dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
36018

bbarrera
MVM
join:2000-10-23
Sacramento, CA

3 edits

bbarrera

MVM

Re: [iPhone] 3.1 breaks Exchange Sync

By the way, in my spare time I assist supporting an Exchange 2007 Server with 150 users. The biggest offenders of 'can't honor Exchange device encryption' policy are:
- owners of WinMo 5.x and 6.0 phones
- owners of Sprint phones, using Sprint's Mobile Email Services that grabs email from Outlook Web Access and forwards to the phone

The 2nd case exemplifies how opening up Outlook Web Access to Internet username/password login (w/o 2 factor auth) immediately allows a software app (like Sprint mobile email services) to talk directly with OWA, and broker email on behalf of a mobile phone, completely bypassing Exchange server mobile policies. To cut off those users, you'll need something like RSA SecureID to stop users hell-bent on sidestepping security policies.

iPhone users are the least of my worries, at least we've got a chance of remote wiping their devices.
bbarrera

1 edit

bbarrera

MVM

said by bbarrera:

If end-user device lock-down matters, then why aren't you running Blackberry Enterprise Server, or creating a white-list of approved mobiles for use with Exchange 2007 SP1?
Or using RSA SecurID to stop Sprint Mobile Email and other OWA based workarounds to side-stepping the server security policy for mobile clients.