[Stu_Bee]

When performing a "Erase Data & Disable" from the BES Manager for a particular user that has left the company the assumption is that they would not be able to retrieve the information they stored upon it.

Is this actually the case? Or can the user perfom a local restore with their BES Desktop Manager, without requiring the BES server.
Specifically, this is in a Domino Environment.

Thanks.

[rliebsch]

I suppose they could if they had a recent backup in the BBDM. Do they have their computer as well?

[ZeroKool]

Even if they restore the backup from their computer they will still have no access to their notes or anything BES related, as long as they are removed from the BES

[Stu_Bee]

Maybe the point of my question is being missed.....
------------
"Erase Data and Disable" is touted by RIM as a security feature that allows you to wipe handhelds that (a) are lost, or (b) from employees that have left the company and you don't want them taking corporate data with them.

I'm trying to figure out if (b) even fits the description I listed above. If a user can restore from a local backup and get all info back onto their handheld, then apparently not.

Also Note:
- "Erase Data and Disable" only works if you send the Erase Data command, AND keep the user account on the BES Server active for x days (ie so that the user(s) can turn on their BB and receive the request).

[ladydi]

i haven't tried to restore data to a device that has been wiped. I suppose it would be possible, but they wouldn't be able to mass mail it out at all. It would be stuck on the BB because the mail account no longer exists on that device. So if they were industrious enough to get out a pen an paper, then I suppose the data is vulnerable since the last backup.

As for the the erase and disable working, yes you have to keep the account, but what would that matter? (it will still work even if it is disabled in AD) and its still effective because as soon as the bb comes back online, the command is enforced.

But this is another great reason to password protect!! layers of security are good. Or better yet, don't let personal devices on your BES. There are lots of options. My opinion is that ultimately, it comes down to personnel policy. If a person want to break the rules, they will. Rules, like code, are made to be broken. No system will provide 100% security. especially not wireless mobile devices. BB just does it best!

[Flying Dutchman]

If the user made a backup then he/she could restore it to the device and view that information but the encryption key is not part of that. This means that the user would not be able to restore data communication with your BES.

[Stu_Bee]

So the consesus here seems to be:

'You cannot prevent users from taking corporate date with them on their BB after they leave the company'.

Users can either:
a) Turn off their OTA connection, or keep their device powered off, for a period of time until after you have removed the account from the BES (thus avoiding the wipe command)
b) Call their carrier to disable service prior to turning on their BB (thus avoiding the wipe command)
c) If their BB device does get the wipe command, they can just restore from their local backup.
======
I'm just providing a little reality for the company's Security team. Providing info as to what the wipe & erase command actually does, and how it can, apparently, be circumvented. Better to let them know now, rather than explain it after an incident.
thanks.

[d_fisher]

Quote:

Originally Posted by Stu_Bee

So the consesus here seems to be:

'You cannot prevent users from taking corporate date with them on their BB after they leave the company'.

Users can either:
a) Turn off their OTA connection, or keep their device powered off, for a period of time until after you have removed the account from the BES (thus avoiding the wipe command)
b) Call their carrier to disable service prior to turning on their BB (thus avoiding the wipe command)
c) If their BB device does get the wipe command, they can just restore from their local backup.
======
I'm just providing a little reality for the company's Security team. Providing info as to what the wipe & erase command actually does, and how it can, apparently, be circumvented. Better to let them know now, rather than explain it after an incident.
thanks.

This is why best practice is to only allow company owned devices to attach to your BES. If the device is owned by the company they can require that it be returned upon an employee leaving the company.

[penguin3107]

a. There's IT policies you can use to prevent this. You can set it so that the device will automatically wipe itself if it doesn't communicate with BES for a certain period of time, etc... There's actually several IT policies you can use to combat this.

b. You mean to tell me that you allow your end-users to contact the carrier directly? If so, then you have some really odd policies in your company.
Again, you can use IT policies to force the device to wipe itself. Even if the service from the carrier is disrupted or cancelled, the device will still have an IT policy on it telling it to wipe itself.

c. They can restore from local backup, but cannot reactivate themselves on your BES. Again, you can use IT policies such as password enforcement to combat this.

Bottom line, if your BES admins set up security properly, there is very little (if anything) the end user can do if you choose to lock them down hard.

[ladydi]

Good point on the wipe after being out of contact for a certain amount of time.

But, as for the password policies, after a wipe it just makes them reset the password. it doesn't lock them out of the device. they could still restore from backup.

Is there a policy that prevents them from using desktop manager, thereby forcing complete OTA? That would be the ultimate answer combined with a wipe after a no-contact period.

[Stu_Bee]

Quote:

Originally Posted by penguin3107

b. You mean to tell me that you allow your end-users to contact the carrier directly? If so, then you have some really odd policies in your company.

Let's just say, some companies allow users to make their own BB/BB connect product purchase, and other companies may be in a user monthly charge back via expense report model.

Quote:

Originally Posted by penguin3107

c. They can restore from local backup, but cannot reactivate themselves on your BES. Again, you can use IT policies such as password enforcement to combat this.

Heh...I know they can't reconnect to the server. The question was regarding existing data they already had.

I guess we can only minimize the chance, not eliminate.