After recently having a phone stolen, we decided to test the remote wipe capabilities of the Zimbra mobile more thoroughly. Hoping to get some community feedback on whether this is the designed way it's supposed to work or if there are bugs in the system that need to be reported.
All tests were only done with Samsung Phones running the Android operating system - sorry that's all we have maybe someone else can provide further tests with different brands/models.
Here is what we have determined in our tests:
1) Remote wipe will only "activate" when the phone is restarted after it has received the request - it does not happen immediately.
2) Remote wipe will not occur if the phone can not authenticate to the Zimbra server. In other words, if you change your password before the phone receives the remote wipe request, it will never happen. To us this seems a bit wrong. The first thing you should do in the even of a lost or stolen device is change your password to prevent the account from being further compromised.
3) The Zimbra web client only sporadically shows whether the request has been completed or not (for us it was about 1 out of every 3 times)
It would also be nice if the administration console had the ability to see all the mobile phones that are currently synchronized with the server in detail (the mobile ID, user account it is associated to, status - pending wipe, etc. ) .
Any one have further comments and/or suggestions?