Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

cyks

macrumors 68020
Jul 24, 2002
2,090
8
Westchester County, NY
It's sad to read something like that, sorry. They breaching my privacy by wiping off my phone. Even in the case it's my own phone. You find it ok. Extrapolate this on your own private Mac: what would you say if your boss could format the hdd on your personal comp?

I consider individual freedom higher and more valuable than the corporate ones. That's my point.



Man, I didn't want to offend you in any way. Once again sorry if it sounded offending. It's just my viewpoint. I will never, never in my life put rights of any possible boss / company higher than these of mine -- and broadly -- of these of any individual. We're giving our rights away all too easy, I think.



That's just it, no rights are being violated or given away.

If I was working from home and chose to use my own, personal computer, I would expect the company to be able to not only format the hdd at their choosing, but be able to command control, see what I was doing at any given time, and have full access to it's entire contents as they saw fit.... which are also the exact reasons why I would choose to never use my personal computer for work related activities.

The same could be said about the phone and it's use. If a job wants/ needs me to be able to check my email when I'm out of the office, they would need to supply me with a device to do so or, at the very least, allow me to check my mail from a standard web browser.

That way, my property completely remains my property. For that matter, I'm also the person who uses cell data instead of connecting to the company WiFi and I don't give out my actual phone number (I use a Google Voice number for work and acquaintances) or main email addresses.
 

Xgm541

macrumors 65816
May 3, 2011
1,098
818
This is why I don't have my phone connected to my work email/calendar. I log in via the web client. I also read an interesting article too that if your company ever gets sued that your device can be confiscated and considered evidence. I often wonder why would I want to use my personal device, and data plan that I pay for, for work? I will read my emails when I get to the office.

I might be wrong but it seems like if the company themselves own the phone, then that is the only way your phone can be subpoena-d.

I don't see the big issue about exchange data wipes. There's a reason you back up your device daily.. right?

On android when you set up your exchange server, it tells you that you give your employer the ability to remotely wipe your device.

I use my phone with my employer's exchange without hesitation.
 

Serelus

macrumors 6502a
Aug 11, 2009
673
132
Vm9pZA
I've been in the IT department for a while now, and this is also news to me.

I get how this was set in place to protect a companies data, and how they can use this to secure any information from leaking.

But I don't understand why the entire phone has to be remotely wiped. This should be a feature limited to the user alone.

Looking at this from a developer perspective, it shouldn't be that hard to take the Exchange service and just remotely wipe every piece of data that came in contact with it. What if a company finds it necessary to wipe your phone but you disagree and you find that it's still possible to find your phone back, in case of theft, I could use "Find My iPhone" to retrieve it.

If a company would then decide to wipe my iPhone anyway, I would be seriously outraged.

Unlike many people here who claim it's ridiculous to put work related services on your personal phone, I don't agree. I do this alot because I am on the road alot and a laptop can only be whipped out when there's wifi around. I recieve way to much emails to limit my work to a laptop or workstation, it's just not a viable option.
 

C DM

macrumors Sandy Bridge
Oct 17, 2011
51,390
19,458
Recall the old saying about assuming?

Two words: due diligence. No one likes having to research and read up but it's each person's responsibility. Granted, the employer should be ensuring that employees are aware of their specific policies on this matter but each of us has to take the initiative to understand what we're getting into. We can't just expect to be spoon fed everything. If you aren't sure, don't know, aren't having any luck with searching, etc then ask.


That's a matter of opinion. It's a slippery slope IMO as iOS can't notify you of every potentially harmful eventuality for every action you take on your device. Where does the line get drawn and why do we use your placement of the line versus everyone else's?

IMO if it's important to you then you should be looking into it. I'm not just preaching here. That's precisely what I do. It's why I've never used company devices for personal use and person devices for company use.


Start up a business, allow your employees to have sensitive company data on their devices and then tell us it's crazy. You have to consider more than just your own perspective on the matter. Could there possibly be a less heavy handed approach? Sure but it is what it is.
Realistically, the phone should notify you if by setting up an (Exchange) account would now result in some sort of setting changes (like enforcement of PIN, or shorter lock times, or some app access) as well as the ability of some level of remote access. Since the OS can detect that, and apply the necessary changes based on the policy of the account that is connected, surely it can notify you, the user of the device, that it will implement those changes, or is implementing those changes, whenever you are setting up a particular account.

----------

Obviously, they shouldn't, but *can* they?

Exchange was before my time, so I never dealt with it in a University/College setting. I'm curious to know how academic institutions handle this.
Furthermore, if you, for example, connect to Gmail or Hotmail/Outlook accounts on your phone using Exchange, do those providers (who are not your employers or even institutions you are really involved with beyond simply being a user of their mail service, for example) now suddenly have the ability to remotely wipe your phone or enforce some other settings since you are doing it via Exchange?
 

cyks

macrumors 68020
Jul 24, 2002
2,090
8
Westchester County, NY
Looking at this from a developer perspective, it shouldn't be that hard to take the Exchange service and just remotely wipe every piece of data that came in contact with it.

Considering it has to work thoroughly on MANY devices, I would think that it would not only be much easier for them to implement a full wipe, but that it would also limit secondary issues arising if they were to only delete portions of data. From there, things like tech support and full testing would be needed whereas wiping it clean omits those problems.


Unlike many people here who claim it's ridiculous to put work related services on your personal phone, I don't agree. I do this alot because I am on the road alot and a laptop can only be whipped out when there's wifi around. I recieve way to much emails to limit my work to a laptop or workstation, it's just not a viable option.

Sounds like your job should equip you with a cell phone then.
 

C DM

macrumors Sandy Bridge
Oct 17, 2011
51,390
19,458
I've been in the IT department for a while now, and this is also news to me.

I get how this was set in place to protect a companies data, and how they can use this to secure any information from leaking.

But I don't understand why the entire phone has to be remotely wiped. This should be a feature limited to the user alone.

Looking at this from a developer perspective, it shouldn't be that hard to take the Exchange service and just remotely wipe every piece of data that came in contact with it. What if a company finds it necessary to wipe your phone but you disagree and you find that it's still possible to find your phone back, in case of theft, I could use "Find My iPhone" to retrieve it.

If a company would then decide to wipe my iPhone anyway, I would be seriously outraged.

Unlike many people here who claim it's ridiculous to put work related services on your personal phone, I don't agree. I do this alot because I am on the road alot and a laptop can only be whipped out when there's wifi around. I recieve way to much emails to limit my work to a laptop or workstation, it's just not a viable option.
You can potentially try Divide: http://www.divide.com/
 

diamond.g

macrumors G4
Mar 20, 2007
11,040
2,395
OBX
Furthermore, if you, for example, connect to Gmail or Hotmail/Outlook accounts on your phone using Exchange, do those providers (who are not your employers or even institutions you are really involved with beyond simply being a user of their mail service, for example) now suddenly have the ability to remotely wipe your phone or enforce some other settings since you are doing it via Exchange?
If the service (Google, etc.) uses EAS then yeah technically it has the ability to remote wipe the device. Though I don't recall non native Exchange services actually implementing the feature.
 

bigcstyle4

macrumors 6502
Sep 22, 2012
342
139
When my company implemented the MDM policies, the phone told you everything that it had the ability to do when setting it up through Citrix (remote wipe, passcode policy, jailbreak detection). Before this, we just had mail, contacts & calendar set up through a standard Exchange account with none of these abilities.
 

itjw

macrumors 65816
Dec 20, 2011
1,088
6
Don't be a douche.

You ALSO clearly didn't read the rest of the thread as I didn't sign anything and we have no policies regarding email on personal phones.

Before going around thinking you're smarter than everyone, maybe you should do some research. It might prevent you from looking like such an @ss.

I'm sad you made fun of me. That chimp is ruining my life.

And by INSTALLING your works software on the phone you agreed to the terms. If there were no terms (and I'm talking even in your employee handbook), then SUE them if you can prove they breached your privacy.

I'd bet $100.00 they didn't. Just like the chimpanzee that emptied my bank accounts, I bet you gave them permission and didn't realize it.

So call me all the names you want. At least I own up to my own idiotic actions before freaking out and blaming my company for something I agreed to...

;)
 

nizmoz

macrumors 65816
Jul 7, 2008
1,410
2
Honestly this isn't an issue for iPhone users. Just have it backed up to iTunes and if it does get wiped, restore it then.
 

aristobrat

macrumors G5
Oct 14, 2005
12,292
1,403
But I don't understand why the entire phone has to be remotely wiped.
Wiping the entire phone is an option.

Does it make sense to use that option on a student-owned phone connected to the University email server? IMO, probably not.

Does it make sense to have that option available for use on a company-issued phone that contains confidential (such as PDFs, spreadsheets and presentations) stored in various applications on the device, in addition to company email? Very much so, IMO.
 

zone23

macrumors 68000
May 10, 2012
1,986
793
I might be wrong but it seems like if the company themselves own the phone, then that is the only way your phone can be subpoena-d.

I don't see the big issue about exchange data wipes. There's a reason you back up your device daily.. right?

On android when you set up your exchange server, it tells you that you give your employer the ability to remotely wipe your device.

I use my phone with my employer's exchange without hesitation.

Well that was the point of the article people using "personal" phones can be confiscated if used for corporate email. Ya if it was a company phone then that would be expected. I was just pointing out something I read, thats all.
 

bripab007

macrumors 6502a
Oct 12, 2009
529
26
totally agree, but you can't do it remotely without the proper credentials.

Right, well, the company's email admin would have the proper credentials and permissions to do so. This person's IT staff should've made it clear to the user the terms of the arrangment in a signed mobile device agreement form (many folks call it BYOD, Bring Your Own Device, these days).
 

Serelus

macrumors 6502a
Aug 11, 2009
673
132
Vm9pZA
Wiping the entire phone is an option.

Does it make sense to use that option on a student-owned phone connected to the University email server? IMO, probably not.

Does it make sense to have that option available for use on a company-issued phone that contains confidential (such as PDFs, spreadsheets and presentations) stored in various applications on the device, in addition to company email? Very much so, IMO.

All of you keep quoting little parts of what I say, but i'll say it again... what if you lose the phone and you and your employer disagree wether or not the phone needs to be wiped, then they wipe it anyway and it turns out you could have easily retrieved it with say Find My iPhone. I don't agree with the fact that this is a call that's made by the company rather than you yourself. Especially when it's a personal phone, regardless of the fact that you should or shouldn't use work related services on your phone.
 

Menel

Suspended
Aug 4, 2011
6,351
1,356
All of you keep quoting little parts of what I say, but i'll say it again... what if you lose the phone and you and your employer disagree wether or not the phone needs to be wiped, then they wipe it anyway and it turns out you could have easily retrieved it with say Find My iPhone. I don't agree with the fact that this is a call that's made by the company rather than you yourself. Especially when it's a personal phone, regardless of the fact that you should or shouldn't use work related services on your phone.

Their valuable data is lost.
You were careless with it.

If it was my bank details, or IP, or financial docs, that you voluntarily stored on your device. I'd want it wiped, asap. You're feelings be damned.
 

C DM

macrumors Sandy Bridge
Oct 17, 2011
51,390
19,458
All of you keep quoting little parts of what I say, but i'll say it again... what if you lose the phone and you and your employer disagree wether or not the phone needs to be wiped, then they wipe it anyway and it turns out you could have easily retrieved it with say Find My iPhone. I don't agree with the fact that this is a call that's made by the company rather than you yourself. Especially when it's a personal phone, regardless of the fact that you should or shouldn't use work related services on your phone.
As long as you know that is a consequence of you adding your employers accounts on your own device then everything is in order.

If you are not notified by your employer of that (and the phone itself doesn't seem to notify you of any possible control that would now be in play when you are adding such an account), then it could certainly be an issue.
 

aristobrat

macrumors G5
Oct 14, 2005
12,292
1,403
All of you keep quoting little parts of what I say, but i'll say it again... what if you lose the phone and you and your employer disagree wether or not the phone needs to be wiped, then they wipe it anyway.
To me, your 'what if' is easy. Understand what your company's policy on lost devices is BEFORE connecting your device via ActiveSync.

If you disagree with your company's policy, then DON'T connect your device via ActiveSync.

There are other obvious situations (not involving your phone) where the ENTIRE PHONE -- not just email, or data that came from email -- would need to be wiped.

Remote wipe is one option that can be used when a phone is lost/stolen.
 

Night Spring

macrumors G5
Jul 17, 2008
14,596
7,760
To me, your 'what if' is easy. Understand what your company's policy on lost devices is BEFORE connecting your device via ActiveSync.

If you disagree with your company's policy, then DON'T connect your device via ActiveSync.

The problem that the OP has pointed out is that some (many?) people don't know that connecting their devices via ActiveSync gives your company the ability to remote wipe your device. If you knew, then of course you would check company policy before you connect. But given that there ARE people who are uninformed, whose responsibility should it be to make sure they are informed? The company? The device manufacturer? Microsoft (as provider of ActiveSync)? The device OS provider (if different from the manufacturer)?

In my opinion, saying that it is the user's responsibility to find out how anything they put on their device will affect them is side-stepping the issue, because for many people, it wouldn't even occur to them that accessing company email will have such a big system-wide effect. It just isn't common sense.
 
Last edited:

aristobrat

macrumors G5
Oct 14, 2005
12,292
1,403
I agree that it's side-stepping the matter.

Not to say iOS couldn't be made better and inform the user about remote wipe when they connect via ActiveSync, I think that with remote wipe having been around for the better part of a decade now (it was added to ActiveSync years before the original iPhone was announced), if it actually was an issue, there wouldn't be nearly as many people just learning of its existence.
 

Serelus

macrumors 6502a
Aug 11, 2009
673
132
Vm9pZA
Their valuable data is lost.
You were careless with it.

If it was my bank details, or IP, or financial docs, that you voluntarily stored on your device. I'd want it wiped, asap. You're feelings be damned.

In the US yes, EU no.
It could of been stolen, something that can happen to anyone. I might even be able to retrieve it like I already said.
What is important to the company is different from what is important to me, that doesn't mean what's important to me doesn't apply. That's what we have a trade union for.
 

Menel

Suspended
Aug 4, 2011
6,351
1,356
In the US yes, EU no. What is important to the company is different from what is important to me, that doesn't mean what's important to me doesn't apply. That's what we have a trade union for.
Your Trade Unions cN legally block someone from securing their information when someone else runs off with it?

That sounds backwards and broken. Such is law.
 

aristobrat

macrumors G5
Oct 14, 2005
12,292
1,403
What is important to the company is different from what is important to me, that doesn't mean what's important to me doesn't apply. That's what we have a trade union for.
So what's your plan?

Realistically, I don't see Microsoft removing the remote wipe option from Exchange just because you don't trust your company to use the option in a responsible manner.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.