Page 2 of 2 FirstFirst 12
Results 21 to 39 of 39
  1. #21  
    What's the big deal? This is how it's supposed to work. That's how it works on WinMOb, Goodlink, iPhone, etc.

    It's a great feature.
  2. mooshue's Avatar
    Posts
    74 Posts
    Global Posts
    79 Global Posts
    #22  
    Not everyone is just a naive everyday user with no sense of security or how electronics work. There are some of us who are responsible for implementing security measures when you decide to do something stupid so we can keep our companies running.

    Remote/mobile wipe is essential as an admin when you work for a company with sensitive info. It is, and rightly so, a feature of exchange as well as blackberry server.
    If you go out and loose your phone at a club, and it syncs with your company server, the person that finds it now has access to all of your (company's) info, lets face it, it isn't your info if you are storing it on a company's server, its the company's info and they can do what they wish. You should recall signing a policy on hire regarding such things.
  3. #23  
    If your information is that sensitive, you probably shouldn't let people carry it around on their phones in the first place. Just sayin' ...
  4. #24  
    In what real-world scenario would your phone need to be remotely-wiped, if you didn't lose it?

    I suppose if you were fired from a company, and you were using your personal phone, I could see that happening.

    I would suggest removing the Exchange account before you get fired

    oh, and on another note, don't anger your IT administrators, we can really, really, make your life a living hell, and you probably wouldn't even know it was because of us... that's the best part, muahaha

    "MOVE!"
    no 'Thanks'
  5. DKatman's Avatar
    Posts
    102 Posts
    Global Posts
    126 Global Posts
    #25  
    I am not the EAS expert. But I have to say, if you removed that account, you are breaking the connection the Exchange Administrator has to the phone. You should not be able to wipe a device no longer associated with your server.

    Dave
  6. #26  
    Quote Originally Posted by DKatman View Post
    I am not the EAS expert. But I have to say, if you removed that account, you are breaking the connection the Exchange Administrator has to the phone. You should not be able to wipe a device no longer associated with your server.

    Dave
    Correct.

    I believe the hypothetical scenario here is this:
    1. IT flags your device, because you are fired, or they are 'jerks.'
    2. Your phone erases all contents.
    3. You enter your Palm username and password, the phone attempts to connect to the Exchange server, and repeats the cycle automatically without your input.

    Break the cycle by putting it in Airplane mode possibly, but I have not tried this.
    no 'Thanks'
  7. DKatman's Avatar
    Posts
    102 Posts
    Global Posts
    126 Global Posts
    #27  
    ScrapMaker,

    I understand what you are talking about.

    I just got distracted and slowed down responding to THIS post. It just looked like I was responding to you because my response was so delayed.


    Your scenario is different. But I have had the same issue with a BES. I mean, if I set it to "Kill" as the admin and the phone has been off for three days, do i connect the new blackberry they bought and nullify the kill? Or do i wait for it to set?

    With EAS, It is different because you don't supply a password to allow someone to connect. They are enabled are disabled and use their Network info to connect. I think as the admin, you just have to have the responsibility to turn it off when someone tries to reconnect via their backup....or just setting up a new connection. And yes, sometimes the user will have to wait until after the weekend so the Kill can be disabled. And sometimes we have to have that little talk about taking care of your things too and not leaving them in a cab. If there is really a reason to "kill", yes, it might be a little uncomfortable before things get back to normal.

    If there is an admin who thinks they are allowed to kill people's devices for sport, chances are they are ready to "retire" from the profession. There are lots of things Admins CAN do. Actually DOING them is much different. As I have said to users, "You either trust me or you fire me. If you don't trust me, you can't afford for me to be able to do the things I can do."

    Dave

    Quote Originally Posted by ksom View Post
    Can some EAS expert help one of my question?

    If I were to remove my exchange account from my Pre before my company does a remote wipe, would that still leave something open for them to do that?

    My company informed me that they can remotely remove beyond exchange information from my phone. I have no problem with that, just wonder if there is way I can prepare for such an event in case I change phone.
  8. DKatman's Avatar
    Posts
    102 Posts
    Global Posts
    126 Global Posts
    #28  
    Quote Originally Posted by ScrapMaker View Post
    Correct.

    I believe the hypothetical scenario here is this:
    1. IT flags your device, because you are fired, or they are 'jerks.'
    2. Your phone erases all contents.
    3. You enter your Palm username and password, the phone attempts to connect to the Exchange server, and repeats the cycle automatically without your input.

    Break the cycle by putting it in Airplane mode possibly, but I have not tried this.
    I would say at very worste, you would have to show them the phone to prove it erased. However, I imagine they could see the log that it had in fact erased. From there, they choose "delete" to severe the partnership to their server. They are done and it no longer has any control over the device.

    Refusing to do so is just plain silly. It really is funny how often IT is needed to step in for Human Resource issues. There is no way any Admin worth anything is doing anything stupid to put their entire company at serious risk by not letting someone control their own cell phone. Sure, it is becomes a bad weekend, it is maddening. But it wouldn't last long. I would think it would be FAR less than that. I was really thinking a worste case scenario.

    Dave
  9. mooshue's Avatar
    Posts
    74 Posts
    Global Posts
    79 Global Posts
    #29  
    Quote Originally Posted by ScrapMaker View Post
    In what real-world scenario would your phone need to be remotely-wiped, if you didn't lose it?


    "MOVE!"
    owner of my company lost his blackberry, i used kill immediately on bes server, it was successfully wiped. it was left at another competing company's conference room. All they had to do is pick it up, and start reading.

    This pre looks to be way easier to swipe data off of than the blackberry is. At least with blackberry you would have to do a few things, install bberry desktop manager, do a backup of the phone, open the backup file and export it with a certain little app, view all data.
  10. DKatman's Avatar
    Posts
    102 Posts
    Global Posts
    126 Global Posts
    #30  
    Quote Originally Posted by mooshue View Post
    owner of my company lost his blackberry, i used kill immediately on bes server, it was successfully wiped. it was left at another competing company's conference room. All they had to do is pick it up, and start reading.

    This pre looks to be way easier to swipe data off of than the blackberry is. At least with blackberry you would have to do a few things, install bberry desktop manager, do a backup of the phone, open the backup file and export it with a certain little app, view all data.
    You are stating his same point, right? He was suggesting how you only need to wipe if a device is lost and you told a story of wiping a lost BlackBerry.

    BTW - How is it "easier" to swipe data from a Pre than a BlackBerry, assuming the same security (Both do or don't have passwords)?

    Whenever I have attached a Blackberry to a desktop manager, it will ask me for the password to do anything to it.

    Whenever I have picked up any device without a password, I can just look at anything I want.

    Dave
  11. #31  
    The only scenario where I could see this being annoying would be if you got fired or laid-off.

    In that example, they would send the wipe command, then they would remove your account, possibly after waiting for wipe-verification.

    The "endless-loop" scenario is highly unlikely, since as soon as your Palm profile tries to load the Exchange account, your credentials will just fail---no wipe will occur.
    no 'Thanks'
  12. #32  
    This makes me want to migrate my contacts/calendar to my family's private Exchange server... but I'm too lazy, and I love how integrated everything is with my job. I just make sure to back up everything on a regular basis, just in case we downsize or something.
    no 'Thanks'
  13. #33  
    Quote Originally Posted by jrstinkfish View Post
    If your information is that sensitive, you probably shouldn't let people carry it around on their phones in the first place. Just sayin' ...
    You really have no sense of how the business world (or government world) works. People high up in these businesses and governements use Blackberry's, and by nature of the job, the Blackberry is a tool that they use to transmit and discuss sensitive information about upcoming products, sales, threats, etc.


    Imagine the director of the FBI left is Blackberry on a train or in a taxi.

    Or the CEO of Honda.

    Now you realize how important the remote wipe or kill pill is.
    "Last edited by ChappyEight; 09/24/2009 at 11:51 AM. Reason: To bow to zeravla."
  14. #34  
    Yes, and most of the people who use these phones are not the people you described. I'm just a lowly programmer for a bank. Nothing I receive from Exchange is sensitive in any way, yet they want to lock down my phone as if I'm the CEO.

    I've got no problem with the ability to remote wipe a phone though -- just saying sensitive data should not actually reside on the phone if it's a problem. Sure, you can wipe it, but for someone with proper skills, the time between the realization that the phone is gone and the command to wipe is executed, you've probably already been screwed.
  15. mejifair's Avatar
    Posts
    53 Posts
    Global Posts
    65 Global Posts
    #35  
    Question - What happens if I lose my phone and go buy another one from Sprint? Will the remote wipe still do the endless loop on the new phone once I put in my profile password? How does one get legitimately back into the EAS data once the remote wipe command has been switched on? Does the EAS admin have to turn it back off again?

    I would think that once a phone swap has been done there would be no way to sign into the stolen Pre again since the profile is associated with the phones ID, correct?
    Last edited by mejifair; 10/02/2009 at 11:00 AM. Reason: Spelling
  16. #36  
    Quote Originally Posted by jhitt25 View Post
    I'm not confused about the need for this feature for a company...i agree completely with that. The part i disagree with is that there is no warning that this feature is in effect before connecting you to EAS. Maybe just a little warning before it completes the account addition would be nice.
    Of course there's no warning. Think about the security purposes of what this process is doing. Do you reall think a warning is appropriate?

    Dear Thief. This is a warning. All information, including confidential files we don't want you to have access to, as well as customer, client, and employee information on this phone, is about to be erased. This is done over the air, and if you disconnect wireless connections immediately, the wipe will be averted. We trust that you will act appropriately...
  17. #37  
    Quote Originally Posted by donatom3 View Post
    No but let's not pretend that a ****ed off employee who's going to quit who happens to hate you couldn't think of doing this before he leaves and say "oops".
    I'm going to guess that you're not a professional IT person. Believe it or not, it's a relatively small community; and even those that have strong ... personality preferences ... understands how abusing technology hurts everyone. An action like what you're describing would likely follow the IT person for a long time, and could easily be a career-killer.
  18. #38  
    Quote Originally Posted by jrstinkfish View Post
    If your information is that sensitive, you probably shouldn't let people carry it around on their phones in the first place. Just sayin' ...
    Don't mean to sound like I'm flaming, but that's simply a naive statement. Corporate email, email lists, all of these things are sensitive informatioin. While it may not seem important to you, they are. We're not talking about the obviously sensitive stuff, like say an email that's talking about the upcoming corporate restructuring, but something as simple as the corporate employee information. You might not think a comprehensive list of all of your company's sales force is "confidential", but trust me, a headhunter would love to have it, and your HR department would hate them getting it.
  19. DKatman's Avatar
    Posts
    102 Posts
    Global Posts
    126 Global Posts
    #39  
    Quote Originally Posted by mejifair View Post
    Question - What happens if I lose my phone and go buy another one from Sprint? Will the remote wipe still do the endless loop on the new phone once I put in my profile password? How does one get legitimately back into the EAS data once the remote wipe command has been switched on? Does the EAS admin have to turn it back off again?

    I would think that once a phone swap has been done there would be no way to sign into the stolen Pre again since the profile is associated with the phones ID, correct?
    I looked at my info in the Mobile admin website for our exchange. I did need to exchange a couple of Pres. I wiped them by hand in the store. I saw all three (including my current) Pre listed in order as having partnerships with the server. It also showed the last date they were connected. Each device ID could be wiped or deleted (removing the partnership) individually. As I was there, I went ahead and removed the partnership, as I should have done a month before. But it would sure seem that the Wipe command would follow that device.

    I would think you would be safe.

    Dave
Page 2 of 2 FirstFirst 12

Tags for this Thread

Posting Permissions