BlackBerry Forums Support Community               

Closed Thread
 
LinkBack Thread Tools
Old 08-05-2008, 04:38 PM   #1 (permalink)
New Member
 
Join Date: Jul 2008
Location: Buffalo NY
Model: 9630
OS: 5.0.0.591
PIN: N/A
Carrier: Verizon Wireless
Posts: 12
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default Best Practices for Lost Devices

Please Login to Remove!

Hi Everyone,
I am new to the BB community as a BPS admin. I was wondering if anyone can suggest their approach to best practices when an end user loses their phone? I have noticed lock device and erase handheld, but what happens if the phone is off? How long are those commands sent to the device? Do you get any sort of confirmation in BPS that the phone was sucessfully locked and or erased? More importantly, what if the end user is DEMANDING a new phone? So you erase them from the server and re-add them as a new user. Will those erase and lock commands still make it to the old device? Or once you delete the user are those commands send to the device gone as well?

Any help on what i should do in case this happens and what you have found works the best would be greatly appreciated.

Thanks.
Offline  
Old 08-05-2008, 09:06 PM   #2 (permalink)
Thumbs Must Hurt
 
BB1877's Avatar
 
Join Date: Feb 2005
Location: oHIo
Model: 9930
Carrier: Verizon
Posts: 163
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

My policy is when telecom or the Help Desk is notified that we attempt to issue the "Lock Handheld and Set Owner Information" command. We set a standard password and give it to the user should they find their device. We also set the owner information as "DEVICE REPORTED STOLEN, PLEASE RETURN, CALL 877-XXXXXXXXX".

You can tell on the BES if the unit is still receiving mail, chances are good the command will go through. If mail is queued, then you're not going to hit it. If the device is available, the command hits quickly. What's frustrating is when the user tries to "do the right thing" and reports their device stolen to the wireless company...then they shut down the line and you have no opportunity to get the lock command to the device.

I don't do the erase device...I figure if the thief tries the password too many times it will erase on it's own.

So then if the user wants a new device, good point...I don't typically remove the user account, I just re-trigger it for Enterprise Activation. If you erase/readd the user, all their OTA saved items and state database will be lost. If you just do a new EA on the new device, it IS possible that if you issued the Erase or Lock command and it didn't arrive on the old handset that it will arrive on the new one. I've had that happen which is why I only issue it if the lost handset is still talking to the BES.
__________________
BES 2.2.3.11 5/19/04 until 8/31/10 RETIRED
BES 4.1.6.55/Domino 6.5.4 FP2 580 users RETIRED
BES 5.0.1/Domino 8.5.1 223 users RETIRED
Offline  
Old 08-05-2008, 09:23 PM   #3 (permalink)
BBF Moderator
 
John Clark's Avatar
 
Join Date: Jun 2005
Model: Z30
OS: 10.2.1.x
PIN: s & needles
Carrier: AT&T
Posts: 34,667
Post Thanks: 1
Thanked 84 Times in 65 Posts
Default

Good advice!
Offline  
Old 08-06-2008, 08:16 AM   #4 (permalink)
BlackBerry Extraordinaire
 
Frank Castle's Avatar
 
Join Date: Jul 2005
Location: MA
Model: 9930
PIN: PM Me!
Carrier: VZW
Posts: 1,073
Post Thanks: 0
Thanked 4 Times in 3 Posts
Default

I believe when you issue the kill command it's handed off to the NOC and assigned to the device PIN so whenever it comes back online it will erase. Now if the carrier plan is killed I'm not sure it will still complete but it should as it's the same PIN.
Offline  
Old 08-06-2008, 11:12 AM   #5 (permalink)
Thumbs Must Hurt
 
Join Date: Apr 2007
Model: 9700
Carrier: AT&T
Posts: 155
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by BB1877 View Post
My policy is when telecom or the Help Desk is notified that we attempt to issue the "Lock Handheld and Set Owner Information" command. We set a standard password and give it to the user should they find their device. We also set the owner information as "DEVICE REPORTED STOLEN, PLEASE RETURN, CALL 877-XXXXXXXXX".

You can tell on the BES if the unit is still receiving mail, chances are good the command will go through. If mail is queued, then you're not going to hit it. If the device is available, the command hits quickly. What's frustrating is when the user tries to "do the right thing" and reports their device stolen to the wireless company...then they shut down the line and you have no opportunity to get the lock command to the device.

I don't do the erase device...I figure if the thief tries the password too many times it will erase on it's own.

So then if the user wants a new device, good point...I don't typically remove the user account, I just re-trigger it for Enterprise Activation. If you erase/readd the user, all their OTA saved items and state database will be lost. If you just do a new EA on the new device, it IS possible that if you issued the Erase or Lock command and it didn't arrive on the old handset that it will arrive on the new one. I've had that happen which is why I only issue it if the lost handset is still talking to the BES.
All good points. We lock and set password until we confirm its truly lost or stolen. Then try to wipe if its still turned on.

As he said if the lock or wipe never actually hits the device and you don't delete their BES account, after activating a new device it will push the lock or wipe command to their new device.

I'm still trying to convince my company to use passwords. So every time a device is lost or stolen and everyone freaks, I say you know if we had passwords this wouldn't be a big deal.
Offline  
Old 08-06-2008, 06:49 PM   #6 (permalink)
New Member
 
Join Date: Jul 2008
Location: Buffalo NY
Model: 9630
OS: 5.0.0.591
PIN: N/A
Carrier: Verizon Wireless
Posts: 12
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Awesome ideas. I thank you all for your feedback, especially so quickly. I couldn't agree more with Icontech, getting passwords implemented on the devices is gonna be tough. People in my org do not like change. You should have seen the chaos it caused when we auto locked pc's after 10 minutes of no activity.

Thanks again!
Offline  
Old 08-06-2008, 06:52 PM   #7 (permalink)
BBF Moderator
 
John Clark's Avatar
 
Join Date: Jun 2005
Model: Z30
OS: 10.2.1.x
PIN: s & needles
Carrier: AT&T
Posts: 34,667
Post Thanks: 1
Thanked 84 Times in 65 Posts
Default

Wirelessly posted (BB 11020)

I like the idea of pushing the password when reported lost. That's a great idea and causes no inconvenience to the user.
Offline  
Old 08-06-2008, 08:10 PM   #8 (permalink)
New Member
 
Join Date: Jun 2007
Model: 8310
PIN: 245F43DE
Carrier: ATT
Posts: 2
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

I have several different situations, one if the employee leaves (is terminated voluntarily), one of the employee is terminated involuntarily, and one if the device is lost/stolen.

the locking/setting owner information works well for me as like aforementioned, it has no adverse effect on the user.

I also use IT policies in addition - i have a "disable" IT policy that locks down the device and breaks all communication between the device and the exchange server. That way i can keep the user on the server and be able to watch the "last contact time" field.
Offline  
Old 08-15-2008, 06:08 PM   #9 (permalink)
New Member
 
Crimesy's Avatar
 
Join Date: Dec 2006
Location: In a house
Model: 8800
Carrier: 02
Posts: 9
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

One other thing to consider is getting the carrier to block the sim card, the device can be nuked remotely but it leaves the sim untouched. As most people never get round to changing their PIN code or they change it to something obvious, it's would be fairly easy to drop the sim into another mobile phone and build up a huge phone bill.

From an admin point of view it's always useful to have a stock of blank sim cards (most carriers will supply these free of charge) and a couple of hot-spare devices. If a device is lost it's a fairly easy task to get the carrier to port the phone number to one of these blank sims and then activate the hot spare.
__________________
"...There's nothing here for me and you, we're just sitting here with nothing to do..."

Ohne deine hilfe verliere ich mich in diesem ort!
Offline  
Old 08-15-2008, 06:25 PM   #10 (permalink)
New Member
 
Join Date: Jul 2008
Location: Buffalo NY
Model: 9630
OS: 5.0.0.591
PIN: N/A
Carrier: Verizon Wireless
Posts: 12
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by Crimesy View Post
One other thing to consider is getting the carrier to block the sim card, the device can be nuked remotely but it leaves the sim untouched. As most people never get round to changing their PIN code or they change it to something obvious, it's would be fairly easy to drop the sim into another mobile phone and build up a huge phone bill.

From an admin point of view it's always useful to have a stock of blank sim cards (most carriers will supply these free of charge) and a couple of hot-spare devices. If a device is lost it's a fairly easy task to get the carrier to port the phone number to one of these blank sims and then activate the hot spare.
That is of course your carrier uses sim cards. VZW here (current carrier) does not use sim technology. But a great point none the less for those carriers such as AT&T Tmobile etc.
Offline  
Old 09-23-2008, 12:08 PM   #11 (permalink)
New Member
 
Join Date: Sep 2008
Model: 8830
PIN: N/A
Carrier: Verizon
Posts: 1
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by jletendre View Post
I believe when you issue the kill command it's handed off to the NOC and assigned to the device PIN so whenever it comes back online it will erase. Now if the carrier plan is killed I'm not sure it will still complete but it should as it's the same PIN.
Can anyone confirm this? I'd like to leave the kill command in place in case the lost device is ever powered up again. The user, of course, is most interested in getting a new device and getting activated. According to the documentation, however, if the user is deleted before the kill command is actually received on the device, the kill command will be purged from the queue. I'd feel better if I knew the kill command was queued at the NOC.
Offline  
Old 09-30-2008, 06:51 AM   #12 (permalink)
New Member
 
Join Date: Sep 2008
Model: 8310
PIN: N/A
Carrier: Vodafone
Posts: 3
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

There is a new service from Blue CRM which allows you to track, locate, retrieve or disable Blackberry's, including wiping all the data on the device. This works with our without the original SIM. BES is not required. It can identify a new mobile number and the battery level to ensure the appropriate action is taken quickly. If you want to know more, email me, as currently this is currently only available to corporate businesses. This works with all GPS enabled Blackberry devices, mobile phones, PDA's and laptops.
Offline  
Closed Thread


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On





Copyright 2004-2014 BlackBerryForums.com.
The names RIM and BlackBerry are registered Trademarks of BlackBerry Inc.