When Your Company Remote-Wipes Your Personal Phone 446
Xenographic writes "NPR has a story about someone whose personal iPhone got remotely wiped by their employer. It was actually a mistake, but it was something of a surprise because they didn't believe they had given their employer any kind of access to do that. This may already be very familiar to Microsoft Exchange admins, but the problem was her iPhone's integration with MS Exchange automatically gives the server admin access to do remote wipes. All you have to do is configure the phone to receive email from an MS Exchange server and the server admin can wipe your phone at will. The phone wasn't bricked, even though absolutely all of its data was wiped, because the data could be restored from backup, assuming that someone had remembered to make one. But this also works on other devices like iPads, Blackberry phones, and other smartphones that integrate with MS Exchange. So if you read your work email on your personal phone or tablet, you might want to make sure that you keep backups, just in case."
we have the same policy at work (Score:5, Informative)
Re:we have the same policy at work (Score:5, Insightful)
I don't think most people read it but when you think about the type of proprietary (and often confidential) data your email inbox has, you have to understand why the company does it.
That's a perfectly acceptable policy for any company that provides smart phones to its employees. I don't know if it's true with your company, but I would consider that an overreach if you want me to connect my personal phone with your network and give you the ability to delete all of my pictures and other personal data solely at your discretion. I'm sure you would understand why the owner would find that objectionable.
Re:we have the same policy at work (Score:4, Insightful)
My personal iphone is connected to a gmail account that I forward a copy of all my work email.
That way I get work email, but it is still my account.
Re:we have the same policy at work (Score:5, Insightful)
Re:we have the same policy at work (Score:4, Insightful)
Of course one reason such "massive security breaches" happen is that companies have stupidly draconian policies which make "normal" operation so annoying/dangerous that clueful employees bypass it as a matter of course.
Yeah, they can threaten "you might be fired!", but threats are very rarely effective unless they coincide with common sense — which policies like "we can wipe whatever we want!" don't.
I suppose the larger the company, the more likely they are to choose "draconian/bluster" over working with the employees to find an agreeable technical solution...
Re:we have the same policy at work (Score:5, Insightful)
Re: (Score:2)
My personal iphone is connected to a gmail account that I forward a copy of all my work email.
That way I get work email, but it is still my account.
So you and your boss aren't worried that google's staff has full access to your company email?
I wonder if you boss actually knows this ...
Re:we have the same policy at work (Score:4, Insightful)
I have the same thing here. I always inform staff that I can and will wipe their phones. At their request, and that they should inform me at once if they lose of have their phone stolen.
My personal iphone is connected to a gmail account that I forward a copy of all my work email.
That way I get work email, but it is still my account.
I guess I'll pile on, too...
Depending on where you live and what you do, HIPAA has some exciting new personal liability built right in at no extra charge! So when that claims processor blasts PHI out to the wrong e-mail list, you, sir, have just transferred and stored it in a manner that will have you in court by yourself. Just you in the "Little Old Lady Victim vs. Evil (your name here)" By this time your employment will be a distant memory and your former company has no obligation to defend you. Depending on the company's policies and compliance they will get dinged, but that is a cost of doing business and a separate process that has nothing to do with your personal liability. Have you planned financially for that scenario?
Re:we have the same policy at work (Score:4, Insightful)
Then don't connect your personal phone to the company network.
It's that simple. It's the company's data, not your personal data, and they have measures in place to protect it. If you don't want to abide by those measures, you don't have to.
At least in the US, if you're required to provide equipment required by your job, and your employer doesn't pay for it, then you can write it off on against your personal tax burden. So if you find yourself in that rare situation where work requires you have a smartphone, and won't pay for it, get one separate than your private phone and save on your taxes at the end of the year.
Re:we have the same policy at work (Score:5, Insightful)
It's the company's data, not your personal data, and they have measures in place to protect it.
No it's not. He was talking about them wiping all your personal data. "Measures in place" to protect company's data that also wipe your personal data are a bit creepy.
Re: (Score:3, Insightful)
I meant the protection is for the company's data. It's their data, and their protection. You don't like what their protection does to your phone and your data? Then don't hook up your phone to their systems.
It's just like having a personal laptop. Would you bind your personal machine to the company's AD environment, giving them full administrative control? No? Then don't use your personal machine on their network. Use a company-provided machine, or a work-dedicated machine that you can write off on your tax
Re:we have the same policy at work (Score:5, Insightful)
It's just like having a personal laptop. Would you bind your personal machine to the company's AD environment, giving them full administrative control? No? Then don't use your personal machine on their network. Use a company-provided machine, or a work-dedicated machine that you can write off on your tax return.
I use my personal machine at work every day. I connect via standard protocols like ssh and smb, and never give up admin control, nor would I ordinarily do so. If they explicitly asked me to, I would say no, buy me a company machine instead, but if they said, "hey, if you install this software you can connect to our email servers" I don't really think it would occur to me to go check if the ordinary behavior of that software gives them root on my box. That wouldn't even occur to me.
Re: (Score:3, Interesting)
Then don't connect your personal phone to the company network.
This.
Furthermore, there is no way in hell I am going to spend my own money on a phone for work purposes. If they want me to pretend to have email access anywhere, they can very well buy me a phone that I can leave locked up in my desk at work, then pretend the network wasn't available when they tried to get in touch with me.
Wait, what were we talking about again?
Re: (Score:2)
So if you find yourself in that rare situation where work requires you have a smartphone, and won't pay for it, get one separate than your private phone and save on your taxes at the end of the year.
You're funny. Rare. Heheh. You don't really live in the USA, do you?
Re: (Score:3, Insightful)
My company doesn't require me to have a smartphone, to read my emails from home, to take my laptop home, to work on evenings or weekends, or to do anything that anybody here would object to.
They also fire the few worst performers in every department just about every year.
That means that EVERYBODY uses their personal phones for work, distributes their cell-phone numbers, reads emails from home, takes their laptops home, works on evenings and weekends, and does all kinds of stuff that everybody here would obj
Re: (Score:2)
It's fair enough if they have the ability to wipe the mailboxes that come from the exchange server, but any emails from a personal account, contacts, photos, etc should be off-limits to the employer. If that's not good enough, it should be on them to provide you with a phone for work use that can be wiped at will.
Re: (Score:2)
I don't believe I have known any company that requires you use your personal phone.
However, where I work now it is difficult to get a crackberry (red tape) and I'll probably connect to the exchange server for the time being.
I'm fully aware of what will happen and they actually make an effort to explain it.
However, circumventing the wipe is pretty easy because it does not stop anyone from exporting the data prior to initiating the wipe. At my last place of work there was a trivial amount of work involved in
Re:we have the same policy at work (Score:5, Insightful)
What do you do to protect your employees interests in not having their own data annihilated by accident?
Also, are you expecting employees to take work with them, using their own devices; or is the company willing to bare the costs of either providing a device or the work not being done?
It would seem most unusual to me for an employer to require their employees to provide expensive equipment for company use, and with the agreement that the company may treat it as its own.
Re:we have the same policy at work (Score:4, Interesting)
My $.02 on policy:
Employees should backup their own data. If they are uncomfortable with the possibility of Employer wiping their personal phone, then they should not connect their personal phone to work email.
If an Employer *wants* its Employees to be reading their email from cell phones and the Employee doesn't feel like using their own personal property to do so, then the Employer needs to buy the Employee a work owned device or "STFU". If the Employee doesn't want to carry around two devices then they either need to submit to their phone being wiped or "STFU" and carry around both devices.
Re: (Score:3, Insightful)
So you want me to have to carry around a second device because some dev is too lazy to isolate the e-mail stored on my p
Re: (Score:2)
I agree that the remote wipe behavior implemented by Apple is poor. I guess they didn't want to bother implementing a "user requested" remote wipe (i.e. all corporate and personal data) vs. a "sysadmin requested" remote wipe (i.e. all corporate data).
Given that this is a flaw in the product, we have to work with what we have.
If you are required to have access to corporate email, then you need to either:
1. carry a second (corporate issued) device
2. submit to having corporate data wiped off your device even i
Re: (Score:3, Insightful)
Simple - don't give company access to
Re: (Score:3, Insightful)
It would seem most unusual to me for an employer to require their employees to provide expensive equipment for company use, and with the agreement that the company may treat it as its own.
Why do you think the USA has such a high level of productivity? EVERYBODY expects their employees to do this stuff. Sure, it isn't written policy, but if you don't do it you "aren't competitive."
Why would the employer pay for an employee to use a cell phone when they can just fire the slowest worker every year and pretty
Re:we have the same policy at work (Score:4, Informative)
We're actually dealing with a bit of backlash from having this policy - on both sides of the issue at the same time!
I'll try to be as vague as possible to cover my butt - but basically someone who deals with Clients for their job was going to be let go. We wiped their phone, as standard policy. Not sure if they copied the data prior to leaving or if another employee helped them out, but they basically took contact information, pricing/quotes, certain client rates, etc etc and took that to help land another job with a competitor.
Being in IT I know that it's going on as basically our "employee lifecycle" has come under review - but I'm not exactly on the legal team so I don't know how exactly it's progressing. But I know basically we pressed charges for selling trade secrets, and they are counter-suing for something along the lines of destruction of personal property for wiping EVERYTHING off of their phone.
I am not aware of any actual "Agreement" to phone wipes besides possibly verbal ones between managers and their employees and/or IT - there isn't a lot of documentation on the subject matter anywhere - however since starting any time anyone has asked "Can you get my email sync'd on my phone?" My common response is "Yes, but you will be handing over control of ALL The phones data to the company so we can wipe it should you be terminated or leave the company, which includes all your personal phone numbers and appointments". I say it not only to actually warn people of the danger - but its actually a great deterrent and a lot of people reconsider and don't want it anymore, less work for me!
Re: (Score:3, Funny)
From TFA:
Someone in the IT department had sent out what's called a "remote wipe," a kind of auto-destruct command that's delivered by e-mail.
I'm really, really looking forward to the first story we get of an admin accidentally sending the message to a contact list, such as the entire company, and wiping everyone's data from the CEO down. Future computer science students will learn about the lessons of the Therac-25, the Ariane-5 rocket, and the Exchange/smart phone integration that brought a fortune-500 company to a standstill for a week.
Re: (Score:2)
Ditto.
If someone wants to connect their personal device to our servers and store corporate data on it, then they must submit to their phone being remote wiped. There have been a few people who have had issue w/ this (i.e. mostly around terminations), but the alternatives (i.e. loss of sensitive data, risk to customers, etc) far exceeds the risk that someone might lose some photos they didn't backup.
Re: (Score:2)
Risk to the company. To the employee/ex-employee the risk of losing their photos far outweighs the risk to your sensitive data because your data means nothing to them.
Of course, that being as it is, it really ought to boil down to who the phone belongs to. Judging by a lot of comments on this, an awful lot of companies think they can swap that around by merely informing the owner of a phone that the company intends to treat it as its own.
A lot of this conflict could be resolved if people used this rule of t
Re: (Score:2)
I suppose it depends on the work environment, but we regularly deal with sensitive customer information (i.e. financials, SSNs, credit cards, etc) and this sort of information ends up in internal emails.
I care more about protecting the identities of the people that do business with us then protecting the personal assets of employees that were careless (i.e. by not backing them up) with them.
I suggest thinking of it less as Employee vs Employer and more in terms of information risk.
Implications of having som
Re: (Score:3, Interesting)
We have the same policy and will only allow smart phones to connect to exchange when they have the remote wipe capability. It's to protect the company's interests should a phone be lost or stolen.
Do you have the same policy for PCs?
Re: (Score:2)
Or how about flash drives etc.
The primary reason these technologies exist is for theft or loss of company property aka encryption. They are not going to prevent intentional data theft. If a company wants to connect using Exchange with these features, they should give company property to do so. In all other cases use IMAP or so.
Comment removed (Score:5, Insightful)
Re: (Score:2)
Our policy is stricter, we explicitly prohibit someone from connecting to the company E-Mail system with a personally owned device, of course we provide BlackBerry or iPhone devices (user/manager preference) to anyone with even a halfway reasonable explanation.
Re: (Score:3, Insightful)
It's to protect the company's interests should a phone be lost or stolen.
I don't think that wiping the entire phone's data goes far enough to protect their interests. Every company should have the ability to remotely wipe your smartphone, and your home computer, and the computers of all family and friends within 6 degrees of separation. Also, they should be able to kill you, because your brain contains precious precious data, too. Really, they ought to be able to take off and nuke the entire site from orbit. It's the only way to be sure.
Way too far is not enough, I say, when it
Re: (Score:2)
We have the same policy and will only allow smart phones to connect to exchange when they have the remote wipe capability. It's to protect the company's interests should a phone be lost or stolen. When the users sign up for ActiveSync they have to "read" the terms and conditions where it states that it may be remotely wiped. I don't think most people read it but when you think about the type of proprietary (and often confidential) data your email inbox has, you have to understand why the company does it.
Even so, I wouldn't give my employer the capacity to remotely wipe my notebook PC's hard drive, and all the same proprietary and often confidential data is in my PC's email inbox.
Re: (Score:2)
We make sure they understand that it gives us that power. We also enforce passwords, even if they didn't have one on their phone before.
And like the OP says, it doesn't brick your phone so no real harm done, but it will ruin your day.
Re: (Score:2)
I can certainly understand and appreciate those company interests. But it completely tramples the interests of the owner of the phone. On the other hand, if the company was also the owner of the phone, that would be perfectly acceptable and I would certainly encourage it.
If the company permits company data on personal property, then the company has already given it away, in my opinion and has waived all rights to the information within.
I had my phone on the company's BES... my carrier wouldn't do anything
Backups? (Score:2)
Bad photoshop? (Score:4, Informative)
Re: (Score:2)
Is it just me or does the iphone in the picture of the article look really small? Or the person has really large hands?
Dammit! There you go forcing me to RTFA!
Re: (Score:2)
Provisioning support... (Score:2)
Sure, any phone or client that supports Exchange Provisioning will allow the server administrator to do it.
Incidentally, I lost access completely to my work's Exchange server after they enabled provisioning, as did everyone using Android. All the iPhone users have access still, and they're all open to being wiped once someone flips the switch.
Re: Going to post as top level comment... but... (Score:5, Informative)
Many companies don't specifically check the client string. If they do, and you really want to, you can masquerade as an iPhone. It supports Exchange remote wipe (but only for the TouchDown data store), all your personal data on the phone will be unaffected. I have Prey on my phone to wipe my personal data in case it gets stolen.
Re: (Score:2)
I'll forward the TouchDown recommendation on to my co-workers that are using Android, however most of them are beta-testing software in development here (system level stuff) so they tend to get their devices reset frequently. I use an N900, so there's no real options for me short of my employer buying me a device, or reverse engineering the ActiveSync protocol such that I can lie and claim I support provisioning when I don't.
Re: (Score:2)
Why? It is already documented [microsoft.com].
Gosh. What a surprise. (Score:2, Insightful)
Re: (Score:2)
You think this goes on all the time, huh? Do you have a laptop? Can you use your laptop to connect via VPN or wifi (or even wired) to your company's network? Does your company have the ability to delete all data on your laptop's hard drive remotely?
Re: (Score:2)
Nonsense (Score:4, Interesting)
Wiping someones personal data is a felony. I think it likely that the employer prosecute if the tables were turned. Hacking tools are illegal in some jusridictions, I think anything providing this level of unauthorised access would be illegal under German law. Guess they don't use exchange there?
Re: (Score:2)
Would you prefer to be sued over loss of company data/secrets/etc in the event that you lose your phone?
I would say that this is perfectly reasonable provided they let you know in advance.
They aren't reading your personal data, they are simply given the ability to delete it when you are no longer an employee, or you lose your phone.
It's also good to note that iTunes automatically backs up your phone/pad/touch device.
So that actually covers the "keep a backup" part of the argument.
Re: (Score:2)
If I ran a company and were truly worried about this, I'd have all sensitive data stored on a secure server that can be accessed remotely. Of course some care would need to go into how this is implemented but it can certainly be done.
It's amazing how infrequently you feel a need to litigate when you put a little thought into things.
High and low levels of the "rule of law" (Score:2)
She was in the 'States, which tends to ignore minor crimes and expect the victim to sue/shoot the culprit (;-))
You're better off in Germany, and the Americans are better off than some of the third world, where our American cousins and we send volunteers to teach the concept of the rule of Law, as in http://www.lawyerswithoutborders.org/Pages/Default.aspx [lawyerswit...orders.org]
--dave
Common knowledge for admins (Score:2)
This is common knowledge for most System Administrators (or should be).
With Blackberry, you can remote wipe, or just lock the device and change the password. The iPhone can be wiped.
By default, whenever you connect your iPhone to your computer it does a backup/sync. Blackberry does not.
Most companies I know first lock the device with a new password, and give the user a chance to bring the phone in (or a # of days before it is remote wiped).
If a company is unwilling to provide you with a phone for work, then
No brainer (Score:2)
Re: (Score:2)
You'd be crazy to use your own phone for work related email or any other tasks. Work and business don't mix and this is a perfect example of that.
This is sort of like the concept that "when you insist on using what you do not understand, and refuse to learn how to understand it, don't be shocked if you get bad results" (think computer security for a good example). It's like that concept in that it's simple, easy to understand, and people will go to great lengths to remain in denial of it.
Cha-ching! (Score:2)
Re: (Score:2)
I'm assuming the response will be a curt letter informing you to read the agreement that you already agreed to, with said agreement attached, including an invoice for the lawyer's time to draft the letter and send it. Thanks for your business.
What, you mean you didn't read the EULA? Whose fault is that? Is that the company's fault?
Re: (Score:2)
Tell them to pay you $10,000 for your troubles or you will be suing them and pressing criminal charges for hacking your phone.
Great idea. Unless of course the company has a legal department, or access to an attorney. There is a reason you have to sign a contract, agreeing to the terms/policies of your employer.
Re: (Score:2)
1) not everyone has a contract 2) not all contract terms are enforceable - ones which allow the employer to damage the employees personal property at will may fall into that category (IANAL).
The surprise is in the scope (Score:5, Insightful)
I don't think most folks are shocked at the remote wipe capability - they just expected that it would be confined to the exchange data only, not the MP3's, games, photos, etc.
Re: (Score:2)
Sure, a person may have company documents on the phone, and therefore it is safest for the entire phone to wiped, but one thing mentioned in the program was that the reason they do is not only to protect against theft, but also against employee misconduct. A remote wipe does not protect insider misconduct. As long as the phone is backed up, the contents can be restored and secrets expose
Re: (Score:2)
I think it's intended to protect against the "thoughtless/ignorant/stupid fool" type of misconduct where people simply
Re: (Score:2)
I don't think most folks are shocked at the remote wipe capability - they just expected that it would be confined to the exchange data only, not the MP3's, games, photos, etc.
Exactly. All the people saying "it's the company's data, don't like getting it wyped? tough!" should take heed of this point.
Re: (Score:2)
I don't think most folks are shocked at the remote wipe capability - they just expected that it would be confined to the exchange data only, not the MP3's, games, photos, etc.
Exactly. All the people saying "it's the company's data, don't like getting it wyped? tough!" should take heed of this point.
There's a really simple way to nullify that point.
If a company wants that kind of control over a device, they can pay for it and issue it to their employees.
The only reason this raises any concerns at all is because people want to take personal devices that they pay for and then submit to company control over those devices. That's simply unwise. I'm not shocked when people do something unwise and get an undesired result. Are you?
iPhone & Exchange (Score:2)
A marriage made in heaven.....
If you don't want this happening... (Score:5, Informative)
But honestly, if you're needing access to a company's Exchange server, there's no reason why the company can't enforce a security policy, like a PIN or password on your phone, or remote wipe capabilities. There may be sensitive data in your emails or in your contact list, that should not be accessed on a device which has no protection (or even weak protection like a PIN). It's in the best interest of the organization to be able to remotely-wipe a device connected to their Exchange server.
That being said, if you don't want to give the company access to do that to your phone, then don't connect to Exchange. If IMAP isn't enabled, then you have to take the tradeoff.
Re: (Score:2)
And that is why server admins shouldn't (and typically do not) enable IMAP. :)
Re: (Score:2)
So that's why I met so much resistance when I was setting up a script to automatically check and process mail over IMAP. I thought it was still a standard default thing, but the server admin, who can design and set up entire Exchange systems, virtual servers, entire VPN infrastructures, etc, seemed confused when I asked him to enable and test IMAP.
Is there some major flaw in IMAP, or has Microsoft simply already embraced and extended it, and now they're moving on with phase 3?
Re: (Score:2)
Some admins will not open IMAP or POP3 because they want to limit the attack surface in general.
An additional reason to not allow IMAP and POP3 is that it allows for a variety of mail clients to connect and pull copies of corporate emails offsite without giving the admins the "remote kill" switch.
Example -- you hook your gmail account up to your work email. It is now filled w/ all of your work emails. In internal correspondence, a CC or SSN number is discussed. Now a copy of that info is sitting (unsecured)
Re: (Score:2)
So that's why I met so much resistance when I was setting up a script to automatically check and process mail over IMAP. I thought it was still a standard default thing, but the server admin, who can design and set up entire Exchange systems, virtual servers, entire VPN infrastructures, etc, seemed confused when I asked him to enable and test IMAP.
Is there some major flaw in IMAP, or has Microsoft simply already embraced and extended it, and now they're moving on with phase 3?
I'm pretty sure that Lotus Notes already embraced-and-extended it, though I wouldn't be surprised if Microsoft has done that too. That practice is a page from Microsoft's playbook, after all.
Re: (Score:2)
My company still runs old Exchange servers (hell, we still run XP and until last month, IE6). We *do* have an official iPhone app for accessing the Exchange servers, though. Wow, does it *suck*! Luckily we have a lot of Unix boxes that need email access, so IMAP is enabled. When on the company WIFI, IMAP is good enough. When off the company WIFI, SecureID is just an extra step.
Our university is even worse... (Score:4, Interesting)
Re: (Score:3, Funny)
This little "tool" does an include of remote PHP files based on the unsanitized GET request data.
I don't believe that for a second. ..could you provide a URL to back up your claim?
Data loss != Bricked (Score:2)
It wasn't "not bricked" because the data was restorable from backup. The iPhone was still completely functional after the data wipe hence it was "not bricked" because nothing was done to render it inoperable, even without a backup.
Connecting a personal device to a work network (Score:2)
was the first mistake.
If your employer wants you to read work email on a mobile device, make them issue one.
Don't run your personal mobile's wireless through the company access points. Use your damn 3g/4g data plan for that.
Seriously. If it's your data, your employer has no business going anywhere near it or the devices that contain it, and you don't let them get that impression by never giving them a sniff of the thing.
Re: (Score:2)
was the first mistake.
If your employer wants you to read work email on a mobile device, make them issue one.
Don't run your personal mobile's wireless through the company access points. Use your damn 3g/4g data plan for that.
Seriously. If it's your data, your employer has no business going anywhere near it or the devices that contain it, and you don't let them get that impression by never giving them a sniff of the thing.
It doesn't matter how you are accesing your data - whether it's over the corporate WLAN or via 3G - if you have your phone configured as an ActiveSync client, it can be remote wiped from the server. Apple had to include this feature as it's part of the spec for ActiveSync, which they licensed from Microsoft. No amount of accessing data over a corporate (or any) network will give them the access to wipe your phone, unless you have an ActiveSync account configured.
If you don't want your employer to wipe your
Re: (Score:2)
Many people would prefer to not carry two devices and would rather submit their personal device to the corporate rules. There is no "cake and eat it too" scenario here -- just informed user decision.
Re: (Score:2)
was the first mistake.
If your employer wants you to read work email on a mobile device, make them issue one.
Yeah, that'll go over real well. "I won't do my job until you buy me a smartphone!"
Automatic Backups are standard on iOS devices (Score:2)
Simply by plugging your device into iTunes, it automatically makes a backup. This is something you can turn off if you really try, but by default making a backup is a standard part of the sync process with iTunes.
Personal is personal, and business is business... (Score:2)
If you don't want to risk such things happening, don't mix business and personal.
Laptop, VPN, Cell Phone, etc. Keep your life separate from your work. Don't do work on personal equipment, and don't use work equipment for things you want kept private.
If you chose to mix them (for convenience) then understand the risk.
Re: (Score:2)
If you don't want to risk such things happening, don't mix business and personal.
Laptop, VPN, Cell Phone, etc. Keep your life separate from your work. Don't do work on personal equipment, and don't use work equipment for things you want kept private.
If you chose to mix them (for convenience) then understand the risk.
Yeah, 'cuz creepy backdoor capabilities surreptitiously placed into standard-issue corporate software is the natural risk of mixing work equipment with personal equipment, duh. This guy was just as dumb as that kid in Pennsylvania who took his school-issued laptop home and didn't expect to be videorecorded and monitored by the school. Idiots.
Anyone who doesn't have at least 2 phones and at least 2 laptops is also an idiot.
No different than with Blackberries (Score:2)
Other ways (Score:2)
Wow, I had no idea that adding an Exchange email account for your iDevice would give sysadmins that power. Good thing my last company had ActiveSync disabled on their Exchange server forcing me to find alternate ways to get my emails, one of which was a tool that let me set a middle man server to act as a IMAP/LDAP/CALDAV server, sort of a proxy via the WebMail interface. This would keep the admin's off my phone while giving me full functionality.
Remote Wipe clears everything including the OS (Score:2)
I am not sure that many here understand this feature. Basically it is not a selective thing whereby it only removes certain data or administrators have any choice what it wipes - it has one option and that is to wipe the entire phone including the OS. The process leaves it in a state where it will not even boot up. You have to plug it into iTunes and download/install the OS/firmware back onto it before it can even be used again. See the link below on how the process works and what is required.
Basically it c
Re: (Score:2)
I forgot the link - here it is:
http://premnair.wordpress.com/2010/05/17/microsoft-exchange-server-remote-wipe-on-iphone-3gs/ [wordpress.com]
Just in case... (Score:2)
This is a non-problem. You should have backups of your iPhone even if this weren't the case. Remote wipes from your office is not remotely (hah get it?) the most likely way to lose all of your iPhone data. I can think of a hundred more likely scenarios starting with dropping the phone on a street and moving on through my dog burying it.
Back up all your data, or consider your data already lost. It's just a matter of time.
What about laptops? (Score:3, Interesting)
What's so special about a phone that they get extra special wipe privileges? Can an Exchange admin remote-wipe my laptop if I have it hooked up to my corporate account?
No.
Why my phone then?
Re:Hmmmmmm (Score:5, Insightful)
Is this meaning that the Mails were deleted on the server?
No, that wouldn't wipe a phone or raise questions about it being bricked if not for backups. Did you even read the summary?
This is more like the inverse or the equal-and-opposite of (previous?) MS e-mail clients that would automatically execute code from unknown sources as a "feature". Instead of an MS e-mail client it's an MS e-mail server, and instead of downloading and executing code automatically without asking the user to confirm it wipes the phone automatically without asking the user to confirm.
The solution is a simple one. If a company requires you to use a phone for business purposes that will be sending/receiving business e-mails and subject to remote wiping by that company, then that company needs to issue phones to their employees that may not be used for non-business purposes. Then there wouldn't be any problems with a company wiping a phone that is actually company property.
Re: (Score:2)
The solution is a simple one. If a company requires you to use a phone for business purposes that will be sending/receiving business e-mails and subject to remote wiping by that company, then that company needs to issue phones to their employees that may not be used for non-business purposes.
Why require they be used strictly for business? If the user is willing to take the risk of losing it all, then let them. One less low-value rule to worry about enforcing.
Re: (Score:3, Insightful)
The solution is a simple one. If a company requires you to use a phone for business purposes that will be sending/receiving business e-mails and subject to remote wiping by that company, then that company needs to issue phones to their employees that may not be used for non-business purposes.
Why require they be used strictly for business? If the user is willing to take the risk of losing it all, then let them. One less low-value rule to worry about enforcing.
In most companies, it is expected that equipment bought and paid for by the company is to be used only for business purposes. This is standard practice with company computers, landline phones, etc. Not to mention it's rather unprofessional to conduct your personal business while you're on the clock and certainly a sign of poor time management.
Also, I support the notion of private property when I retain the right to eject an unwanted person from my home. I likewise support the notion of private propert
Re: (Score:2)
That was probably their policy and they gave everyone a free Black Berry. Then a few Apple "Fanatics" started whining they wanted to user their UBER sweet iPhones and the company is being racist against their phones if they don't let them use it.
Or, since I already have a device capable of accessing the company exchange server, I consider it a waste and a burden to carry around another device. This is what I do. While I am not happy about the possibility of a remote wipe, on balance it is worth it to not lug another device/charger/etc. To mitigate the small possibility of a remote wipe, I perform backups. I can't think of a single piece of data on my phone that I couldn't live without, so the backups are really just a convenience so that I don'
Re: (Score:2)
However, the general picture of it is that companies shouldn't allow employees to use their own devices on the company network, it really muddies the line as to what the employer does and does not own in a way can lead to problems for everybody involved.
Re: (Score:3, Insightful)
I think you'll need to hate pretty much every company in the world.
Re: (Score:2)
You'd really rather a thief had easy access to your email and other personal info?
Having said that - when my last phone got stolen, they took the SIM out pretty much immediately anyway, which would stop any wiping from taking place until further connection to the net, or never if they disabled the Exchange account. They could then browse anything if they wanted. We had the IMEI blacklisted so the phone was basically useless. Hopefully the thief didn't manage to sell it.
Needless to say I now make sure to use
Re:One More Reason... (Score:5, Insightful)
http://en.wiktionary.org/wiki/spick-and-span
Also, from the wikipedia article on the product, someone did try boycotting it in 1999 (http://en.wikipedia.org/wiki/Spic_and_Span). I think that's stupid. "Spick and Span" was first recorded in the 16th century. "Spic" has only existed since early 1900s, wasn't documented until 1910, and even then was documented as "spiggoty" as a slur against Italians. I'd say it's pretty safe to say that when "Spic and Span" was created (1933 in Ohio), "spic" being a slur wasn't even on the radar for them.
I think the situation is similar to the word "niggardly" (http://en.wikipedia.org/wiki/Controversies_about_the_word_%22niggardly%22). People see something that, without any context (context like the spelling of the word or idiom...), could be conceived as racist. People take offense as something because of their own ignorance.
The problem is, you're not being color-blind. You're seeing color issues where there aren't any. You're trying to get people riled up at racism that isn't even there. You're not helping to stop racism, but you are helping to chill language and communication and encourage ignorance. You have, by trying to be on the right side of something, wound up on the wrong side of everything.
And there goes my karma...
Re: (Score:2)
I'd love a source for that please, it doesn't really sound that believable!
Re: (Score:2)
Why would ANYONE allow their personal device to touch the Exchange Server, BES or whatever?
Because most people don't expect that reading email allows people to remotely wipe their phone?
Re: (Score:2)
Re: (Score:2)
Because I already own a $1700 laptop that I'm entirely happy with. And I don't really WANT to carry around a $450 corporate issued laptop that I would find entirely unsatisfactory (although to be fair adequate for the specific tasks the company requires of it). So rather than carry around 2 laptops, I just use mine.
Ditto for phones. I already have a 3 year contract with a premium smartphone; I don't really want to carry around the corporate
Re: (Score:2)
Keep personal items and work items separate. CRAZY I KNOW.
Yes but that requires a little discipline. That's something people will work really hard to avoid. They will work so hard to avoid it that they will put many times the effort into avoiding it than the effort a little discipline might have taken in the worst-case scenario.
Since we're trolling (Score:3, Funny)