How many users would be surprised to find out that IT has the power to wipe their device, even without a mobile device management solution in place? I’m referring, of course, to Exchange ActiveSync, which can remote wipe devices that are connected to it.
When users enroll their personal devices into mobile device management and have configuration profiles applied, they usually receive an explicate warning that IT can remote wipe their devices (as well as see what personal apps are installed, or do whatever else the MDM solution is set up to do). It’s a transaction with known concessions and benefits, as I wrote about last week.
With Exchange ActiveSync, a similar give and take agreement takes place, but in this case users are often in the dark about it. There’s no warning screen that pops up when a device is enrolled, and it’s not common knowledge among users.
Rolling out a company-wide MDM solution can be a big event. There’ll be water cooler talk about it, and because the changes that come from MDM are probably more active then just using remote wipe once in a while, employees will know what’s going on. Plugging personal devices into EAS would have happened earlier and more gradually.
How many people connect their person iPad to their corporate email, just for occasional use? They may have a corporate laptop and phone, but perhaps their tablet’s only connection their company is an EAS link that was made one day when they left their laptop in the office. Many users keep their primary devices backed up to various cloud services, so while it would be a little bit annoying, an unexpected remote wipe would hardly be a catastrophe. But if a device that’s not used for work very often or that’s shared with a family or spouse were to be remote wiped, the wipe might be much more disruptive.
EAS can also let IT disable cameras and web-browsers, but since that’s an active change, users would notice it immediately. The feeling that I get is that using EAS to wipe devices is actually pretty rare, but the fact remains that it’s a possibility that most users are completely unaware of.
If you have any stories about anything like this happening, please share them in the comments!
(Note: You must be logged in to post a comment.)
If you log in and nothing happens, delete your cookies from BrianMadden.com and try again. Sorry about that, but we had to make a one-time change to the cookie path when we migrated web servers.