Ben Left His Mac on the Airport Bus

Ben is a sales guy. He works for a Centrify customer.

Ben’s very good at his job, which means he’s focused on sales. It also means he’s not focused on details like where he parks his rental car, or his hotel room number, or where he leaves his computer.

Ben recently was on his way home from a great sales call in another city. He finished up with the customer, was very happy about the progress.

While on the airport shuttle bus, he jumps on a conference call.

He stays on the conference call the whole time he’s on the shuttle bus. He gets off the bus, checks in, walks through security (puts the active phone call through the x-ray machine), boards the plane, sits in his seat, and stays on the conference call until the last very second when the flight attendant asks him to turn off his phone.

As he was putting his nearly dead iPhone into his carry-on bag, he realized that he’d left his Mac laptop computer on the airport shuttle bus.

The airplane door closes, plane starts pushing back from the gate. Ben is offline and his computer is now missing. For the next 6 hours he will be heading far, far away from his computer.

It contains the corporate sales forecast, all of his email, a number of confidential customer and corporate documents, and the product roadmap for the next two years. Fortunately, it has a username and password requirement (enforced by Centrify). In addition, Apple’s Filevault II is turned on, so the disk is encrypted.

Ben remembers what to do in this case. He’s glad he was paying attention during the employee training.

When the plane gets to 10,000 feet and the on-board WiFi is activated, Ben uses his nearly dead iPhone to connect to the WiFi (he pays the $19 airplane fee), and manages to send a message off to his IT helpdesk. (He’s gonna put the WIFI charge on his expense report.)

“Hi, I’ve left my Mac laptop behind, can you please lock it remotely.”

45 seconds later, the IT helpdesk person opens the trouble ticket, reads the request, and calmly opens the Centrify Identity Service portal.

He goes to the “Devices” menu, and enters the search string for Ben’s name and see’s his Mac listed in the Portal.

He selects it and then chooses “Lock Device” from the “Actions” menu.

Screen Shot 2015-06-15 at 11.31.38 AM

He is prompted for a random six character passcode which will be used to lock the Mac.

Mac lock screen

This activates Apple’s Lost Mode and will immediately lock the machine when it comes online on any network.

Anyone accessing the device will immediately be prompted for the six character passcode. The Mac can not be accessed without this code.

System Lock screenshot

After locking the Mac, the IT Helpdesk person gets up from his desk and goes to the locked room where IT keeps the spare computers. He goes over to the secret Whiteboard Wall of Shame where they keep the list of employees who cause the most problems for IT. (Yes, IT helpdesks have this list.)

Next to Ben’s name he adds another checkmark. Ben is the undisputed company leader in lost equipment, password resets and broken phones.

Centrify Identity Service provides capabilities to remotely manage, lock and wipe mobile devices such as iPhones and Android phones, in addition to the Macintosh computer that Ben lost. Device policies are managed by Active Directory using Group Policy, which we have extended for Mobile Device Management.

Ben could have locked the Mac remotely himself if his battery hadn’t died. Each user has a portal page showing their registered devices under the Centrify Identity Services portal.  The beauty of this system is that IT admins and the users themselves both have the ability to control and manage their devics.

When Ben returns to the office, IT gives him his old laptop with the cracked screen and the sticky keyboard. He had to use it for two weeks until his current laptop is located and shipped back to the office by the bus company.