[arthurcolle]

how is that legal?

[chrisBob]

How is it illegal to give someone permission to remote wipe your device?

[pc86]

There is no question of legality, you are granting the user that access/ability by connecting to Exchange.

[Osmium]

> you are granting the user that access/ability by connecting to Exchange

Does iOS present a warning to this effect when you add an Exchange account? If not, they should. I have an Exchange account set up from my university and don't recall ever seeing anything.

Also, didn't Gmail used to have Exchange support? If this is true, does that mean Google had the ability to remotely wipe any iOS device that was using Gmail through Exchange?

[bentcorner]

It's an exchange server thing and probably part of the sync protocol used.

You'll see a warning when you set up mail for the first time. I think if the server has this policy you are forced to add a pin lock to your device.

If you don't remember seeing anything, then AFAIK your device cannot be wiped.

[MichaelGG]

The administrator can set all sorts of policies, like if a PIN is required, or a password, length, etc.

It's not a bad thing and can be used to potentially limit some damage. Of course, requiring a fully encrypted device with strong lockout policies that are hardware enforced (TPM) is the best. I've had my phone stolen and it was pretty nice to remote nuke it.

IIRC, Google offers this same feature if you connect it to Device Manager.