This morning I read an article on Good HouseKeeping (don’t make fun, it was a link on one of the news links that get pushed in your face on my start page. I think it was Bing. I hate the news links but like the pictures). It’s interesting to see what security items make it into websites for ‘normal’ people.
The scare headline read “A New iPhone Hack Lets Anyone Use Your Phone”. It reports that Siri by default allows some actions even when the phone is locked. Pranksters can use Siri to send texts to contacts, make calls, and update Facebook.
In the past full access to the device has been achieved though this type of Siri access. This is one argument for disabling Siri at the lock screen (Settings -> Siri -> Allow Access on Lock Screen (off)). While you lose some functionality, you are no longer susceptible to practical jokers or people with more nefarious intent.
I’m not aware of a Mobile Device Management platform that can disable this setting. If you’re managing an enterprise environment where the MDM platform cannot enforce this setting all you can do is educate, instruct, and require. (Where I work, I had to sign a form confirming I’d disabled this setting).