Exchange 2013 mobile device remote wipe.

I Have a customer who is going to fire an employee soon. They want to make sure no sensitive data is left on the users phone. I know I can perform a remote wipe but this phone is the employees personal phone so I don't want to completely clear it. Is there a way to just remove the Exchange account and it's data remotely? This user is using an Android phone.

Thanks in advance.
Dougj182Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Ugo MenaCommented:
A remote device wipe can reset a mobile phone to the factory default condition. Although the remote device wipe protocol as implemented in Exchange 2013 only requires the deletion of personal corporate data, all current mobile device manufacturers interpret the command as one that wipes all data on the phone.

Many mobile device operating systems also wipe all data on any storage card that’s inserted in the mobile device.

This procedure will clear all data on the mobile phone, including installed applications, photos, and personal information.

Here is the KB article explaining the process more : Exhange 2013 Remote Wipe
0
Ugo MenaCommented:
If you don't want to wipe the entire device... And depending on the content that is thought to be on the mobile device, you may just want to disable the user login, which will make the online account settings void.

It would still leave any content that has been downloaded directly to the device.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Dougj182Author Commented:
@ Ultralites - This is what I thought. So I gather there is no way to delete only the exchange anccount and leave the remaining data in tact?

What do other businesses do in this situation? I suggested that they call me in when they are going to let her go so I can simply remove the account but they were unsure if she would allow anybody access to her device.
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Ugo MenaCommented:
Typically the device is under the ownership of the company, so they end up returning it.

In this case, since you are not able to have the user give you access to remove the account,  I would just change the password to the account and disable access via OWA .

Given they own the device, they will start to get incorrect pwd prompts when it attempts to update, which will eventually force them to remove the account.
0
Ugo MenaCommented:
It is a delicate situation.... but uou may also be able to leverage the fact that you can wipe the whole device via Exchange, and just ask the user to pick which scenario they prefer.

1. Whole device wiped?
2. Allow you to remove the account?
0
Dougj182Author Commented:
Thanks, I'll do this.
0
davebytesCommented:
For future people looking for a solution, I wanted to clarify what I believe to be a mistake in responses.

It is up to the exchange CLIENT APP to implement remote wipe.  So for example, I believe the new Outlook application for Android and iOS wipes only application data (definitely on iOS, but I thought Android too).

The Nine email client on Android -- one of my favorites -- keeps its own encrypted data storage, and so doesn't need device wipe capabilities.

So depending on the software the employee is using, remote wipe might only nuke the app data, not the whole phone, which makes it much more tolerable -- and clearly easier to achieve for IT folks. :)

HTH!
1
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.