Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1099
  • Last Modified:

Destroying data on smartphones

1.      Is performing a wipe in ActiveSync or BlackBerry a sufficient method to destroy sensitive data on a smartphone? If so what type of data destruction methods are used in the scripting? DOD? 3 pass? Etc.

2.      And what is the best way to destroy data on a non-exchange synchronized smartphone.
0
Blue Street Tech
Asked:
Blue Street Tech
  • 5
  • 2
  • 2
4 Solutions
 
RobMobilityCommented:
Hi,

The only way to secure data on a flash memory device or device which uses flash memory is to destroy it (crush etc).

Due to the methods used by flash when deleting information and preventing cells becoming damaged through too many re-writes (wear levelling), some data may be left on the flash memory which isn't deleted when it's wiped.

Products are available to securely wipe the functioning areas of flash memory but these do not cover the areas that are not being used.

A sufficiently motivated and funded organisation wanting to compromise your company's data could potentially recover some of this information, but in reality unless you are a military or other government department, it's unlikely to be a significant concern.

Regards,


RobMobility.
0
 
RobMobilityCommented:
Hi,

Can you provide more information on the type of smartphone/OS being used?

Several tools exist from the likes of McAfee and others which might be suitable but the options available vary between mobile OS - e.g. Windows Mobile 6.x is easier to manage and secure than Android, for example.

In addition, sensitive information should be encrypted as bootloader attacks could render the internal flash open to interrogation and unencrypted data would therefore be available.

Unless it's a 3rd party product which enforces a wipe method, then in many cases you'd be reliant on the vendor and/or the OS provider to determine the wipe method employed - this will probably vary between platforms and could be weaker on some than others.

Flash doesn't work in the same way as magnetic media, however, so the multiple re-write method, which is used to remove a magnetic residue on a magnetic drive, isn't necessarily applicable to Flash.

Regards,


RobMobility.
0
 
Blue Street TechLast KnightsAuthor Commented:
@RobMobility: Wow. Thanks for your response and for the insight! So if I understand you correctly the commands on both Exchange and BlackBerry to “wipe” the phone are not reliable? How do you clean phones without breaking them? Is there a particle way for SMBs to do so?

Currently I have four phones that need wiping/cleaning. The carrier is ATT for all except the BlackBerry which is T-Mobile. a) iPhone 3G/ 4.2.1, b) HTC Inspire/Android 2.2.1, c) HTC Fuse/Window Mobile 6.1 Pro & d) BlackBerry Pearl 8220/ OS 4.6.0.259.

The iPhone is not setup on Exchange so I can’t issue a remote wipe command. How do you recommend cleaning the phone for selling purposes?

The other phones mentioned above are on Exchange and BlackBerry respectively. They have since had there SIMs removed and put into new replacement phones. How would you suggest I clean these?
0
Get your Disaster Recovery as a Service basics

Disaster Recovery as a Service is one go-to solution that revolutionizes DR planning. Implementing DRaaS could be an efficient process, easily accessible to non-DR experts. Learn about monitoring, testing, executing failovers and failbacks to ensure a "healthy" DR environment.

 
btanExec ConsultantCommented:
This is one area you may be interested @ http://www.recellular.com/recycling/data_eraser/

A resource for figuring out how to reset cell phone data is put together by ReCellular, which buys, recycles and refurbishes wireless devices. Its cell phone data eraser site gives detailed instructions on how to erase data from many different makes and models of cell phones. Just choose your make and model, and you'll be able to download specific instructions for resetting it.

As for remote wipe, I suggest reading @ http://lwn.net/Articles/404989/
Android, IPhone and Windows Mobile and BB do have inherent support for remote wipe but via backend command send down to them

http://mobileoffice.about.com/od/mobilesecurity/qt/smartphone-remote-wipe.htm
http://www.pcmag.com/article2/0,2817,2352755,00.asp

The remote wipe is not reliable not because of its algorithm but because
a) smartphones platforms do not recognised such remote wipe capabilities (but i see it for older version or non enterprise managed device)
b) remote wipe requires your phone to have a charge and be on for you to be able to remotely erase the data
c) the phone gets rebooted during the remote wipe process (which could be lengthy)

There are multiple means and not necessary it need to be exchange but it is more common as mobile device is configured for email. The online account helps as well if there is such subscription adopted but it is not centralised since it is 3rd party and user control. As for the safest way, it is of course the physical destruction but to reuse, minimally the PII should be removed as earlier mentioned.
0
 
RobMobilityCommented:
Hi,

I'm not saying that they are unreliable, but consider the following:

1. The device needs to be in coverage in order to receive the wipe command
2. To mitigate against this, a policy of wipe after n failed passwords should be empployed. Other policies to consider are wipe after no use for 6 months or something similar.
3.The configiguration of the device prior to wipe is important - if the data is encrypted using something like ES (e.g. the BlackBerry supports this natively), then any data retained on the flash via 'wear levelling' should be in an unrecoverable state.
4. The method used to generate the and store the encryption key is important - i.e. if the key is stored in flash memory (many devices have a protected area of flash for the storage of such keys) then if this can be recovered, any encrypted data residing in flash memory is easily decrypted.
5. The algorithm used to wipe the device is important - some devices re-write a fixed pattern when wiping, others, such as BlackBerry, scrub the memory and perform multiple re-write operations.

Many devices have the facility to wipe as part of the factory reset function - BlackBerry devices have this feature.

Unless you're dealing with Government sensitive information, the standard wipe function should be fine - Exchange will allow you to send a remote wipe to ActiveSync connected devices.

The BlackBerry devices can be wiped via Options, Security - depending on OS, the wipe command is either obvious as an option or appears as a sub option.

On the Android device, I suggest you do the following:
1. Settings > Phone & SD Storage > Unmount Phone Storage
2. Settings > Phone & SD Storage > Format Phone Storage
3. Settings -> Security -> Factory Data Reset

With regards to the iPhone, this reveals that a factory reset doesn't wipe the date:

http://lifehacker.com/395743/completely-erase-your-iphones-data

Regards,


RobMobility.

0
 
RobMobilityCommented:
Hi,

Later iPhone devices can be deleted:

 http://ipod.about.com/od/iphonetroubleshooting/ss/reset-iphone2_3.htm

Regards,


RobMobility.
0
 
RobMobilityCommented:
Another option is to wipe  the data and reset the devices and then re-install the OS.

http://www.ehow.com/how_4691139_reinstall-operating-system-iphone.html

Regards

RobMobility.
0
 
btanExec ConsultantCommented:
thought the other track discussing on Iphone erase function is related too

http://www.experts-exchange.com/Apple/Hardware/iPhone/Q_27019017.html

Overall, I see another means to verify is through use of forensic tool commonly used to retrieve back information. Some include Paraben Device Seizure and Cellebrite UFED. But understand they are not free to use .....
0
 
Blue Street TechLast KnightsAuthor Commented:
Thank you both for all your input. My apologies for the delay…I was out on sick leave.

I am splitting points since you both provided so much solid info on the subject.
0

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

  • 5
  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now