Prevent your company from remote wiping your Android phone
NPR recently ran a story called
Wipeout: When Your Company Kills Your iPhone, where an unlucky victim had her iphone erased by mistake. This was made possible because she had an application that allows her to sync with a Microsoft Exchange Server. Even though this was her own person phone, an Exchange admin was able to wipe out her data.
The moment you let your company exchange server sync with your personal phone, all bets are off. Keep in mind that data is not yours just because a copy resides on your device.
In the NPR situation, if you have an iPhone or equivalent ‘closed’ device you may be out of luck. Your employer could also accidentally the whole thing to you too. But if you have an Android phone, you will find that you can retain control on an app-by-app basis.
In the Android phone that I’ve tested, it syncs to an exchange server for an email account but it does not automatically get full access. It will request it, but as long as I never allow it, it can’t do squat. And I won’t let it get more access because it doesn’t need any. I can send and receive emails. That’s all I want it to do.
“But what do I have to do to enable such limitations”, you say? – Nothing at all.
When you see a list of requested controls a mile long, don’t just click install and continue. Take the time to contact the developer, or at the least, search for more information before clicking. In any case, it’s best to keep backups of your data, limit access controls, and be mindful anytime you install or update an application. A layered approach is always a good thing.
With all applications you may think of installing on your phone, be wary of the access controls requested. This doesn’t apply to just email and social apps either. A simple toy app that does very little, such as displaying a fancy screen or rotating wallpapers shouldn’t need access to your phone contacts and full internet access.