If a user loses their iPad, they are to contact you and/or other admins immediately.
Then, you can either remove their permissions to all folders/files or suspend/delete their account entirely. If the user needs immediate access, set them up under a new username (email address) and password.
- If you remove permissions, when the person that found the iPad opens the app, all data will get automatically removed.
- If account has suspended, the person that found the iPad will get instantly logged out the app when opening it.
- Both are effective ways to prevent access to sensitive data, however the first method allows automatic wiping of the data.
- Note though that this only works if the iPad is connected to the internet at the time the app is launched, as it is technically impossible to remotely contact the device, and therefore enforce these changes if it isn't.
It is also important to make sure an offline expiry period is set under Admin >> Global Settings >> Login, so users are forced to login again regularly to the app (e.g. every 8 hours). See screenshot below as well.
Finally, note that all data on the device is encrypted, including annotations, so even in the event that someone was trying to break into the device memory and access the data directly, they would not be able to do anything with it.