[Verizon] Encryption - Is there a workaround?

[dazedniteman]

My work recently changed their IT policy and for android devices accessing E-mail and Calendars (which I really, really need) and they have it set up so that they can remotely erase all data, set password rules, monitor screen-unlock attepts, lock the screen, set storage encryption, and set lock-screen password expiration.

The killer is the Set Storage Encryption - this forces me to encrypt ALL my data, preventing me from accessing the contents of storage before the phone boots up -- in other words, I can't access any .zip files saved to my phone which would prevent me from updating my ROMs to the newest versions (currently on AOKP build 3).

Is there any way to "fake" the encryption or to avoid having to encrypt all the data on my phone so that I can continue to have access to my mail and calendar while still being able to easily update my roms and take full advantage of my rooted phone?

 

[GandalfTehGray]

Possibly by ADB? I'm not an expert on that area though.

 

[dazedniteman]

Possibly by ADB? I'm not an expert on that area though.

Thanks. I am not an expert either and wouldn't know where to start. While I wait for others to answer I will start researching what ADB is capable of and hoping I can stumble upon something.

 

[jhawkkw]

I would think using adb to push files while in recovery would allow them to bypass the encryption, though I don't know how invasive it is.

Simply boot into recovery (assuming the drivers are installed correctly), mount storage, and use the command "adb push <file name> <destination >".

 

[jmar]

Call me crazy, but how about talking to the IT Dept. and let them know your intentions? I seem to remember other users being open about it and being accommodated. Just a thought.

jmar

 

[dazedniteman]

Call me crazy, but how about talking to the IT Dept. and let them know your intentions? I seem to remember other users being open about it and being accommodated. Just a thought.

jmar

haha you aren't crazy - believe me I am planning on it. The only issue is I work in healthcare and my organization has well over 10,000 employees and about 2000 physicians.

Still, worth a shot!

I will look at the ADB method of pushing files over. I can still transfer the zip files over when the phone has started, but recovery mode starts before I have entered the password to unencrypt the data.

 

[sperho]

I don't know about your organization, but it is of similar size as the one I work for and I'll be curious to hear how your phone call with IT goes (read: probably as security conscious as mine, especially when one has access to sensitive information). For this reason, my employer does not allow root access on a device that is connected to it's Exchange servers. I would be amazed if yours did. You might check to see if your employer supports access to the Exchange servers using the Touchdown app - full device encryption might not be required (our policy does not require it, and it is how I connect to our Exchange server).

 

[Crashumbc]

I don't know about your organization, but it is of similar size as the one I work for and I'll be curious to hear how your phone call with IT goes (read: probably as security conscious as mine, especially when one has access to sensitive information). For this reason, my employer does not allow root access on a device that is connected to it's Exchange servers. I would be amazed if yours did. You might check to see if your employer supports access to the Exchange servers using the Touchdown app - full device encryption might not be required (our policy does not require it, and it is how I connect to our Exchange server).

this is what I was going to suggest. I had it on my phone, when I was connecting to work (I also work in healthcare).
From what I remember it is.
-Encrypted
-password protected
-remote wipe capable (just wipes app data)
-basically everything "work" should need but contained within the app and separate from the rest of your phone.(I really like the separate part)

I loved it, because I got "work" stuff but it didn't mess with my phone. I personally don't like the idea of work being able to remotely wipe my entire phone because someone fat fingered a command.

 

[Caveman419]

We use Touchdown, Afaria & K-9 Mail for our corporate email and I work for a Financial Institution. They also do not allow rooted phones and has been fine for me since they gave me a separate corporate cell phone. At the end of the month they are cancelling the corporate devices since the personally owned mobile device roll out has worked so well. I will either be forced to unroot (not going to happen) or have them not be able to get ahold of me when I am away from my desk. I know that there are apps that are supposed to "Hide" root access, but I do not know how well they work since I have never needed them.

 

[Deleted User]

Keep in mind that by bypassing their security, you may be liable for data loss if your phone ever gets stolen or compromised.

Being that you work in healthcare, that could be up to and including getting sued and/or terminated. Additionally, you may be putting your employer on the hook for this data loss.

I'm not wagging my finger over here... just pointing out that there's a very important reason why portable devices that handle company data often have encryption enforced. You're walking around with a privacy nightmare and corporate lawsuit in your pocket.