Gone, but not forgotten: Wiping Android devices doesn’t always work

One of the best tools for making sure a lost or stolen phone doesn’t become a data breach nightmare is to wipe its memory. It also helps make sure that devices you’re done with don’t contain sensitive information. 

But does it really work?

Not necessarily, Cambridge University researchers have found. By taking a close look at the “Factory Reset” feature on Android phones, the researchers found that what’s “wiped” from a device might actually live on long after – which leaves users’ personal and work information at risk.

Examining Android phones

The researchers purchased phones from eBay and other online retailers that ran Android 2.3 to 4.3.  They found the devices didn’t always erase internal storage cards, which led to the recovery of photos and videos.

But they were also able to recover at least a few emails from all of the devices they purchased. Other recovered goodies:

  • text messages
  • Google logins, and
  • chat apps.

Staying safe with BYOD

IT is naturally concerned with how users are using their BYOD mobile devices. But one thing that may slip through the cracks is what happens to that device when users are done with it.

This is where your policies come into play. You should have rules that require users to wipe information for devices before selling them or giving them away, or at the very least notifying IT so that your department can clear work information from it first.

Notifying IT that you’ve gotten a new phone might not be users’ first thought, but if they’re trading in or selling the old device and forget to inform you of it, there’s a good chance you’ll never be able to clear it completely.

Explain to users that you’ll do whatever you can to keep their devices safe. While they may not be wild about bringing a device to you for wiping, chances are they’d be even less thrilled with finding out that the person who bought their phone could be reading their personal emails or seeing those photos they thought were gone forever.

Make Smarter Tech Decisions

Get the latest IT news, trends, and insights - delivered weekly.

Privacy Policy