Remote SMS wipe

On devices that support cellular, TDM provides a remote wipe via SMS feature.

SMS messages are beneficial because:

they require only basic cellular connectivity (2G);

they can be received even when the device has no credit to send a message; and

are not affected by VPN tunnelling.

Messages

Administrators supply an SMS message body that, when received, will trigger a factory reset. They may optionally supply an acknowledgment and a failure message. The acknowledgement is sent just before the device itself, since a message cannot be sent after the factory reset. If for any reason TDM cannot factory reset the device, the failure message will be sent.

Confirmation messages may not be sent if:

the device has no SMS credit remaining;

the device has no cellular signal; or

the device is powered off.

Care should be taken with content: generally, the contents of SMS messages are not encrypted between sender and recipient.

Initiators

TDM provides administrators with the option to limit from whom the wipe SMS message may be sent or allow any sender. In the latter case, it is strongly advised to set an unguessable SMS message (i.e. not the single word “wipe”).

Reinforcement

If the SIM card is removed from the device, this would neuter an administrator’s ability to remotely wipe the device via an SMS message. So TDM provides a Wipe on SIM removal or change feature.

When enabled, the IMSI of the SIM currently inserted into the device will be memorised. If the SIM is removed or replaced, TDM will perform a device factory reset. If a SIM is not present when the feature is enabled, the IMSI of the next SIM to be inserted will be used instead.

Authorise an intentional SIM swap

On occasion it may be necessary for an administrator to change the SIM. In this event, the Wipe on SIM removal or change feature should be set to OFF before removing the SIM and then enabled again afterwards.