Remote Wipe: the “Nuclear Option” for Phone Loss
People lose their mobile devices. It’s an unfortunate fact of life. Despite the possibility for GPS to reveal the general location of a phone, frequently the data on it is just too confidential to allow it to fall into the wrong hands. Anticipating this situation, vendors such as Google, Apple, and MicroSoft have built in the capability to remotely delete the data stored on the mobile device. This option requires special configuration on the part of the user or IT department and it only works if it has wireless network access.
A particularly wily information thief could put a phone into a Faraday cage (metal box) and copy the phone’s info from it directly without having to worry about a remote wipe. However, people are generally more worried about random theft rather than dedicated digital espionage or forensics agents. The odds are good that the vast majority of thefts and losses relate to the phone itself rather than the data. Remote wipe is a convenient option in these cases.
Remote wipe can be useful, but it also can present some potential dangers to the user. Many organizations are implementing Bring Your Own Device (BYOD) policies where the employee can use her favored mobile device for company business and configure it with corporate email, calendar and virtual private network accounts. This makes a lost phone a potential gateway into a corporate network, bypassing the layers of expensive security the company has erected. It is in their best interest to be able to remotely wipe the phone as soon as it has been reported missing, so IT departments frequently configure the user accounts (particularly Microsoft Exchange) to enable them to wipe the phone from the server side.
Most employees may be unaware of this, but it can contribute to unfortunate incidents. Imagine a company that both has a BYOD policy and also provides devices to some workers. Imagine also that an employee in a sensitive position has been laid off. IT has been told to lock the accounts, change the passwords and wipe out any remaining data, so they initiate remote wipe on the user’s account. If the employee brought her own device, because of the lack of separation between private and corporate data, all the data on her device could be erased, instead of just the company email. This could present a real problem if the employee has not been diligent about syncing her data to a computer at home or to the cloud. Many people use their phones as their primary camera, and baby pictures, wedding photos and vacation snapshots can be destroyed in an instant. Most people do not backup as frequently as they should, and in many cases a mobile device has never been connected to an outboard computer!
In addition to a company deliberately wiping an employee’s phone, there is the ever-present risk of an accident or deliberate sabotage. A disgruntled systems admin could set *all* devices to be remotely wiped at the same time with a simple script. A malicious hacker could break into the company’s servers and wreak havoc. It’s also possible somebody might just hit the wrong button. If you keep your personal data on a phone either provided by or connected to a company’s systems, it’s important to think about your backup strategy. Remote wipe can be a double-edged sword.