Lost Devices Management with Geo-Tracking
In regions where the use of device location data is restricted, locating lost or stolen devices presents a significant challenge. To address this, MDM Lost Mode offers a robust solution, similar to services like Find My iPhone or Find My Device, allowing administrators to track, secure, and manage missing devices effectively. Lost Mode is specifically designed to help organizations retrieve misplaced devices, lock them down, and even wipe sensitive data if necessary. This feature ensures that corporate data remains secure, even in the event of theft.
Actions that can be performed on a Lost Device
- Device Tracking: Retrieve the location of lost devices to facilitate recovery.
- Remote Lock: Securely lock the device to prevent unauthorized access.
- Data Wipe: Erase sensitive data remotely if the device cannot be recovered.
- Custom Lock Screen Messages: Display a message and contact information on the lock screen to assist in returning the device to its owner.
- Remote Alarm: Trigger an alarm on the device to help locate it if misplaced.
Lost Mode is available for both iOS and Android devices, with additional support for Chrome OS devices. Below, we will outline the details of enabling and using Lost Mode across various platforms.
Enabling Lost Mode
To activate Lost Mode, follow these steps:
- Navigate to the Inventory tab in your MDM console.
- Select the lost device from the list.
- Click on Actions button, Click Enable Lost Mode and follow the on-screen instructions.
Note: 1. Lost Mode can be configured to track devices either always or only when lost. To set this up: Navigate to the Inventory tab, select Geo-Tracking, and choose Track Devices > When Lost.
2. When Lost mode is enabled status bar and Keyguard Notifications are disabled by default
Lost Mode for iOS
Lost Mode is fully supported on supervised iOS devices running iOS 9.3 or later. Key features include:
- No App Required: The ME MDM app is not needed for supervised devices.
- Location Services Override: MDM can locate the device even if Location Services are disabled.
- Lock Screen Customization: Display a custom message and contact number on the lock screen to aid in device recovery.
- Remote Alarm: Trigger an alarm to help locate the device.
The above screenshot shows a sample message and contact number displayed in the lock screen. Clicking on call button allows a call to be made to the contact number specified. Further, the device is locked on enabling Lost Mode and can be unlocked only through MDM, ensuring unauthorized access is completely restricted.
For other iOS devices including unsupervised iOS devices, not all capabilities of Lost Mode are supported.ME MDM app must be installed in the device and Location Services must be enabled for ME MDM app, to obtain the location details. However, the other location-indepent functionalities of Lost Mode can be still used - you can lock the device, display message and contact details in the lock screen and wipe the device if need be.
Security commands - Remote Lock, Restart and Shutdown cannot be executed when the device is in Lost Mode.
Lost Mode for Android
Lost Mode on Android devices offers similar functionalities, including:
- Real-Time Location Tracking: Continuously monitor the device's location.
- Remote Lock: Secure the device with a passcode.
- Lock Screen Messaging: Display a message and contact number for recovery purposes.
- Passcode Reset: Reset the device passcode and email the new one to the user.
- Data Wipe: Erase corporate data to prevent unauthorized access.
Enhanced Control on Samsung Knox Devices: For Knox-enabled Samsung devices, Lost Mode can automatically enable critical functionalities like Wi-Fi, Location Services, and more, even if they were previously disabled.
The following table specifies the list of all features which are enabled by Lost Mode silently, irrespective of whether it has been enabled/disabled in the device.
| Functionality/Device Type | Knox-enabled Samsung | Non-Samsung | |
|---|---|---|---|
| Device Owner | Profile Owner | ||
| Enabling Wi-Fi |  |
|
|
| Enabling Location Services | |
|
 |
| Restricting switching off the device | |
|
|
| Restricting safe booting | |
|
|
| Restriting Factory Reset | |
|
|
| Restricting USB debugging | |
|
|
| Restricting USB data transfer | |
|
|
| Restrict killing background processes | |
|
|
Device Owner and Profile Owner are only supported for devices running Android 5.0 or later versions.
In Non-Samsung devices provisioned neither as Profile Owner and Device Owner, only Wi-Fi gets enabled automatically through Lost Mode, irrespective of whether it is enabled or not.
If Lost Mode is enabled, factory reset is restricted. However, non-Samsung or Knox-unsupported devices can still be manually hard reset. To prevent unauthorized access after a reset, it is recommended to use an Enterprise Factory Reset Protection (EFRP) profile.
Lost Mode for Chrome OS devices
Mobile Device Manager Plus enables IT admins to remotely enable Lost Mode on Chromebooks when they're lost or stolen.
Pre-requisites
To enable Lost Mode on Chrome OS devices, ensure the following pre-requisites are met:
- The devices must be provisioned in the G Suite Admin Console and managed by Mobile Device Manager Plus .
- The devices must be running on Chrome OS 40 or above.
Follow the steps given below to enable Lost Mode:
- In the MDM console, go to Inventory and select the target device on which Lost Mode needs to be enabled.
- Under Actions, select Enable Lost Mode.
- While enabling Lost Mode, you can optionally provide a message and contact information to be displayed in case the device is found. Click on Next
- For auditing purposes, you will have to provide a ticket ID and a optional message outlining the reason for enabling Lost Mode.
- Click on Enable Lost Mode, to lock down the device in Lost Mode.
Once Lost Mode is enabled, the following actions are performed on the device.
- The current users will be logged out of the device and it'll be locked down with the configured message. New users will not be able to log in to the device, untill Lost Mode is disabled by the admin from the MDM console.
- The device status on G Suite Admin Console will be modified as Disabled.
NOTE: Locating Chromebooks is currently not supported.