Here’s a scary story. According to a story reported on iPhone Atlas, a refurbished iPhone may still contain personal user data. It refers to a refurb iPhone, purchased from Apple and fresh out of the box that contained old e-mails from the previous user.
Apparently the “Reset” command found on the iPhone (Settings->General->Reset) and then choosing any of the 5 reset options, doesn’t really wipe off all the data. It is still there on the iPhone. The restore function in iTunes doesn’t do the trick either.
This is not such a surprising finding, according to much of the discussion surrounding this report. Old computers, crashed hard disks, even old ordinary mobile phone retain their data. There are only a couple ways to get rid of the old data – use a program that resets all the data to 0’s, or completely destroy the hard disk, memory or computer/iPhone.
That Apple would allow iPhones out the door that could compromise the personal data of the previous owner, ones who had to exchange their iPhone for another or simply return it, is disappointing. It could especially be a problem in the near future, as thousands of current iPhone users swap their phones for the anticipated new 3G model.
Let’s hope that the next version of iPhone software, called version 2.0, will allow the user to completely erase data and reset the phone.
After all, isn’t iPhone 2.0 supposed to make the iPhone more enterprise friendly? So as to allow Apple to compete more effectively against the likes of RIM BlackBerry n the corporate market? This won’t be the case if enterprises are going to have to worry about data on obsolete iPhones making its way into unwanted hands because Apple doesn’t offer an effective way to completely remove personal or corporate information.
Apple’s enterprise and security strategy for the iPhone, includes, among other things, adding support for Microsoft Exchange. This will enable the iPhone to support push mob-e-mail, calendaring, and contacts, as well as global address lists and remote wipe.
The last one is supposed to allay security concerns by allowing IT to remotely erase all data on a misplaced or stolen iPhone, so corporate secrets don’t get into the wrong hands. Let’s hope it does this at the level needed to make all this personal and enterprise information completely unreadable.
Additional security feature will come to the iPhone in the form of support for the Cisco IPsec VPN, two factor authentication and enterprise-class Wi-Fi through support of the WPA2/802.1x standard.
This article was first published on SmartPhoneToday.com.