Phone Encryption & Rooting & Titanium Backup

[aalb1]

My work just sent out a memo saying that all smartphones using corporate email will need to be encrypted and password protected. I

Here is the specs:

The ‘Mobile Device Usage Agreement’ lists the profile settings that will be enforced. They consist of the following:

1. Password lock screen upon boot and idle timeout - (I already do this)
2. Storage must be encrypted on device.
3. Additional security settings may be applied to devices that will not alter/restrict its functionality but secure it against unlawful activity.
4. Admins would have the ability to wipe the device and reset it to original default settings in the event of device loss or other security incident.

So what do you think this means for rooting and taking backups with Titanium Backup? Does Titanium take snapshots of encrypted items?

 

[1coopgt]

Is said phone supplied by work I hope ?

 

[aalb1]

Nope... This is my personal phone. I found out I can't really do Nandroid backups (Please Confirm) through SafeStrap. If I cannot keep it rooted & use Titanium Backup, it is not worth it to me to use corporate email. I will just bear the inconvenience of using webmail.

Any other replies are appreciated.

 

[_skibum]

#2 won't cause you any problems as long as you do not plan on swapping your SD card to another phone to read the data, or have to replace your phone. The key to decrypt the data is stored in part of the phone. You can still use a USB cable to backup or transfer the files to your PC in decrypted form. I use it. No problems here.

#3 I'm not sure about, but I looked at the permissions that the corporate exchange app has on my phone, and the only thing that I can see that even comes close to the description is "control near field communications". I presume that " secure it against unlawful activity" means preventing others from doing something unlawful, and not preventing you from doing so... :blink:

#4 just allows the exchange server to issue a "self destruct" command that wipes the data off of the phone if you report to them that it was lost or stolen. You can also do it yourself by logging into webmail and going into options, and then selecting "moblie". There is a link to allow you to initiate the data wipe.

I've had company email on my phone for a year, and I wouldn't do without it. I get to spend much more time at my boat... er, home office... since I can stay on top of things all the time. And JB seems to have fixed the sync issues, but still lacks the ability to actually change to the Sans Serif font in an email. Both Serif, and Sans Serif get sent out with serifs even though the font you see while you are typing the message does change.

 

[1coopgt]

There is no way I would let my work place have that much control over my personal phone . If they want me to respond to e-mail and what not they can supply me with a phone . I use to sync my phone with my schedule in Outlook at work but I don't even do that anymore . They wanted to put an app on our personal phones that would do what you work is implementing but no thanks I don't need to be that connected . I can respond from my computer in my office .

 

[tech_head]

Don't encrypt the phone.
Pay the $19 for a Touchdown license.
It is an enterprise mail client that plays in it's own encrypted sandbox.
The self destruct and all the policies are intercepted and enforced by the application.

Been there, done that.