What They Aren’t Telling You: San Bernadino Shooter’s iPhone

USA Today and others made headlines today reporting “Apple ordered to break into San Bernadino shooter’s iPhone”. The topic of government access to encrypted devices has gotten a lot of attention lately, and I’m not writing this post to take a stance on either side. My goal here is to inform some of my less tech-minded friends of a curious thing I noticed…

Fact: This iPhone was owned by San Bernadino county.
Fact: Deploying iPhones to your workers should only be done if they’re properly managed.
Fact: Apple’s management software, Profile Manager, allows you to clear passcodes.

Here’s the proof from my own Profile Manager installation – this is the list of options I get when I bring up my own iPhone from the management console:

In case you’re wondering, it’s also possible to prevent a user from wiping his/her iPhone using Profile Manager:

In case you’re wondering what “supervised only” means, it indicates that the phone has to be setup using the Apple Configurator software, which is free.

Obviously I don’t know what happened in this case, and won’t pretend to, but from an IT guy’s perspective, this problem seems like it would have been avoided if the devices were configured appropriately. In any event, I figured this would be useful information to my non-tech friends who noticed it was a government owned iPhone and wondered why the government couldn’t unlock it.