Being new to working with Microsoft Exchange 2010 I was surprised to see how much power it has over mobile devices that are connected to an Exchange server. While doing some work for an upcoming audit I found that not only can you control WIFI, Bluetooth and even camera settings on connected phones, but completely wipe the phones as well. Now when finding this out of course it had to be tested, and thankfully my boss offered up his iPhone to be the "test device". It was more just to see if it actually worked then anything and oh did it do its job.... too well. Just by clicking the "Wipe Drive" option the phone suddenly powered off and rebooted. It was stuck on the Apple logo for about half and hour and when it came back it was if he just bought the phone. We were both shocked since we just assumed it would wipe out any emails or contacts that were associated with the company but no, EVERYTHING was gone. All his apps, all his contacts... everything.
This small but powerful feature is phone to test out but gets very scary if you think about it. Someone could very easily erase an unsuspecting users enter personal phone by accident, or even on purpose if they really wanted to. It does come in handy when a phone is lost, stolen or someone is fired without getting a chance to clear out any settings. But when it comes to a setting such as a college campus where thousands of students can be connected to the Exchange database makes it very scary. Being that I used to work for a college IT department the idea that someone has the power to wipe a students phone, who really has no idea how they are connecting to the network, makes me nervous. I'm surprised we haven't seen stories about more accidental wipes happening but I'm sure the time will come when something goes kind of screwy and hundreds of phones get wiped.
No comments:
Post a Comment