Today's individual has access to a wide variety of devices that can be used to perform various tasks, such as work-related tasks, personal activities, recreational activities, and so on. While some devices may be dedicated to a particular purpose, such as a work-related purpose, many devices are considered “mixed-use” devices. For example, an individual's smartphone can be used to perform personal tasks, such as making personal phone calls, taking pictures, sending messages, and so on. The smartphone may also be used for work-related activities, such as sending and receiving work-related e-mails, reading and editing work documents, managing work contacts, and so forth.
One consequence of such mixed-use devices is that various types of data may be stored on a particular device. For example, a work-related document can be stored locally on a smartphone such that an individual can use the smartphone to view the document. While storing data locally on a device can provide an individual with convenient access to the data, it can also present a considerable security risk. For example, sensitive data stored on a device may potentially be exposed to an individual that obtains unauthorized possession of the device.
Some techniques for protecting data stored on a device respond to an indication of attempted unauthorized access to the data by simply erasing the data from the device. While this can be effective in certain circumstances to protect the data from unauthorized access, it can also result in a loss of important data. For example, consider a scenario where a child attempts to gain access to their parent's phone to play a game. A security functionality associated with the phone, such as limited retry logic or an enterprise server for policy enforcement, may interpret this attempt as an individual attempting to gain unauthorized access to sensitive data. In response, the security functionality can cause data on the phone to be erased. Not only can this result in a loss of important data, but it can present a considerable inconvenience in that a reconfiguration process may be implemented to return the device to a functional state.