back to article BYOD: How to keep your data safe on their mobile devices

This article was produced in association with JAMF Software Bring your own device (BYOD) is a novel concept that perturbs cynics. And in some ways I can't really blame them. You appear to be saying to your users: “We are not going to give you a computer to work with. Instead we expect you to bring your own, and we will give …

  1. James 51

    Was going to ask why the iOS/Android focus when BlackBerry literally builds these features in as key selling point but I guess the weakness is convincing employees to pay and use the best tool for the job (combining work and personal phone on single device).

    1. Anonymous Coward
      Anonymous Coward

      It is only the "best tool for the job" if you think Blackberry is better than iOS or Android for personal use. Being the best at managing home/work combined into a single phone (if that is even true - it was unquestionable a few years back but now it is open to debate) makes it the best option for your employer, but not for you!

      The best solutions for employees who may need to come in to work at 3am to fix a problem server is to live across the street from the office, but while that's a good deal for the employer the employee may see things differently. The convenience of the employer is not relevant to an employee's personal decisions such as where to live or what type of phone to use. It is up to the employer to find a way to make the employee's personal phone work if they don't want to be paying for separate phones/plans for work use (some employees may be willing to compromise on the issue of what type of phone to get if it will allow them to avoid carrying two)

  2. Christian Berger

    Wonderfull snakeoil

    I mean sure, remote wiping sounds like a good idea, until you realize that the same companies which offer hardisk data recovery for broken harddisks now offer the same services for the flash chips on your mobile phone. No matter if you have any remote wiping or time based wiping, you can simply pop it off to a company and they'll send you back the files. And it won't even cost you a thousand quid.

    Encryption also sounds like a good idea, until you realize that you cannot actually enter an encryption key. While it is acceptable to enter a decently long key on a laptop, on a mobile phone even a short pin is quite an effort since you don't have a proper keyboard.

    So in short, there probably is no way to store data securely on mobile devices. Even if device manufacturers would do everything correctly. The good thing is, you can work around that problem. Mobile devices now have rather decent wireless internet connections. So instead of having to store the data locally, you can simply log into a terminal server and go on from there.

    1. Lee D Silver badge

      Re: Wonderfull snakeoil

      There has never, in human history, been a case of someone being able to read overwritten sectors on a magnetic hard drive. There was a prize for such a few years back - an unclaimed million dollars which, by your reckoning, any one of these data recovery companies could have picked up by doing what they do every day.

      Similarly, for flash etc. chips, the same is true. "Magnetic" or "electronic" history does not exist.

      Therefore, if you overwrite every sector, or encrypt every sector and overwrite the key, the device's data is gone forever. What the passphrase is to that key is another matter but, again, overwrite the sector that holds the key and it's gone forever.

      So, please, stop spreading misinformation. The ability to remote-wipe is critical to the Data Protection Act and myriad other pieces of legislation that require such controls. And you can have high-confidence that, suitably encrypted, any device is impenetrable and - if it ever comes online - remote wipe will pretty much guarantee removal of access to the data on it.

      (Data recovery firms work by mechanically replacing parts of the hard drive to get it working again, in a sterile environment. It's a costly and expensive process but it can't work miracles. After that, all they do is repeated reads - usually through specialist write-blocking devices so they don't interfere with data for legal reasons in court cases - until they have as much of the data back as they can get. Then they reconstruct what they can and put it back into the formats you expect. They are nowhere near miracle workers and will often charge you full price and then say, sorry, this is all we could get back. I know of a school that paid £10k to restore their RAID set after they found out their IT guy wasn't backing up and the server failed - it cost that much to read off the data from old, bad-sectored hard drives that had been working fine but merely crashed mid-write. Even with a degraded RAID set to work from, they got back only 80% of their data, the rest was corrupt. Data recovery is about data reconstruction, not miracle-methods to get back data that's been overwritten - and a lot of it can rely on the fact that "deletion" is not "overwriting", in just about every major operating system).

      1. Christian Berger

        Re: Wonderfull snakeoil

        The idea is obviously to read out the flash-chips _before_ they are erased. So you steal the mobile device, remove the battery and bring it to the data recovery company. Since you won't boot the original OS any more, there is no chance any wiping software could ever delete anything.

        1. Lee D Silver badge

          Re: Wonderfull snakeoil

          And if it's encrypted, all you've done is removed the encryption key from RAM and made it absolutely inaccessible.

          Have you not noticed that all iPhones and Android machines now support encryption of the base device, the SD card, etc. as a one-click option?

          1. Christian Berger

            Re: Wonderfull snakeoil

            "And if it's encrypted, all you've done is removed the encryption key from RAM and made it absolutely inaccessible."

            Yes, but how do you remove the key from RAM in the following situation:

            I steal the device from you without you immediately noticing. I get over to a van where I quickly disassemble it to get to the JTAG connector found in just about any such device. I then use that to read out the RAM and the flash, this process involves halting the CPU. This takes probably no more than half an hour when you are able to practice.

            Alternatively you can get some liquid nitrogen, drop the mobile phone in there to preserve the memory contents. Even if you can only recover 80% of the key, you are still easily able to get to the rest.

            And I'm not even talking about things like malware or security critical implementation bugs.

      2. noominy.noom

        Re: Wonderfull snakeoil


        Yes it can be done. It is a well know capability. Still pricey (estimates run over one million U.S. dollars) so not a major concern for most people. But it was demonstrated in the late nineties that they could read prior data not only from the last bit stored at a location, but up to seven previous bits stored at a given location.

        Don't know about the prize you refer to. But the techniques were discussed in an Information Assurance program I was in during 2006-2008 at a state university in the midwest of U.S. Our professor was one of the ones participating in reading the disks. At that time it still required costly equipment so it was expensive to do.

  3. Anonymous Coward
    Anonymous Coward

    Whilst I don't disagree with whats described, there are significant issues not mentioned and not addressed by MDM that I've seen. Yes, the emails can be prevented from being moved and the profile can be wiped on request. However, its so easy for attachments to be opened and saved locally or saved to online storeage services. The solutions often add confusion when creating and sending new emails (which account do they go from? Personal or Work?), very easy to send from the wrong account. This is a significant risk to data. MDM as described can only be seen as minimal from a security point of view. Fine for non-confidential data but not suitable for the majority of firms in my opinion.

  4. Anonymous Coward
    Anonymous Coward

    Not sure how any of that gets around the fundamental problem of the device being carried around diverse establishments, connecting to every insecure wireless network if finds and getting fundamentally owned.

    You can have as many virtual environments, VPNs and citrix layers as you want, none of that is going to stop you rooted device from exfiltrating data as soon as you connect it to the corporate application.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like