One of the security features I’ve touched on in past columns is device wipe. Let’s take a closer look at how this works and explore some important considerations for the IT department as well as end users.
Simply put, device wipe works as follows. When it appears a handset has been lost or stolen, data is erased from the device, rendering it unusable—or at least removing sensitive information. There are various thresholds to tell you when the handheld has gone missing. The most reliable indicator is when the user calls in and says as much. But more commonly, if the device has a number of failed login attempts, it’s considered to be in the wrong hands.
Then there are variations on exactly what’s deleted. In the most extreme case, all data, all applications, and even the operating system are zapped; or, it might just be applications and data—or just data. In still other cases, it’s only a subset of the data on the handheld. Lost devices may also be prevented from accessing enterprise applications.
Administrators must consider several factors when deciding what to delete. The biggest factor is whether the company actually owns the device. If it’s an employee-owned device, the IT department can get into legal trouble if it wipes the operating system and applications not provided by the enterprise. In this case, the best thing to do is remove only a subset of data from a device suspected of being lost or stolen. System administrators must ensure no company secrets are compromised; but at the same time, they have to protect employees’ personal property.
Many vendors are aware of this dilemma. For example, the most recent version of Notes Traveler includes a partial wipe feature for Apple devices, specifically taking into account when handsets are owned by users and not by the company. Administrators can choose between full device wipe, data-only wipe, or disabling access to applications behind the firewall. These operations might also be selected directly by a user through an end-user interface on the server.
Implementing device wipe means the IT department also needs to provide automatic backup and recovery. As long as a copy of important information is stored on a server in the enterprise, and as long as you have an easy way of restoring data, you can get users back up and running relatively quickly. In most cases, you only lose a small amount of information. However, this is an important point. You need to be able to pull the plug on a device with confidence, knowing an identical computer can be provisioned in roughly the same state as the lost one.
The stakes can be quite high when workers take small computers outside company premises. There have been some famous cases involving the loss of laptops by people working in financial services. Customers weren’t happy to find out their bank details could wind up in the wrong hands just because a laptop was lost.
To complicate matters, there are good reasons for companies to support employee-owned devices. People don’t want to have to carry around two different phones and they frequently already have a handset they like, so they may prefer using what they have. Furthermore, companies reduce costs by not buying a phone for each employee.
To secure data out in the field, you need a wipe feature. To support employee-owned devices, you need to protect what’s theirs. Make sure you do both.
