The legal battle continues between Apple and the FBI about access to the iPhone 5C used by Syed Rizwan Farook, one of the terrorists who killed 14 people in the 2015 San Bernardino attack. The Justice Department has issued a court order asking Apple to help access encrypted information stored on the device by writing software that would disable its passcode protections to allow an infinite number of guesses without triggering the auto-erase feature of all data on the device that would normally occur after 10 failed attempts. Apple’s CEO, Tim Cook, has spoken out, saying that “this would be bad for America” and would undermine digital security more broadly.
Regardless of which side of this debate you’re on, it’s frustrating for me to think that the whole situation could have been avoided for the cost of about $5. Given that Farook was a San Bernardino county employee, the device in question is a county-owned phone. If the county has been utilizing an Enterprise Mobility Management (EMM) solution, formerly known as Mobile Device Management (MDM) software, an entirely different outcome could have occurred. For approximately $5 per month per device, the county could have established the necessary security, compliance and profile settings on the devices it provides employees (like Farook) to unlock the phone and access the data.
With hindsight being 20/20, it’s clear that two major mistakes have been made. First, the passcode to Farook’s iCloud account was changed by the county in an effort to give the FBI immediate access to all backups. Unfortunately, the last backup occurred weeks before the event, and the password reset foreclosed the possibility of retrieving another backup following the incident. Secondly, it’s been reported that San Bernardino County had indeed purchased EMM software, but had not yet installed it on the iPhone 5C used by Farook.
EMM software has the ability to encrypt data and communication on any mobile device, but it also has the ability to access or restrict data on corporate-owned or bring-your-own device (BYOD) assets. Other features include GPS tracking, app restrictions, app inventory, password reset, selective wipe, VPN settings and camera disabling, just to name a few. If the county had installed the EMM software it supposedly owned, administrators would have been able to unlock the phone and provide access to the necessary data that the FBI is requesting without any Apple involvement.
If you are using EMM software, there are three important steps to take to ensure you are maximizing its capabilities and steering clear of any similar Apple vs. FBI type of incident:
- Make sure your IT team has installed it on ALL devices, including company-owned and BYOD devices.
- Develop and implement an approved Mobile Device Usage Policy (MDUP) that addresses your privacy policy surrounding use of all devices enrolled in your program.
- Set up the policies within the EMM platform properly, closely matching them to your MDUP.
If you don’t have EMM and your employees are accessing company data, email, files and more on their mobile devices, you could be asking for trouble and putting your company at risk. Please contact us with any questions or for assistance implement enterprise mobility in your organization.
Phil Poje | CEO, TechOrchard
A serial entrepreneur with more than 30 years of executive leadership and ownership experience, Phil has a unique understanding of the challenges that exist within the rapidly growing technology sector. Contact him directly at phil@techorchard.com to discuss innovative ways for overcoming those challenges and propelling your organization to new levels of success.
