One of the most common issues affecting corporate mobile phones are the factory resets, caused after typing in the unlock code , not only the PIN for the SIM card, but also the lock screen unlock incorrectly. One of the main causes, are the security rules set in Exchange or Office 365, that grant full administrator rights to the IT staff.
The theory behind these security methods is the prevention of malicious access to employee’s corporate e-mail mapped in their mobile phones. Administrators set up a rule where the phone must have a screen unlock PIN, and if the code is entered a specific amount of times incorrectly, the device will be reset to the factory settings. If a company has a BYOD policy (Bring Your Own Device policy) it`s very important to inform users about this.
This usually will brings up the next problem, both in Android and iOS devices, the Factory Reset Protection (FRP). Once FRP is activated, it prevents using the device after a factory data reset, until you log in using a Google username and password previously set up on the device. To prevent this, I recommend requesting users to create a Gmail or iCloud account with their corporate email. Why the corporate email you ask? If you didnt setup or own a DEP or MDM solution, users often create new Google or iCloud accounts with random names and passwords that are often quickly forgotten.
To create a Google account with a corporate email select the option in the print screen.
For iCloud its only necessary to type in the corporate email in the email field.
I also recommend to disable the request for the SIM card PIN to prevent creating and keeping a centralized data base.
