About Exchange and remote wiping

If your iPhone has been given to you by your employer, why are you bothered about losing any data?

If you want to put data you own on a device, do it with your own Phone.

I'm an exchange admin/ and i own an iPhone btw - so i can all sides of this argument, as pointed out in the link, its there as a safeguard for drunken salesmen who leave the phone in

1.coffee shop

2.lapdancers bar

3.back of a taxi

You can choose any of the above.

Assume you're using Exchange 2010, since you mentioned 'web apps', this feature works all devices connected to the Exchange by the way, not limited to the iPhone.

Few companies allow iPhones because of the threat they post.

1. You need to usually, activate it by utilising iTunes ( not a corporate application )

2. Exchange Admins/ IT Department are usually tasked with keeping the device(s) updated. which can ONLY be done via iTunes - again, not a corporate application - iTunes which itself requires ports opened on a corporate firewall ( 80 & 443 i think ) installs a lot of services ( mDNSResponder, Bonjour, ) etc, and whilst these are not entirely threat worthy points, they do increase the surface area of attack.

Once this area gets great enough, you are losing track of who owns what device, and give up caring because as long as it looks good you get no irate phone calls saying it ' DOESNT drop calls, it ' DOESNT have a terrible battery life'

You know, all the things us Exchange admins have to put up with all other devices( including iPhones )

My argument here, is that you want to connect your own device to a network you have NO control over, and moan when caution is exercise.

This is similair to borrowing a freinds car, and using all their petrol and then filling it up with your own and giving them the bill.

http://technet.microsoft.com/en-us/library/bb232129.aspx

I wrote a long reply, explaining that by connecting your device to a network, you are peforming a handshake of control, between yourself and the domain.

Activesync is a microsoft protocol for connecting devices to an exchange, it's gotten more and more granular control with each Exchange release, above are some of the things you're agreeing to

It's also available in Gmail & AppleSo it's not a new thing.

Hope this helps.

Thank you for the information.

"If your iPhone has been given to you by your employer, why are you bothered about losing any data?"

Because you find you're in the same jeopardy if you use your personal phone to access your employer's Exchange server. Fair enough in some sense, but the loaned car is at least potentially reversed here -- Your work data is going for a free ride on your device.

I understand there are edge cases ("But wait, you had access to work email, so you may have saved precious docs to your phone! They have every right to erase those!"), but the OP's shock makes sense. I'd expect some sort of middle ground where you could erase the Exchange account automatically, but not, say, my personal pictures, reminders, etc. Heck, just sandbox files in Exchange accounts (don't allow their being saved outside of the Apple ecosystem) for that middle ground. etc etc

I was asked by my company to monitor my company email from my personal iPhone. After becoming aware of the remote wipe feature on the Exchange server, I informed my company that I was unwilling to continue using my personal phone. I deleted the email account from my phone, but one of the IT people told me that the policy is still resident on my phone and it could still be wiped remotely. Is it possible to sever that connection? Back up my phone and then do a factory reset? If I restore the backup, am I not restoring the policy too?