When Your Company Remote-Wipes Your Personal Phone [Telecom]

In today's (23-NOV-2010) Slashdot:

When Your Company Remote-Wipes Your Personal Phone

NPR has a story about someone whose personal iPhone got remotely wiped by their employer.

It was actually a mistake, but it was something of a surprise because they didn't believe they had given their employer any kind of access to do that. This may already be very familiar to Microsoft Exchange admins, but the problem was her iPhone's integration with MS Exchange

automatically gives the server admin access to do remote wipes. All you have to do is configure the phone to receive email from an MS Exchange server and the server admin can wipe your phone at will. The phone wasn't bricked, even though absolutely all of its data was wiped, because the data could be restored from backup, assuming that someone had remembered to make one. But this also works on other devices like iPads, Blackberry phones, and other smartphones that integrate with MS Exchange. So if you read your work email on your personal phone or tablet, you might want to make sure that you keep backups, just in case.

Reply to
Thad Floryan
Loading thread data ...

Interesting. I use my iPhone to access my Exchange calendar, but not my Exchange email. (They are separate options in the account configuration). Does anyone have more detailed info on this? Is my phone immune from remote wipe because it is not configured "to receive email from an Exchange server"? Or was the reporting slightly sloppy, and is Exchange calendar syncing sufficient to allow the server to wipe the phone?

Reply to
Matt Simpson

Per the Business Deployment guide available at the above URL or here:

on page 2 it's quite clear the iPhone can be wiped per (copy'n'pasted):

iPhone communicates directly with your Microsoft Exchange Server via Microsoft Exchange ActiveSync (EAS), enabling push email, calendar, and contacts. Exchange ActiveSync also provides users with access to the Global Address List (GAL), and provides administrators with passcode policy enforcement and remote wipe capabilities. iPhone supports both basic and certificate-based authentication for Exchange ActiveSync. If your company currently enables Exchange ActiveSync, you have the necessary services in place to support iPhone -- no additional configuration is required. If you have Exchange Server 2003, 2007, or 2010 but your company is new to Exchange ActiveSync, review the following steps ... [...] Download and install the Microsoft Exchange ActiveSync Mobile Administration Web Tool, which is necessary to initiate a remote wipe. For Exchange Server 2007 and 2010, remote wipe can also be initiated using Outlook Web Access or the Exchange Management Console.

on page 14:

And if the device falls into the wrong hands, users and IT administrators can initiate a remote wipe command to erase private information.

on page 16:

If a device is lost or stolen, it's important to deactivate and erase the device. It's also a good idea to have a policy in place that will wipe the device after a defined number of failed passcode attempts, a key deterrent against attempts to gain unauthorized access to the device. [...] Remote Wipe iPhone supports remote wipe. If a device is lost or stolen, the administrator or device owner can issue a remote wipe command that removes all data and deactivates the device. If the device is configured with an Exchange account, the administrator can initiate a remote wipe command using the Exchange Management Console (Exchange Server 2007) or Exchange ActiveSync Mobile Administration Web Tool (Exchange Server

2003 or 2007). Users of Exchange Server 2007 can also initiate remote wipe commands directly using Outlook Web Access. Remote wipe commands can also be initiated by Mobile Device Management solutions even if Exchange corporate services are not in use.

on page 19:

This gives IT departments the ability to securely enroll iPhone in an enterprise environment, wirelessly configure and update settings, monitor compliance with corporate policies, and even remotely wipe or lock managed iPhone devices.

on page 22:

Remote wipe A mobile device management server can remotely wipe an iPhone. This will permanently delete all media and data on the iPhone, restoring it to factory settings.

So, it seems best to powerdown an iPhone before April 1 of any year to avoid corporate pranks from the IT department. :-)

Reply to
Thad Floryan

Is the iPhone the only smart phone with this "feature"? A friend of mine claims this is impossible on an Android device, but didn't elaborate.

Reply to
John Mayson

*SOME* BlackBerry units -- those that have been configured to use a corporate BlackBerry Enterprise Server as their point of contact -- have remote administration options/actions that cannot be over-ridden/modified/disabled at the device level other than by completely wiping the device and re- installing the operating system. And you can't "divorce" the BlackBerry from the BES without doing the wipe and re-install.

I would _expect_ a device targeted/intended for the 'corporate' market to have such "capabilities" -- it is an eminently sensible thing to do, *IF* you're looking at things from the corporate data-security/data-integrity viewpoint.

For purely "personal"-use devices, the situation is a _lot_ more complicated. Securing and controlling access to the 'wipe' functionality is a completely different kettle of fish if you're talking about the average home user as the 'security administrator'.

Or, if you put the function in the hands of the telco, you open the door for 'data for ransom' if the phone owner tries to change carriers.

Leave it in the hands of the equipment manufacturer, and the legit owner has a problem 'proving' that they _are_ the person entitled to order the wipe,

*especially* if they bought the phone on the second-hand market.

Make ordering/executing the 'wipe' "too difficult" and the folks with real need have difficulty using it. Make it "too easy", and it is subject to fraudulent use via 'social engineering'.

Reply to
Robert Bonomi

I know on certain Android phones running 2.1 with the latest Exchange client they can do it as well. It also enforces a password when coming out of sleep mode. There have been a lot of complaints about this.

Reply to
Jim Rusling

Lesson #1: Don't link your phone to your work. Companies have a right to secure their data, and given that corporate data can be copied into personal emails it's reasonable for a company to want to control a worker's phone.

Of course, if your company demands that you use your Android, Blackberry, whatever for work purposes then I think it's worth asking whether that's the kind of company you'd want to work for. Personally, I'd never work for a company that demanded me to check in with them when I wasn't working.

Reply to
David Kaye

Many people, particularly in the technology sector, work for enterprises which expect their employees to be available 24x365. (Mine, on the other hand, only expects 24x7x13 -- but we're not stupid enough to use Exchange.)


Reply to
Garrett Wollman

Information Technology people are usually on call 24/7. It's been that way for years, and in today's very competitive job market, even more so. "Lean and mean" is the name of the game. The specific rules and demands of "being on call" vary, of course, but usually there is some check-in or reachability required. When beepers and the ability to log-in remotely became available, the demand increased.

Unfortunately, the worker doesn't have much of a choice these days on the terms of his employment or the kind of company he works for.

In addition, companies are very sensitive about corporate confidentiality.

Reply to
Lisa or Jeff

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.