On the Device Security page of the web-based administration tool, you can see security states of devices that have accessed the Lotus Notes Traveler server.
You can manage the device security from this page. Double-click a device name to show the detail information of the device.
You can disable selected devices for accessing the Lotus Notes Traveler server.
Select one or some devices and click Deny Access
. The access is revoked immediately and the device cannot access the server.
The data which had been synchronized before access was denied remains in mobile devices.
You can use this function to stop access from devices temporarily. For example, when a user takes a temporary leave from a job or a user lost the device. However, if you want to wipe off the data on a device, you should not deny access but instead use the Wipe Device action. Especially for Apple devices, do not
issue a deny access action if the intent is to issue a Wipe Device action. We describe this point further in the next section.
If a user loses their device or it is stolen, wiping the data off the device is a more secure action than just denying access to the device.
You can choose to wipe off all data on a device, only Lotus Notes Traveler Application and data, or data on a storage card.
If you select Hard Reset
, the device is restored to the factory default settings.
If you select Lotus Traveler application and data
, all mail, calendar and contact data that has been synchronized with Lotus Notes Traveler will be removed. Applications and profiles remain but the device will no longer be able to connect to the Lotus Traveler server to synchronize any data until the Lotus Traveler administrator removes the wipe order. If you use an Apple device and have multiple profiles for other account types, data in profiles which are not for Lotus Notes Traveler remains.
When you select Storage Card
, all data on the storage card is removed regardless of what owns it. This option is not provided for Apple devices and only applies to devices that use storage cards.
After the wipe, whichever option you select, the device cannot access the Lotus Notes Traveler server until an Administrator gives the access again.
Consider the following about remote wiping:
- Apple remote wipe:
Apple devices support only the Hard Reset Device and Lotus Traveler Application and Data options and do not use SMS for remote wipe. For Apple devices, the Lotus Traveler Application and Data option occurs during a synchronization. As a result, the device must be able to connect with the server for the data removal to occur. The mail server must be accessible and the ACL must still be correct for the sync that is erasing all the data to work. The Lotus Traveler Application and Data option will remove all data and erase all calendar and contact information. In addition, all mail folders (and their contents) will be erased, except for the Inbox which is left with a message stating that the device has been wiped and provides instructions on how to remove the account. The Lotus Notes Traveler account is not deleted or modified in any way, but if the device tries to synchronize, it will get an access denied response.
- Nokia remote wipe:
For certain Nokia devices, this feature requires installation of a Nokia security enablement library. You can obtain the library from Nokia IBM Lotus Notes Traveler site
Nokia N-Series devices support only the Lotus Traveler Application and Data option. Only supported options display for the selected device.
- Windows™ Mobile remote wipe:
Certain older Windows Mobile devices running Windows Mobile version 5 without the Microsoft™ Messaging and Security Feature Pack upgrade do not hard reset when they receive the reset command from the Lotus Notes Traveler server. Instead, these devices reboot. If this happens, then the Lotus Notes Traveler client detects that the hard reset command failed and executes a wipe of the Lotus Notes Traveler application and data.
For more detail, see the following links:
The wipe occurs when the device is connected to the Lotus Notes Traveler server. When the device is not connected but an SMS address is registered with the server, an SMS message is sent to tell the device to wipe the data. This SMS message is sent through the cellular network, therefore, if the device is on and connected to a cellular network, the wipe command can run.
Because the Apple devices cannot use SMS message, the Apple devices must be connected to the Lotus Notes Traveler server to receive the wipe command. You must not deny access from Apple devices or from an user who own the device before running the wipe command.
Clear Wipe/Allow Access
If you want to cancel the wipe command or allow access for the device which is prohibited from connecting to the Lotus Notes Traveler server, select the devices and push Clear Wipe/Allow Access
. This action runs immediately.
When Require approval for device access
is enabled on the Device Settings page, you can change approval status by using the Change Approval
Update SMS Address
As describe in the "Wipe Device" section, Lotus Notes Traveler can use the SMS message to wipe data. To use this function, the SMS mail address must be registered with the Lotus Notes Traveler server. You can register and update SMS address by selecting the device and pushing Update SMS Address