Once again I find myself looking at Zimbra for a client, and this one seems pretty keen. They're particularly interested in the security features on mobile devices, as they've run into trouble with lost devices before. Is there anyone from Zimbra who can comment on the following questions?
So I understand that the policies set on the server can allow you to 'remote wipe' a device given a certain number of incorrect passwords.
- The passcode entered on the mobile brower - is this different from the password required to enter the normal webmail?
- When a remote wipe occurs, what actually gets wiped? This is after all just a mobile web browser ... so it just clears out the browser cache or what?
- If that's the case, then does that mean the Zimbra mails, files, contacts etc are sitting around in the mobile device cache unencrypted? If so then it would be relatively easy to view them before a remote wipe occured, if you have physical access to the phone.
Just trying to sort this information out in my head, so I can correctly inform the client. Any answers are appreciated. I have found other threads with similar questions, but the last one was two years old and no really persuasive answers were forthcoming even then.