Go to Top

An Executive Resigns: Misconduct Suspected, Employer Cannot Access Evidence on His Mobile Phone

“Sorry…You Are Locked Out of Your Own Data”

iStock_000021873834_SmallWell, it happened again today.  We had to call a client and advise them that it will be nearly impossible, or at least very expensive to perform a forensic exam of one of their smart phones after the user of the phone, a key executive suspected of misconduct, abruptly resigned.  Why?  Because the device, a newer Apple iPhone, was password protected and accessing the data is almost impossible.  (Just ask the FBI).  Yes, it is true, that really nothing is “impossible”, but the time and expense of cracking one of these phones is often not worth it.

MDM to the Rescue
A smart solution to this problem is Mobile Device Management (MDM) software.  MDM is a business software package that provides companies with centralized management of mobile devices used by employees in the workplace.  Although it is most often used for company-issued devices, it can also be applied to employee owned phones.  The phones are “enrolled” in the MDM program, and the software provides security, password management, and even wipes the phone’s data if the device is lost or stolen.  Employees can be incentivized to enroll their devices by employers that offer to pay for a portion of the employee’s monthly phone bill as a part of an overall BYOD policy.  MDM systems also offer phone “partitioning” so that employees can segregate their own personal data on the phone to satisfy their privacy concerns.

trade_secret_tPassword Management is Key
MDM’s two greatest benefits are security and data control.  IT managers can distribute security features to phones managed on an MDM enterprise, providing good protection to confidential company data that is so often stored on or accessed by these devices.  And finally, centralized password management means companies can get access to data on the devices during internal investigations, when facing litigation holds, or to comply with regulatory rules.

A Failed Investigation
Now back to that departing executive. He is working for a direct competitor and stealing business from his former employer, almost certainly using their trade secrets to do so. His former employer believes his company-issued mobile phone’s text message strings would prove their case.  Unfortunately, they may never know.

, , , , , , ,

About Jeff Hartman

Jeff is a 30 year veteran of the corporate security, computer forensics, and eDiscovery community and a co-founder and partner at 4Discovery. 4Discovery is a leading provider of computer incident response and computer forensics services to attorneys, corporate security executives, and the information protection community.