Corporate Security, Nexus 6, And Some Random Non-Beer Thoughts

I connected my Nexus 6 to my corporate account. I need my calendar, and sometimes email. Naturally, we've got security policies, but Lollipop being what it is, the Nexus 6 hits the requirements out of the gate. Things are going fine for maybe a week, and suddenly Monday morning I've got an alert telling me a need a security update. I read the alert. Alert says I need to encrypt my phone. Don't you know what kind of phone this is, you dumbass alert? Without rooting this phone does not come in an unencrypted flavor.

I gave the alert the benefit of the doubt, and clicked the "encrypt phone" button, but of course nothing really happened because this phone is encrypted. After doing a little research I found some issues with similar descriptions with a resolution of factory reset. Well, since Lollipop provides a really cool backup/restoration feature I only had maybe 20 minutes to lose by doing a reset, so I went for it. Restore, done, Exchange account configured again, things are going fine...for about an hour...and suddenly our security alert is back requesting to encrypt my phone. I poked around for a while, removed the Exchange account, recreated the Exchange account, repeat a few times, and no joy. The network doesn't seem to recognize the encryption. 

A while later, after calling the helpdesk to see if they knew anything, I gave in and did another factory reset. Same as before except that after a few delete/recreate the Exchange account cycles I suddenly got a different message. Instead of claiming I had to encrypt an encrypted phone the message stated that I had to enable "PIN required to start the phone." I followed the steps there to (re)enable the "PIN required to start the phone" setting, realizing that this was the initial setting, but apparently something shut it off. I entered a new PIN, and got one more interesting bit of information. As a quick aside, I use a tool called PasswordBox to track some of my personal passwords. If you're unfamiliar with it, it has a feature allowing auto-login to websites and, when used on a phone, apps. Anyway, the interesting bit of information - an alert telling me that by requiring "PIN required to start the phone" some features like PasswordBox auto-login may not be available. 

At this point I'm just guessing, but there is a very strong indication that enabling PasswordBox auto-login may very well turn off the "PIN required to start the phone" feature. This didn't happen on my G2, and it took about a week to manifest on my Nexus 6 which leads me to believe there may be something else in the mix around this ussue, but there it is. Encryption and a PIN are not quite sufficient to comply with my corporate security, and some aps under the right conditions can shut off the PIN being required to start the phone.  

Popular posts from this blog

Fieldsheer Adventure Tour Jacket (Hi-Viz)

Plex and Cutting the Cord

Rebuilding Collections