you to enjoy on the way to and from work?
Domestic spying is now "Benign Information Gathering"
Then the simple solution is to not use your personal phone to check your business e-mail. If my employer wants me to check my e-mail when I am out and about, then they can provide me with the equipment to do so. Otherwise I will not use my personal phone to check my business e-mail.
We had the IMEI blacklisted so the phone was basically useless. Hopefully the thief didn't manage to sell it.
I suspect the thief traded it for one or two hits of their drug of choice, but not much more than that. Cell phone blacklisting may keep it from being reused in America, but that's ineffective in the countries where that phone was likely to end up.
So I've heard.
John
Any iPhone that is synced in iTunes (the large majority I would think), automatically makes a backup when it syncs, meaning any new device could get a total restore of all apps, data, music, notes, etc, at the time it was plugged into the users PC that contained the backup.
But I don't think this extends to include jailbreaking itself, nor any jailbroken apps. And what about jailbroken app data?
John
The Bill Gates as Borg icon needs to be changed to Ballmer as Borg. Its way past time.
"Wipe Device" is no security strategy for preventing an employee from keeping data. It solves a specific problem, and dealing with employees that are leaving is not the problem it solves. The problem it addresses is destroying data on a stolen device, before the thief can have time to disseminate it. An employee that owns the device and has had the stuff on it, has already had plenty of time to disseminate it and make any extra immune-to-wipe-feature copies that they had wanted.
This is why most companies use virtual desktop such on VPNs when remote computers log in. The actual data can be accessed without being permanently stored on the remote PC which is logging in.
Nevertheless, the user might store any data they want by taking screenshots, taking hard copies, transferring files, or by using copy and paste.
I suppose if they wanted to capture everything, they could get a converter box to hook their monitor into, with dual outputs.... one output to the computer display, and another output to a High-Def TV recording device, e.g. firewire connection to a HD camcorder.
Presumably, a high resolution recording of whatever was displayed on the monitor could be used (given sufficient time) to reconstruct any data that had been viewed later
For the first time I've found an issue for which I have no sympathy for jailbreakers--if you engage in unsupported uses, you don't get to complain when shit accidentally breaks them (as opposed to when Apple intentionally and maliciously breaks them with new iOS updates).
So if this is tied to Activesync, does that mean google can wipe my phone now?
Activesync is the way everyone I know connects to gmail to synchronise calendars as well as email, I wasn't aware that I was granting remote wipe privileges to google as I set this up.
Sure, it's unlikely to happen, but it shouldn't even be possible! Stuff like that is an accident waiting to happen.
If my boss or other employee who had sensitive data called me (the IT person) and said they'd just been mugged, their personal cell phone they use for business purposes was stolen, and they had reason to suspect the mugging may be for the purpose of corporate espionage, I'd thank god for the remote wipe feature, and I'd use it while resetting all of their passwords (can we get that on flash drives too please?)
There are times when the feature would be appropriate and useful, so I don't think the solution is technical. The solution is using the feature responsibly, and with the consent of the phone's owner. If you intend to use it when they leave the company, you should explain that before connecting the phone to the corporate email server, and make sure they understand. Otherwise you should never use the feature without the informed consent of the phones owner, unless they aren't capable of giving consent (such as if they were dead, in a coma, kidnapped, etc.) People who use the feature irresponsibly are the problem, not the feature its self.
The real solution is to do backups all the time. Not only when you see some stupid article on slashdot on just another way you can lose data.
If the employee is aware of the policy, and has accepted it, then legally there is nothing wrong here. However this is a nasty policy. You know that people have masses of personal data on their phones, you know that most people don't do regular backups, and you know that most people are not aware of (or are going to forget about) such a policy.
Moreover, if someone wants to steal company data, wiping their phone is not going to prevent it. If you want this level of control, provide the employee with the phone, and physically collect it when they leave the company.
Enjoy life! This is not a dress rehearsal.
My university recently moved to Windows Live Mail student accounts. This comes up as an exchange server in the iPhone. Does this mean that a malicious attack could cause a mass remote wipe?
What would stop a company using free software and setting it up so it did exactly the same thing?
To have a right to do a thing is not at all the same as to be right in doing it
Quite frankly: Do seperate private and work. It only brings you pain if you don't, and you deserve whatever you get.
Same goes for the other direction: If you store any personal data on your work PC (or other equipment), make sure that you have remote wipe capabilities, or it is encrypted.
Assorted stuff I do sometimes: Lemuria.org
I agreed with most of what you said, except this point. These smart phones are being brought by companies to allow employees access to information outside of the office and they know that doesn't just mean people travelling because they are being brought for people who are based at a single location, it includes people picking up email etc out of normal office hours. In that case, when are you on the clock and when are you off the clock?
These comments are my personal opinions and do not necessarily reflect the opinions of the other voices in my head.
In most companies, it is expected that equipment bought and paid for by the company is to be used only for business purposes.
Except for computers, which can be used for browsing Slashdot...right?
Brain surgery - it's not rocket science!
They call it Exchange because you'll be better off swapping it with something else.
Any mail transfer agent that had a policy of open relay by default after a patch, that used to need to be completely halted to do backups and needed a clone of the original machine just to read restored email backups should have been ditched for something decent a decade ago instead of building a huge monolith on top of failure.
It's the only MTA in production today that still loses email on occasion.
Or, you can just use the stock android email client (the open-source one), and just edit a few key calls to DevicePolicyManager. Viola, the phone looks like stock to the server, but it doesn't actually implement any security provisions that you don't want it to.
In most companies, it is expected that equipment bought and paid for by the company is to be used only for business purposes.
Really? In my experience, it's standard practise that a certain amount of personal use is tolerated so long as the employee's work is still done. I'm on Slashdot now, and at some point in the next month I'll print a boarding pass and photocopy the important page from my passport. No one will care, and my manager won't hesitate to remind me of the photocopy password when I ask him.
I've even been known to write a personal shopping list on a company-owned piece of paper using a company-owned pen.
A manager is crazy if he gets mad over £5 worth of stationary "wasted" per year.
Why is this a "big fail of ms"? Microsoft didn't write the iPhones Exchange integration, Apple did - if Apple are deleting unrelated information on request of an Exchange server without a prompt, then its Apples fault, not Microsofts.
'Nuff said.
Birds are not dinosaur descendants;birds are dinosaurs, for all useful meanings of "birds", "are" and "dinosaurs"
You pretty much explained why my employer doesn't require company-issued cell phones be used only for company business -- the primary reason we have them is so they can call us off hours, on vacation, etc if there's something that comes up (as in "where is material X/paperwork Y hiding at"), or if they need an emergency call in. We also use them effectively like walkie-talkies even when both parties are at the same general site.
Strange friends you've got there. Mine wouldn't teach me the lesson that I shouldn't trust them. Or what else did that asshole have in mind?
No, the real solution is to buy a phone without 'features' like that. Or at least one which will ask the actual owner of the device whether this feature should be enabled. I've been testing this, and while the HTC and iPhone of my colleges got wiped clean my N900 happily ignored the remote wipe. Accidentally the N900 also is a phone which you could actually use for a dual-boot scenario like that.
The only downside is that the N900 relies entirely on physical security to prevent unauthorized access to users with physical access, outside of its root partition. Turn it off and plug it in, and you have access to the 30GB internal storage and the MicroSD, and doing full-disk encryption of any kind on it is a gigantic PITA even by uber-geek standards, it requires heavy modification of the OS.
The N900 already locks out mass storage when locked, if only it didn't allow mass storage mode when powered off this would be mostly a non-issue. (microSD could be considered unsecure and isn't really necessary, beyond that you'd have to pull chips off the board).
But yeah I agree, don't buy a phone that "features" things like remote wiping out of the box. Remote wipe should be a secure operation that needs to be configured and controlled solely by the owner.
"When information is power, privacy is freedom" - Jah-Wren Ryel
That was probably their policy and they gave everyone a free Black Berry. Then a few Apple "Fanatics" started whining they wanted to user their UBER sweet iPhones and the company is being racist against their phones if they don't let them use it. The company gives in after all the whining but the policy regarding a phone being used with their exchange server never changes. And so the policy stands that they can wipe any phone that was had connected to their server.
That is EXACTLY how my company is handling it - most users have been given BBs, but most of the artsy-fartsy graphic designers want iPhones. Since the smarter ones could figure out how to connect their ActiveSync we gave in and 'allowed' them on the server with personal phones, but they have to sign a waiver stating that they understand they must notify IT immediately if the phone is lost/stolen - additionally, they are signing that they understand that we have the ability and right to remote wipe the phone in the case of termination/quitting/lost/stolen.
"I'd make a wooshing sound, but the post was so far over your head it was inaudible..."
I've used Touchdown since the G1, prior to Android actually supporting exchange out of the box. I still prefer it over the built in client. The calendars are better, the address book is complete, the mail delivery is faster, and now just one more point to add in its favor.
a G-1 Google phone, that it did not integrate with office mail systems. Consumer Reposts had that as a minus, and for many smartphone users it could be. But why would I wish to tie my personal phone to the office's systems? Office issued cell-phones are called 'Ball-and-Chain' for a reason.
Remote wipe can also be issued from Google apps, if the phone is configured to sync from it. Most see it as a very useful feature, the phone can be wiped if it is lost or stolen. Interestingly this feature isn't available in Google's own Android phones, it's necessary to use third party software for remote wiping.
If you chose to mix them (for convenience) then understand the risk.
Nobody does anything work-related because it is "convenient." They do it to keep their jobs.
So, an employee has two choices - unpack and fire up a company laptop a few times every evening to stay on top of work email. Or, they can just use their smartphone. The company doesn't care which they do of course, but they do expect the employee to be as productive as all the other people who do these things.
So, the employee gets to choose between a few options, all of which are highly intrusive on their personal life. Then you criticize them for picking what for them is the lesser evil and then being upset when it bites them.
How about this - we pass a law that any data on my phone is my property without regard to any agreements I sign to the contrary. If the employer wants to let me use my phone to sync to their systems that is fine, but I get to keep anything I download when I quit. I suspect that most employers will suddenly be able to afford providing phones to those who need them, or telling employees not to stress out about working from home as much...
In Soviet Russia, and by Soviet Russia I mean the fourth episode of Dollhouse, Echo's personal phone remote-wiped *her*.
Uh, no? Exchange only tells the device to remote wipe - it's up to the device to handle the implementation of that. It could simply nuke mail/contacts/calendars, it could nuke everything. But the Exchange server has no idea what gets done. This one's entirely down to Cupertino.
And any sane employer (mine is one) actually blocks "auto-forward outside the organisation" rules too - if we set up one of those it just transparently fails. But hey, thanks for pointing out that you, personally, are a corporate risk who should never be employed in any important capacity.
For a site about things like basic rights, Slashdot users sure do like to censor "dissent".
Actually, yes.
For a site about things like basic rights, Slashdot users sure do like to censor "dissent".
Apple's fault was part of the walled garden fault which is the biggest fail, as I said. MS failed too since well done program should never request to delete data files which do not belong to it.
---- MISSING MISCELLANEOUS DATA SEGMENT --- [sigdash] trolololol
If the bad guys are so determined to steal your data that resort to such extreme measures, they are probably likely to know about remote wiping.
Since remote wiping occurs after a signal, they just need to remove battery or antenna, jam the signal, or take it where the signal is too weak (underground garage). Encryption solves this kind of problems in a better way.
---- MISSING MISCELLANEOUS DATA SEGMENT --- [sigdash] trolololol
In most companies, it is expected that equipment bought and paid for by the company is to be used only for business purposes.
Really? In my experience, it's standard practise that a certain amount of personal use is tolerated so long as the employee's work is still done. I'm on Slashdot now, and at some point in the next month I'll print a boarding pass and photocopy the important page from my passport. No one will care, and my manager won't hesitate to remind me of the photocopy password when I ask him.
I've even been known to write a personal shopping list on a company-owned piece of paper using a company-owned pen.
A manager is crazy if he gets mad over £5 worth of stationary "wasted" per year.
I said there is an expectation. I did not deny that a reasonable manager understands the pointlessness of trying to perfectly enforce every possible expectation or rule.
There is a definite tendency on Slashdot for somebody to interpret a statement in the most black-and-white and/or extreme manner possible, usually so they can nitpick it. I understand a lot of people (maybe not you) have a strong need to feel "right", especially the kind of "right" that makes the other guy "wrong". Still, nearly all of this is unnecessary hair-splitting.
So, to sum it up, I'll put it this way: if you spend seven hours out of an eight-hour day at the office reading Slashdot, and started missing deadlines at work, you can bet your use of company equipment for nonbusiness purposes is going to come up as an issue. If you are still reasonably productive and don't cause problems, nonbusiness usage will probably be overlooked. The better bosses out there establish a certain understanding that you could describe as "don't make this my problem and I won't make it your problem."
It is a miracle that curiosity survives formal education. - Einstein