It’s a dilemma that faces business managers every day.
When they bring in a new hire, somewhere in the midst of the paperwork is a clause about the internal Bring Your Own Device (BYOD) policy. It gives the company the right to remotely wipe a lost or stolen phone or tablet, or to wipe any company related data at the moment an employee leaves.
But do people really understand the implications of what they are signing? Studies show the answer is no. Personal is personal; business is business. Yet when the two are co-mingled, the rules suddenly change.
As more organizations adopt BYOD policies as employees acquire a wide variety of smartphones and tablets for every day use, stricter guidelines must occur to keep company data safe. Yet for many employees, they worry equally about the personal data that invariably makes its way onto their devices.
Which is where the trouble begins.
As an organization, there are three basic reasons for wanting to remote wipe the contents of a mobile device:
- The device is lost or stolen
- The device belongs to an employee who quits or is fired
- The device contains malware and security issues that are effecting the network
Time is imperative in all situations to keep the company data safe.
Yet when an employee highly values his or her personal data, they may delay telling the IT department of any trouble because they fear the consequences of losing all of their files. These delays cost businesses significantly.
In order to use remote wipes, three options are available.
1. Use your mobile provider
Every phone comes with a factory reset feature that will reset all user settings, delete all third party apps and return the device to its original factory settings. The cellular provider can explain the easiest way to execute this feature.
Most phones also have a feature that allows you to wipe your device even when it is no longer in your presence. If you have an iPhone, for example, you can register it with iCloud and use the Find My Phone app to wipe the device at any time. The key is enabling the feature before it is stolen or misplaced. Not the safest method, but it can be a good starting point to get employees to take ownership of mobile security.
2. Use encryption
IT can install an app that will contain and encrypt all data used for business in a special folder on the device. This can be useful because IT can access the container and make changes as they desire, while leaving the rest of the device content alone. This would give IT the option of wiping the entire contained section as needed, or in the case of an employee moving to a new department, delete and add new content based on requirements. This also provides an extra layer of protection as the device couldn’t be accessed without the proper authentication key in place.
3. Use outside software
There are many outside vendors that offer special programs to help IT manage data and devices, and in many cases are bundled with other services to make remote access easier. For instance, Microsoft Exchange ActiveSync (EAS) has a feature that allows users to request remote wipe to return it to factory condition. The downside of using systems like this is the device has to be connected to the Internet and turned on in order to wipe the data. This can leave the device at risk indefinitely.
No matter which policy is the right solution for your company’s data, the important thing is to keep your employees in the loop. If you stress you will never erase their personal data, they will be more likely to submit problems as they occur. If you stress how valuable the company’s data is, they will be more likely to take action.
What is your company’s remote-wipe policy?