How many users know that IT can wipe their personal devices even without MDM? - Jack Madden - BrianMadden.com
Brian Madden Logo
Your independent source for desktop virtualization, consumerization, and enterprise mobility management.
Blogs » Original Blogs on BrianMadden.com » Jack Madden » How many users know that IT can wipe their personal devices even without MDM?
Jack Madden's Blog

Syndication

Recent Posts

Past Articles

How many users know that IT can wipe their personal devices even without MDM?

Written on Jul 03 2012
Filed under: , , ,
3,457 views, 4 comments

by Jack Madden

 

How many users would be surprised to find out that IT has the power to wipe their device, even without a mobile device management solution in place? I’m referring, of course, to Exchange ActiveSync, which can remote wipe devices that are connected to it.

When users enroll their personal devices into mobile device management and have configuration profiles applied, they usually receive an explicate warning that IT can remote wipe their devices (as well as see what personal apps are installed, or do whatever else the MDM solution is set up to do). It’s a transaction with known concessions and benefits, as I wrote about last week.

With Exchange ActiveSync, a similar give and take agreement takes place, but in this case users are often in the dark about it. There’s no warning screen that pops up when a device is enrolled, and it’s not common knowledge among users.

Rolling out a company-wide MDM solution can be a big event. There’ll be water cooler talk about it, and because the changes that come from MDM are probably more active then just using remote wipe once in a while, employees will know what’s going on. Plugging personal devices into EAS would have happened earlier and more gradually.

How many people connect their person iPad to their corporate email, just for occasional use? They may have a corporate laptop and phone, but perhaps their tablet’s only connection their company is an EAS link that was made one day when they left their laptop in the office. Many users keep their primary devices backed up to various cloud services, so while it would be a little bit annoying, an unexpected remote wipe would hardly be a catastrophe. But if a device that’s not used for work very often or that’s shared with a family or spouse were to be remote wiped, the wipe might be much more disruptive.

EAS can also let IT disable cameras and web-browsers, but since that’s an active change, users would notice it immediately. The feeling that I get is that using EAS to wipe devices is actually pretty rare, but the fact remains that it’s a possibility that most users are completely unaware of.

If you have any stories about anything like this happening, please share them in the comments!

 

 
 



Comments

Michel de Rooij wrote re: How many users know that IT can wipe their personal devices even without MDM?
on Tue, Jul 3 2012 5:22 AM Link To This Comment

Another thing is passwords; people could suddenly be confronted with security policies and could suddenly be confronted with 1) having to enter a password and 2) it needs to comply with certain restrictions. So? First, people get a visual confirmation which they need to confirm that their device is going to be enforced with certain security policies when synchronizing with WM6/WP7; don't know about iOS/Android. Since it's up to the client to show this, it's not an EAS issue. EAS does prescribe the ability to process policies, wipe, etc.  

If users are so keen to sync their devices with their mailbox, they should comply with company policies. What you're suggesting is that it's a bad thing people perhaps don't see - or ignore - that their company is able to wipe their device, while on the other hand company policy prescribes the ability to remotely wipe devices with a certain level of information which is a good thing if it gets lost or stolen.

Jack Madden wrote re: How many users know that IT can wipe their personal devices even without MDM?
on Tue, Jul 3 2012 12:04 PM Link To This Comment

Right, with passwords that user will notice right away—iOS and Android will both prompt the user to set a password immediately, as well. And I agree, users should be aware of their company's policies, but I wonder how many might sync to EAS without knowing that remote wipe is present?

Jack Madden wrote re: How many users know that IT can wipe their personal devices even without MDM?
on Tue, Jul 3 2012 12:10 PM Link To This Comment

An informal 10 second poll of the 2 coworkers closest to my desk yielded the result of 50%

Colin Steele wrote re: How many users know that IT can wipe their personal devices even without MDM?
on Tue, Jul 3 2012 12:13 PM Link To This Comment

A remote wipe consent box popped up on my old Android the first time I connected it to ActiveSync. It didn't happen on my iPhone, though.

(Note: You must be logged in to post a comment.)

If you log in and nothing happens, delete your cookies from BrianMadden.com and try again. Sorry about that, but we had to make a one-time change to the cookie path when we migrated web servers.

Copyright © 1997-2013 TechTarget | Disclosures | Privacy Policy | Contact Info

BrianMadden.com | SearchVirtualDesktop.com | SearchEnterpriseDesktop.com | SearchServerVirtualization.com | SearchVMware.com