There are a number of ways to perform remote wipe on mobile devices, each with its own benefits and limitations. Several popular cloud services and mobile device management products offer remote data wipe options for iOS and Android devices.
The ability to remotely wipe any managed device is a staple of many enterprise mobile security policies, and it's vital to preventing sensitive corporate data from being compromised. But in many cases, employees need to have signed up for certain services or enabled settings that allow for remote wipe, so encourage employees to take those actions before devices get lost or stolen.
Remote wipe policy
Remote data wipe options are limited by device type, mobile OS version and any installed management and security applications. But don't let what's already available dictate your remote wipe policy. Rather, establish your desired policy and then work out a plan to implement it on each device/OS that members of your workforce use.
Here are some remote wipe options to consider:
- Factory reset: Erase all device settings, user data, third-party applications and app data from a smartphone or tablet's internal flash and/or removable storage, returning it to "factory fresh" condition. This approach can be relatively easy, but it might not complete the job.
- Full device wipe: Obliterate everything written to a mobile device's file system user partition. This overwrites keys used to encrypt everything in the partition, rather than overwriting (scrubbing) the entire storage area.
- Enterprise device wipe: Erase only those device settings, user data, applications and app data that a mobile device management (MDM) agent pushed to a device. For example, if IT used an MDM tool to configure enterprise email and install a Salesforce app, enterprise remote wipe erases that email account's settings and messages, and it uninstalls the Salesforce app, along with associated profiles and data. Enterprise wipe does not affect user-installed public apps, data (camera roll, music or texts) or manual settings, such as personal email.
- Secure container removal: Remove only a previously-installed secure data container, along with its profile and data. Usually that consists of a software-encrypted folder of documents pushed to the container by an MDM tool. This option removes the keys used to encrypt documents stored in the container, rendering them cryptographically unreadable.
- Secure app removal: Remove a single enterprise or public app, such as a secure messaging client or a secure Web browser, and encrypted data stored by that app. Be aware that the effectiveness of app removal depends heavily on each app, including the app's key management.
Note that all of these options focus on data stored on a mobile device. Remember to also consider data that may have been copied to another location, such as cloud storage, local backup files or forwarded email.
How to wipe devices
Many IT administrators are familiar with using Microsoft Exchange ActiveSync (EAS) to request a remote wipe. Outlook Web Access users can also request a remote wipe with EAS, which performs a factory reset on Android devices and erases all content and settings on iOS. It overwrites the block storage encryption key saved in Effaceable Storage, rendering the encrypted file system user partition cryptographically unreadable.
Individual consumer cloud service users can also remotely wipe their devices. Apple iOS users who register with iCloud can do so through the Find My Phone app, as long as it was enabled before the device got lost. Android users may register with cloud services that their wireless carrier or device manufacturer offers. For example, Samsung's DIVE remote control app can remotely invoke factory reset. Google Apps for Business and Google Apps for Education users can also invoke remote wipe using the My Devices control panel. These are just a few of the many available consumer cloud services that support end-user remote find and wipe. To find more Android services that support remote wipe, search the Google Play store.
If these remote wipe services don't satisfy your policy, MDM software can help you move beyond EAS and native iOS/Android remote wipe capabilities. Every product or cloud service in Gartner's Magic Quadrant for MDM Software provides an interface administrators can use to request full wipe of enrolled smartphones or tablets. For example, AirWatch supports full device wipe and enterprise wipe commands for iOS devices. Fiberlink MaaS360 features include full device wipe and selective wipe, which removes the EAS account configured on the device and all corporate settings made available to the device. Both MDM tools also offer self-service portals through which users can find and wipe their own devices, if the administrator allows.
IT can also use MDM software and mobile application management (MAM) tools to remove individual MDM/MAM-installed secure apps. For example, if NitroDesk TouchDown is installed on an Android smartphone or tablet, creating an IT-managed, authenticated, encrypted enterprise messaging environment, any MDM or MAM software can remove TouchDown, along with any associated mail messages, contacts, calendar items and attachments. Alternatively, secure apps can be combined with native remote data wipe. For example, an Android factory reset removes all installed apps, rendering TouchDown-encrypted data unreadable even if the phone wasn't fully encrypted.
Finally, secure containers such as Zenprise Zensuite, AirWatch Secure Content Locker and Fiberlink Secure Document Sharing provide more granular remote wipes. These create authenticated, encrypted, on-device storage areas where mobile users can view and edit documents and other sensitive corporate data pushed to each device. Administrators can wipe the entire container by removing the application, or they can remove selected documents from the container. This action would be useful for when a worker is transferred from one group to another and should no longer have access to certain documents, for example. Here again, secure containers can be combined with native remote data wipe to deter forensic recovery of supposedly erased corporate data on users' personal devices that are lost, stolen or retired and re-sold.