My company will be requiring Airwatch to be installed on any mobile device that accesses company email, on the 15th of this month. There is only a little information on XDA related to this, most of it being >7 months old & not very informative; however I've learned the following:
-AW can detect root
-AW allows the admin to encrypt device & SD storage, track the device via GPS, & view installed apps
-I suspect, but don't know for sure, they can also perform a full wipe - should the device security be compromised.
What I'd like to know is if any XDA users are familiar with this app/IT security measure. Is there a way to bypass root detection, or have a source in IT create a custom profile, on the server end, that would not flag my device?
I own my SGS3, & pay for my service, as my company initiated a BYOD policy a few months ago. Now they say I have to install this if I want to continue to access my email, calendar, contacts, etc. The choice is mine, but I'd prefer to have my cake & eat it to, if possible.
So, I'm putting it to the brilliant collective minds, thoughts, experience, & expertise of the XDA community! Any thoughts, accounts of direct experience (admin or end-user), solutions, suggestions - anything would be appreciated.
Thanks!
Samsung Galaxy S3
OdexedBlue ROM
Trinity Kernel
XDA Premium - Support our developers!
Bump....
Samsung Galaxy S3
OdexedBlue ROM
LI3 Stock Kernel
LIF Baseband
XDA Premium - Support our developers, modders, & themers!
Bump... Still nothing! What a bummer!
Samsung Galaxy S3
OdexedBlue ROM
LI3 Stock Kernel
LIF Baseband
XDA Premium - Support our developers, modders, & themers!
Honestly I wouldn't want to give my company access to my personal phone like that... You never know what they can look at that they aren't telling you. Plus tracking the GPS, that's pretty much the same as getting the ankle monitor when you on house arrest. Total invasion of privacy.
I'd pay the $20 for another line on my family share plan And use that for a business phone. That way unless I'm at work or do a on call shift I can turn the phone off and not have to worry abut being tracked.
Sent from Pluto.
Do you really need email access on your phone that badly? Seems like you are giving up a lot...
Sent from my SPH-L710 using xda premium
Well they used to pay for my old blackberry, then initiated the BYOD for everyone. I get approximately 250 emails per day, have all off my contacts on outlook (I had backed up my BlackBerry contacts that way), and I typically have my days packed with one meeting after the other. So, being able to use my phone, instead of carrying around my laptop, to access emails, contacts, & my calendar is extremely useful and convenient.
I'd read on a thread for a similar security product that you can have a custom profile built that will disable the check for root functionality on that. That's why I began looking for possible solutions for Airwatch by posting this thread.
Bottom line though, I will not install it if there's not a work around, or solution of some kind.
Samsung Galaxy S3
OdexedBlue ROM
LI3 Stock Kernel
LIF Baseband
XDA Premium - Support our developers, modders, & themers!
Your place of employment sucks... that's like saying "hey if you want to use your phone for work, well then we own it but you will pay for it."
I mean I get why they have the safeguards in place, just a sucky situation.
I'd still go with my idea, get another line galaxy note 2 would be perfect.
Sent from Pluto.
atm there is no way u can bypass the root check from AW.
but u can disable AW frm "Device Administrator" @ Security when u are off from work.
And install it back when you are back to office.
(click the enrollment link from your email to activate AW)
I actually work for Airwatch, If you own your phone and the company didnt supply it it doesnt matter if your phone is rooted or has a custom rom. its YOUR phone. Yea every week on the AW client it'll report compromised device but its your phone so your company cant say anything to you unless they provide you a phone.
just turn turn off a lot of access and tracking stuff with in the AW app as well
The other thing would be, perhaps a 3G tablet? Unless you absolutely need to make phone calls, that way you can check e-mails and all that jazz, and turn off GPS. Just my two cents. Either way, good luck!
Airwatch user here, member of work IT, with an iPhone, iPad, and Fascinate. Mine reports as compromised devices, and I already told them to wipe my device if it's really out of compliance and they have a problem with it. So far, jail broke and root happy still
My employer is cancelling the BES server (and devices) and switching to a BYOD policy, including Airwatch. The i* device users are ready to be assimilated, but right now there challenges getting the agent on the Droids.
Our policy is that certain employee positions (including mine) are required to have access to a smartphone for e-mail access and/or on-call, and we are in a right to work state. So that means we either comply or risk losing our job. The employee is responsible for purchasing the phone, service & replacing damaged phones, and can turn in the billing summary page each month for up to $100 reimbursement.
The BB was the only smartphone I've had, and my Droid should arrive today. I can understand they want to secure devices which attach to the internal network but that doesn't make me feel any better about how the product integrates with the devices.
Will the agent install on the Droid if it's rooted? Can they prevent me from resetting the phone to remove the agent? And if I do that, will it just re-install if the device is configured in the Airwatch console?
airwatch on S4 blocking USB Debugging
Guys,
I just received a new company Samsung Galaxy S4 and have Airwatch disabling the USB Debugging option, it's greyed out:crying:. Can't even root it now if I wanted to.
Such a shame, I have now two Galaxy S4s, what a b*&(9it to carry around.
Any ideas would be much appreciated.
Cheers!
Airwatch and other email/calendar client
trmixing said:
I actually work for Airwatch, If you own your phone and the company didnt supply it it doesnt matter if your phone is rooted or has a custom rom. its YOUR phone. Yea every week on the AW client it'll report compromised device but its your phone so your company cant say anything to you unless they provide you a phone.
just turn turn off a lot of access and tracking stuff with in the AW app as well
Click to expand...
Click to collapse
Hi,
recently also my company has adopted airwatch MDM to give us the access to email by phone.
I would like to know if there is a way to use a different email/calendar client instead the Airwatch Inbox client... I would like to have a client that offer the possibility top have a calendar with a widget.
cheers,
Luigi
Any updates on this?
I've tried:
RootCloak - downloaded from playstore, didn't work.
Also tried installing it from xposed, but there's an issue with galaxy phones, almost bricked mine.
There's also a thread someplace talking about editing the scripts of AW, but not all scripts are visible any longer.
Bottom line - doesn't work. Using SM-G925F. Any ideas?
Related
This is not troll baiting or OS Slamming...
Looking for knowledgeable and constructive feedback regarding device security. I'm thinking in terms of an Executive or VP or Network Admin or such loosing the device. a piece of software
1) to do more to control access than a squiggly line
2) to allow for remote GPS tracking and/or device data wiping
3) that is stealthy and/or hard to remove.
I know there are a few "security services" out there but that leads me into "how do i know whose who and who can be trusted in the android segment". I place a great deal of trust in the developer of my ROM. That he/she/they are benevolent and not including by intent or negligence loggers or other malware. then i have a companies like Wave and Norton and Good all angling to get installed on my device. i don't know Wave nor Good and I have no luv for Norton.
The EVO allows for RDC and VNC sessions. It allows for VPN access and has the pwd's to my personal and work email. meebo has me signed into all my chat networks. As a long time Windows person I guess it's just a lil disconcerting when i stop and think on it. this device can easily be configured to hold everything needed to access a secured network. Perhaps this is a reflection on my lack of understanding the system in depth. perhaps i'm not sure how well the opensource community will communicate "problem" apps and developers.
Also, and kinda sorta related. Applications in the marketplace. sometimes you get an application and the types of security access it is asking for seems a bit "off". occasionally in the comments the developer may comment that "i need to access X in order to provide Z". It usually makes sense (whether true or not i cannot say), but is there any nice cross-reference of what types of actions require what access level. or why so many apps need to know the phone state and identity or general location or full network access and what exactly that means to me as the end user. this second paragraph is proving difficult to put to paper..i may come back and edit for clarity.
and lastly, i guess is a question on how to protect from apps like this...
http://www.networkworld.com/news/2010/060210-android-rootkit-is-just-a.html?page=1
http://www.zdnet.com/blog/security/commercial-spying-app-for-android-devices-released/4900
If the app seems fishy don't download it you can allways get lookout from the market it will pull your phone up on the gps and tell you exactly where it is I've tested you can also make it chirp real loud as for them accessing your phone put the pattern lock on in stead most thiefs are not hackers so they probably won't be able to access your phone even if you hard reset you still have to draw the pattern I mean unless they full root the phone and wipe it in petty sure you will be ok hope that helped
Sent from my PC36100 using XDA App
Lookout kinda falls into the same category at Good or Wave. (at least to me thus far). All appear to be fine and yet somehow free products. I'm looking for a corporate solution, not end user solution. a free solution would be swell, so long as trust can be established.
i am looking at this from a corporate IT security perspective. not a young person, a enthusiast nor regular end user. heck, if I could get all of my users to actually know what is meant by "if the app seems fishy don't use it", most of my job would be completed. but to be honest, i'm still trying to get a grasp on that myself in the android world, hence the question about access levels in last paragraph of original post.
the zigzag is nifty and should protect from casual access. Froyo will provide an interface that a secured Exchange server would prefer to have. that will help.
( BTW ... if anyone knows how to make the red line not appear when you mess up the pattern lock...you'd be my personal hero for the day)
its not thieves that I'm worried about...it's my own end users that have to be protected from themselves. if a device was left in a bar or cab and did end up in the wrong hands....data could be sold, deals could be lost, people could be embarrassed, with the type of data that 'can very easily' exist on these devices...network security itself can be compromised. and sadly, i must assume that a good many end users will disable security if they are able to. for the same reason they ***** at automatic screenlocks on their desktop/laptop computers.
would you rather your IT team "hope/pray/expect the device will be picked up by some incompetent/benign/lawabiding citizen" or the opposite?
i choose to prepare for the worst...hope for the best. not the other way around. hence, my questions.
Isn't remote wipe being built into froyo somehow? Thought I read that somewhere.
I have my exchange email set up on my device and it requires me to use a passcode. I cannot disable it.
Sent from my PC36100 using XDA App
As for wiping data remotely wave secure will do that it might be close to what you need or something for the time being hopefully this will help
Sent from my PC36100 using XDA App
This is kinda sorta what I'm lookn for.
http://www.downloadsquad.com/2010/06/28/understanding-the-android-market-security-system/
I'm trying to clean out unnecessary apks in /system/app, but I'd like not to remove the apk that Sprint Family Locator relies on, so if I lose the phone and for some reason Where's My Droid doesn't work (I've had some reliability issues with it), I can sign up for SFL and locate the phone. Which apk does SFL use? My best guess would be MobileTrackerEngineTwo.apk. It has the requisite LOCATION, FINE_LOCATION and WRITE_SECURE_SETTINGS permissions, after all.
Install avast! Mobile security. SFL doesn't work unless you have the device in hand at time of SFL activation to set it up. It asks you to allow permissions to get it to work properly once you activate it, it wasn't designed to be used as covert location like Plan B or Avast! Mobile Security lost/stolen device locator. Not to mention Avast! allows you to lock down, wipe and locate the device via hidden SMS messages, all you do is text a code and password to the device via SMS or an online SMS program and you can enable password security aand lock the device, wipe all data/factory reset it or enable location and GPS and get the cell triangulation or GPS coordinate location of the device in real time
We are legion, for we are many.
Sent from the DarkSide of the GalaXy with a MEK device
The description for Sprint Family Locator in Google Play says:
- No need to install anything on the phones you track.
- You can even sign up and locate a lost or stolen phone AFTER it’s disappeared.
- The ONLY gps locator where your kids don’t need to opt in.
Click to expand...
Click to collapse
Avast does too many security-oriented things for me to want to install it. I don't like installing apps where I don't understand what exactly they do.
Maybe I should just write my own little app to respond to SMS codes, and this way I won't have to worry about installing something I don't understand. Should be pretty easy, especially since it doesn't need any UI, but I can just hardcode all the passwords, since I'd be the only user.
When I activated mine I had to have the phones to actually enable the apk it uses. It asked for the account password used to login to the sprint account online then left the apk running in the background. If its already active but not enabled them I'm sure you can turn it on, but it has to be set up prior to the loss. In some states its illegal to use without the person who uses the phones consent, even if you technically own the phone and pay the bill. If you live in a 2 party state where you have to have consent of the 2nd party to record conversations its illegal to track the device, whether its your child, spouse, employee etc. I think that's why sprint set up family locator the way they did, to cover their ass in a legal situation so they can't be a party to a lawsuit for spying on your employee/spouse. Unless its your adult child its a pretty grey area for a minor child. You could always try setting it up before you lose the phone to see how it works. I've had it set up on my account for almost 3 years so it may have changed, but the law hasn't so i doubt sprint would change the activation method
We are legion, for we are many.
Sent from the DarkSide of the GalaXy with a MEK device
-EViL-KoNCEPTz- said:
When I activated mine I had to have the phones to actually enable the apk it uses.
Click to expand...
Click to collapse
Maybe it's different if the phone is registered to the primary account holder?
In any case, back to the original question. Does anyone know which pre-installed apk Sprint Family Locator is based on?
arpruss said:
Maybe it's different if the phone is registered to the primary account holder?
In any case, back to the original question. Does anyone know which pre-installed apk Sprint Family Locator is based on?
Click to expand...
Click to collapse
I dont remember which apk it is off top of my head and I'm on an aosp rom but ill find it for you in a min, I was just talking to someone the other day about how big of a pain in the ass it is when the apk name is totally different from the installed name
Edit com.locationlabs.finder.sprint is the package name and sfl_debug.apk is either the apk name or an apk its dependent on
We are legion, for we are many.
Sent from the DarkSide of the GalaXy with a MEK device
-EViL-KoNCEPTz- said:
I dont remember which apk it is off top of my head and I'm on an aosp rom but ill find it for you in a min, I was just talking to someone the other day about how big of a pain in the ass it is when the apk name is totally different from the installed name
Edit com.locationlabs.finder.sprint is the package name and sfl_debug.apk is either the apk name or an apk its dependent on
Click to expand...
Click to collapse
There is no sfl_debug.apk there, and I have no com.locationlabs.finder.sprint app installed (at least not at this point). I think that's actually the client that shows locations of family members rather than what does the tracking.
I ended up writing my own locate-my-phone thingy last night and today. For security-related things, it's uncomfortable using closed source apps by other people. I may post the source code if there is any interest. Supports remote lock/unlock/wipe/gps/root-shell-command. All in a 10K apk.
arpruss said:
There is no sfl_debug.apk there, and I have no com.locationlabs.finder.sprint app installed (at least not at this point). I think that's actually the client that shows locations of family members rather than what does the tracking.
I ended up writing my own locate-my-phone thingy last night and today. For security-related things, it's uncomfortable using closed source apps by other people. I may post the source code if there is any interest. Supports remote lock/unlock/wipe/gps/root-shell-command. All in a 10K apk.
Click to expand...
Click to collapse
Sounds interesting. Why not put it up here for us and the other devs to take a look at.
leaderbuilder said:
Sounds interesting. Why not put it up here for us and the other devs to take a look at.
Click to expand...
Click to collapse
Here it is.
Hello All - I have a question of if I can:
1) Root my phone
2) Install custome ROM
3) Unroot phones (and leave custom ROM)
The reason I ask is my company is initiating use of an app (MaaS360) to manage mobile devices that receive company email (currently optional, but soon to be required if I want my company email on my phone). The app will not accepted rooted phones (it checks and then disables Exchange push). I currently use Touchdown as it is compliant with my companies security policies.
Any ideas? I would need to receive my company email, but also want to use custom ROMs and ideally remain rooted. Thanks.
Have your company email forwarded to another email account?
Sent from my SPH-L710 using Tapatalk 2
Get 2nd line for a work phone.
Root access is a essential part of custom roms.
It's like having a Lamborghini but putting a 4 cylinder engine in it. Just doesn't work...
Sent from Pluto.
Actually you can remove superuser and most likely unroot as long as nothing the rom is doing needs root permissions
Sent from my SPH-L710 using Tapatalk 2
---------- Post added at 01:52 AM ---------- Previous post was at 01:52 AM ----------
There's nothing to say you can't
Sent from my SPH-L710 using Tapatalk 2
Thanks for the suggestions. I couple of notes:
1) Forwarding is not a viable option given them I am just duplicating my email, which will increase the challenge of managing it (i.e. need to delete twice, replies will not be threaded, sent mail will not be available in a central location, etc.)
2) 2nd line is not practical for cost reasons, plus then I have another phone (my goal is to increase convergance and limit the number of devices I have)
3) The removing the superuser is an interesting option, but I do not know enough about it and the features of the ROMs to understand the potential impact.
Thanks again and if you have any additional options/ideas, please let me know. Thanks.
Raife1 said:
Hello All - I have a question of if I can:
1) Root my phone
2) Install custome ROM
3) Unroot phones (and leave custom ROM)
The reason I ask is my company is initiating use of an app (MaaS360) to manage mobile devices that receive company email (currently optional, but soon to be required if I want my company email on my phone). The app will not accepted rooted phones (it checks and then disables Exchange push). I currently use Touchdown as it is compliant with my companies security policies.
Any ideas? I would need to receive my company email, but also want to use custom ROMs and ideally remain rooted. Thanks.
Click to expand...
Click to collapse
Yes you can I do it all the time root flash ROM than use super su to unroot with NP and all my apps that don't allow root work perfectly
Sent from my SPH-L710 using xda app-developers app
Please read forum rules before posting
Questions go in Q&A
Thread Moved
Thank you for your cooperation
Friendly Neighborhood Moderator
Use the cm9 multiboot and just switch back and forth. Or look aroimd for the hacked exchange apk with the security **** removed
Raife1 said:
Hello All - I have a question of if I can:
1) Root my phone
2) Install custome ROM
3) Unroot phones (and leave custom ROM)
The reason I ask is my company is initiating use of an app (MaaS360) to manage mobile devices that receive company email (currently optional, but soon to be required if I want my company email on my phone). The app will not accepted rooted phones (it checks and then disables Exchange push). I currently use Touchdown as it is compliant with my companies security policies.
Any ideas? I would need to receive my company email, but also want to use custom ROMs and ideally remain rooted. Thanks.
Click to expand...
Click to collapse
Within the past 2 months I implemented MaaS360 to manage our companies mobile devices. Your IT department will have to manually check the box that says check for rooted/jailbroken devices, otherwise MaaS360 does not care if the device is rooted or not. Half of our corporate Android phones are rooted, and does not cause a problem with MaaS360. If you have buddied up with the guy who will be configuring MaaS360 for your company, you could always ask him to create you a custom profile (its a 2 second process) that doesn't check your device to see if it is rooted or not.
billard412 said:
Use the cm9 multiboot and just switch back and forth. Or look aroimd for the hacked exchange apk with the security **** removed
Click to expand...
Click to collapse
He cannot use the stock exchange apk if his company is implementing MaaS360, the way that MaaS works to sync the exchange profile to Android devices, it requires Touchdown.
Just a quick picture to show you that by default it does not restrict rooted/jailbroken devices (this is from the default compliance policy)
Also a sidenote, your name looks very familiar Raife, do you by chance use Spiceworks?
Khilbron said:
Within the past 2 months I implemented MaaS360 to manage our companies mobile devices. Your IT department will have to manually check the box that says check for rooted/jailbroken devices, otherwise MaaS360 does not care if the device is rooted or not. Half of our corporate Android phones are rooted, and does not cause a problem with MaaS360. If you have buddied up with the guy who will be configuring MaaS360 for your company, you could always ask him to create you a custom profile (its a 2 second process) that doesn't check your device to see if it is rooted or not.
He cannot use the stock exchange apk if his company is implementing MaaS360, the way that MaaS works to sync the exchange profile to Android devices, it requires Touchdown.
Just a quick picture to show you that by default it does not restrict rooted/jailbroken devices (this is from the default compliance policy)
Also a sidenote, your name looks very familiar Raife, do you by chance use Spiceworks?
Click to expand...
Click to collapse
Sorry- no spriceworks fpor me.
It sounds like I have 2 viable options:
1) Unroot and go stock (not happy about that option)
2) find a corporate IT buddy to create me a custom profile
As a curiosity, why would a firm choose to prevent rooted phones (also jailbroke iDevices)? I followed up and it is stated in the FAQ on the deployment that it doesn't work on rooted and jailbroke devices.
Thanks for everyone's reply's so far.
I would say go back to complete stock and unroot and then wait for the jb update coming out soon
Sent from my SPH-L710 using xda app-developers app
You can use SuperSu and uncheck the box that enables it. And if you need to do something requiring root access go ahead and check it
nicholaaaas said:
You can use SuperSu and uncheck the box that enables it. And if you need to do something requiring root access go ahead and check it
Click to expand...
Click to collapse
Well the temp unroot seems like a viable option. The only thing I am really using the root for now is wi-fi tether (I only use tether when travel - maybe once or twice a month)
Khilbron - whould the following scenario work with MaaS360:
Root phone
Install custom ROM (or leave stock)
Select Temp Unroot in Super User for daily use
When I need to Wi-fi tether, unselect Unroot, use tether
When done with tether, re-select Temp Unroot
Again the big thing I want is to receive my corporate email (and I do use Touchdown)
"RootCloak" part of the xposed framework will allow you to hide root from your selective aps. There are other aps on the Appstore but this is the only one that worked with Maas360
Anyone have any experience with encryption on the One? My work email is requiring it and I've heard bad things about speed and battery life on other phones.
ewong90 said:
Anyone have any experience with encryption on the One? My work email is requiring it and I've heard bad things about speed and battery life on other phones.
Click to expand...
Click to collapse
I'm a network admin at my work, and I setup our Exchange policy, also requiring encryption on mobile devices. I added my work email to my personal One, and the encryption process took around 30 minutes (rough guess). Only had the phone a few days before I did this, but I haven't really noticed any performance of battery difference. I think this was a problem on older devices, but I've never used encryption previously on my personal devices, so I can't speak for anything else for sure. But, this phone is a beast, no issues for me.
I ran a AnTuTu Benchmark test on the stock ROM (I'm not unlocked ), with the result: 26044.
Attached some photos, 1 of the benchmark, 2 showing proof on the Exchange policy and encryption.
Edit: It wouldn't let my upload more than one image, not sure what's going on...
I have the other pictures saved with same date and time, maybe I can upload them in a few mins.
There exists an app that sandboxes exchange so you can enable all their nonsense but it does not actually touch anything. I do not remember what it is called sadly.
Putting your work exchange email on your personal phone is a dumb move. As soon as you do this you no longer "own" your phone, your employer does. They can fully wipe your phone at any time. People need to stop allowing this practice entirely. If your work requires you to have exchange email on a mobile device, make them provide it. Stop using YOUR device, and footing the bill, for a tool and service that THEY should provide. It's amazing how you get to pay for it, but they want complete control.
Sent from my HTC One using xda app-developers app
c5satellite2 said:
Putting your work exchange email on your personal phone is a dumb move. As soon as you do this you no longer "own" your phone, your employer does. They can fully wipe your phone at any time. People need to stop allowing this practice entirely. If your work requires you to have exchange email on a mobile device, make them provide it. Stop using YOUR device, and footing the bill, for a tool and service that THEY should provide. It's amazing how you get to pay for it, but they want complete control.
Sent from my HTC One using xda app-developers app
Click to expand...
Click to collapse
for some people its a personal choice for convenience.
For others, their employer pays their cellphone bill while allowing the employee to choose the device. My wife's work is like that, but they don't seem to require even a secure lockscreen.
Put me on the "Personal Choice" list. I have been running exchange on my devices for years for my corporate email. No encryption forced but the security does require a pass-code. The other option would be to carry 2-3 devices...not my cup of tea.
I highly recommend Moxier Mail. My company requires that my entire phone is encrypted and this program was a good way to circumvent this. They have no way to tell that you are using the program. It is a bit pricey, but to fully encrypt a phone can take up to 16 hours depending on what you have.
nrfitchett4 said:
for some people its a personal choice for convenience.
For others, their employer pays their cellphone bill while allowing the employee to choose the device. My wife's work is like that, but they don't seem to require even a secure lockscreen.
Click to expand...
Click to collapse
Just giving a heads up. Few people are aware that your entire phone can be wiped once you do this.
Sent from my HTC One using xda app-developers app
Like I said, I'm a network administrator at my work, and I created our Exchange policy, requiring a PIN and encryption. Exchange also has the option to control certain available features on the mobile device, such as the camera, or wifi, as well as preventing unsigned apps on the device. Like others have said, there is also the ability to remotely wipe the device from the Exchange server, or just remove the active sync account from the device.
I agree mostly with the above statements. I do not have a company supplied mobile phone, and don't really need one, but I did choose to have my work email setup on my phone for convenience, and for calendar entries. We do allow staff to add their work email to their own personal device, and that is why these type of options are available, so the company has a better control on the security and privacy of their digital property. I do not feel in any way that because I choose to add my work email to my own personal phone, that it is now company property, and I can remove my account at any time. I do agree, if the company requires you to have your work email on your mobile device, they company should at the very least pay the mobile bill, if not supply the device to begin with.
As far as the encryption, my HTC One took around 30 minutes to encrypt, and I have not seen any performance difference.
Attached are a few shots of the policy properties screen.
Edit: Another shot of the remote wipe screen.
Another thing to note, remote wipe is not necessarily a bad thing. I take some security in knowing I can wipe my device instantly should it go missing. Our setup has the option in the Outlook web interface so end-users can manage the device.
The longest encryption I ever did was an hour. 16 seems way too much but I guess it would depend on the phone and what was on the storage at the time.
calash said:
Another thing to note, remote wipe is not necessarily a bad thing. I take some security in knowing I can wipe my device instantly should it go missing. Our setup has the option in the Outlook web interface so end-users can manage the device.
The longest encryption I ever did was an hour. 16 seems way too much but I guess it would depend on the phone and what was on the storage at the time.
Click to expand...
Click to collapse
+1, forgot to mention users can also remotely wipe their own device in the OWA.
calash said:
Another thing to note, remote wipe is not necessarily a bad thing. I take some security in knowing I can wipe my device instantly should it go missing. Our setup has the option in the Outlook web interface so end-users can manage the device.
The longest encryption I ever did was an hour. 16 seems way too much but I guess it would depend on the phone and what was on the storage at the time.
Click to expand...
Click to collapse
It is a long time but when you have a 32 gig on storage w/ 32 gig sd card filled with vids, pics, and music it will get take a while for it to go.
So I feel like I know my way around rooting and putting custom roms on android devices. I've done it multiple times and love the features doing those two bring to your device. I recently received a GS3 from my employer and this will be my main device for work and personal use. But the company I work for has an application that is installed on every phone with company information on it so that the app can do things like wipe the device remotely if the phone is lost/stolen for obvious security reasons. But this application also restricts side loading apks and root users on the devices as well.
The application is Maas360:
https://play.google.com/store/apps/details?id=com.fiberlink.maas360.android.control.samsung&hl=en
I actually work with the helpdesk of the company, and we have what Maas360 calls 'security policies' that include the settings restrictions for each of the devices with android or iOS... some of the restrictions set in place are like I said with not be able to side load apks, no root users, must have a screen lock with pattern or pin (depending of which security policy is applied), along with other little things.
1.) Is there a way to get the Samsung bloatware off the device by flashing a Stock, non-root custom rom?
2.) Is possible to side load apps with Maas360 installed? The usual setting of 'Allow the installation of non-Google market apps' is grayed out and unchangeable currently...
If there are any other suggestions, those would be great as well. I just want my device to have the flexibility and openness of what a true Android device should have. Thanks
Typically employers put software like that not just for security measures of lost or stolen, but also to prevent their employees from doing exactly what you are wanting to do. As such, you are essentially asking people here to potentially help break your company's policy and bypass security measures they have installed. As far as I am concerned, you are on your own.
Sent from my SAMSUNG-SGH-I747 using xda app-developers app