If a mobile device is lost or stolen, this tech solution can protect sensitive business data, but it comes with risks of its own.
By Renee Morad
Small- and medium-sized business need to be prepared to handle worst-case scenarios when it comes to safeguarding company data. Perhaps you’ve left your laptop with confidential work information on the train, or maybe your tablet was stolen on a business trip. Or, say an employee resigned, and you’re concerned he might share the data on his mobile phone with a competitor.
Fortunately, a tech “remote wipe” could prevent your data from falling into the hands of the wrong people. If a device becomes lost or stolen, companies can turn to remote wipes to protect sensitive business data.
According to a recent survey conducted by Penton Research, 45% of survey respondents said they were “moderately” or “very” interested in the ability to remotely wipe from specific mobile devices.
However, SMBs should be wary of the potential downsides of employing a remote wipe, including potentially deleting an employee’s personal data. Also, keep in mind that remote wipes require preparation. That is, you’ll want to implement measures to make sure the proper software or encryption is in place before executing a remote wipe—which is often done on a moment’s notice.
“This is like flood insurance,” says Eric Ebner, president and director of research and development at IT consulting firm Protocol 46, based in Saint Paul, Minn. “If you don’t have flood insurance and get flooded, you’re done. The same can be said for remote wipes.”
Here are some important considerations to keep in mind when preparing for the option of remotely wiping your data.
Types of remote wipes
When companies turn to remote wipes to protect sensitive business data, they have three main options, each with its own steps to follow.
- Turn to your mobile provider
Companies can rely on a factory reset to reset all user settings, delete third-party apps and return a device to its original “factory-fresh” state. A cellular phone provider can explain the easiest way to execute this for your specific mobile device.
In some cases, a mobile service provider can also perform a remote wipe for you by sending a command to the web to wipe it clean. If your provider offers this type of service, you’ll need to have a cellular device app already installed.
If you have an iPhone, for example, you can register with iCloud and use the Find My iPhone app to wipe your device—as long as it was enabled before the device was stolen or went missing. Other devices, such as Samsung phones, for example, have a remote control app that can remotely complete a factory reset.
However, keep in mind that computer forensics techniques may be able to recover data from a device that has been wiped this way.
- Implement software to perform a remote wipe
Companies can also use software to perform a full wipe that will completely destroy all user data on a device. This option is more secure than a factory reset, according to Ken Barnhart, president and CEO of IT consulting firm Occam Group, based in Edina, Minn.
Ebner suggests enlisting the help of an outsourced vendor who can provide this software and then wipe a device for you as soon as you make the call. This option, which is often bundled together with other services, can cost anywhere from a few dollars to about $40 a month, he explains.
Many IT administrators turn to Microsoft Exchange ActiveSync (EAS), for example, to request a remote wipe. Outlook Web Access users can also request a remote wipe with EAS, and this will enable a factory reset on Android devices and erase all content and settings on iOS. Businesses can also turn to a variety of mobile device management (MDM) software and mobile application management (MAM) software to remove data remotely.
The downside to this, says Ebner, is that if you’re trying to wipe a laptop, it must be connected to the Internet to perform the remote wipe. If you’re trying to wipe a mobile device, it will be need to be turned on and connected to Wi-Fi. If a device isn’t connected online, it’s impossible to wipe data.
- Rely on encryption
A business can decide to install a “containerized” app on phones for exclusive business use. This is encrypted and separated from other smartphone data, and would allow a business to initiate a remote wipe on the containerized app, rendering the data unreadable, Barnhart says.
Administrators can wipe the entire container by removing the application, or they can choose to remove selected documents from the container. The latter is useful if, say, an employee is transferred from one division to another and no longer needs access to certain documents.
As another layer of defense, full-disk encryption uses disk encryption software or hardware to protect information by converting it into unreadable code that isn’t easily deciphered. Without the proper authentication key, even if the hard drive is removed and placed in another machine, the data cannot be accessed.
Before deciding which type of mobile wipe solution to implement, you should weigh the pros and cons of a mobile wipe, adds Barnhart.
- If the mobile device is lost or stolen, a company can prevent data from falling into the hands of hackers.
- Businesses can remove terminated employees’ access to confidential business data quickly and easily.
- If you have a Bring your Own Device (BYOD) policy, employees may feel uncomfortable giving you access to their phone. There have been incidents of employers accidentally wiping the data from employee’s phones. There are also potential implications for invasion of privacy and trespass of personal property.
- Mobile wiping capabilities may provide a false sense of security. Employees (and employers) may feel safer loading confidential data onto devices when the confidential data should never be on those devices in the first place.
- Remote wiping is not a defense against premeditated data theft on the part of employees. A disgruntled employee can still copy data from the device onto their own home computer prior to a remote wipe.
- Savvy thieves can disable a mobile device’s network connection prior to the remote wipe command being ordered.
This article was underwritten by HP: Introducing HP BusinessNow, the right technology to help your business grow.