Securing Activesynch mobile devices on Exchange Server 2007
- Hi All,
Here's my configuration, MS Exchange Server 2007 SP1 on my Windows Server 2003 box, I've deployed
CAS Client Access Server role
MBX Mailbox Role
HT Hub Transport Role
all into single box and have successfully enabled the OWA feature + UCC SSL Certificate, Activesynch going fine on both Windows Mobile PDA and iPhone too.
However, I begin to concerns regarding the security of the email that is downloaded into the mobile devices, is there any way to make it more secure ?
Any suggestion and comments will be greatly appreciated.
Thanks.
/* Windows Infrastructure Support Engineer */
Answers
- You can create Activesync policies and fine tune it to the security needs of your organization.
http://technet.microsoft.com/en-us/library/bb123484.aspx
Keep in mind that some settings require an Enterprise CAL.
Here's a good matrix that explains what Windows Mobile versions support what features:
http://blogs.msdn.com/jasonlan/archive/2007/12/04/exchange-activesync-policies-summary.aspx
MVP | MCITP: Enterprise Messaging Administrator | MCTS: OCS + Voice Specialization | http://www.shudnow.net- Marked As Answer byAlbert Widjaja Tuesday, October 06, 2009 2:09 AM
Hi Albert,
As Elan said, you could use ActiveSync policies to achieve your requirement. You could refer to the last chapter of Understanding Exchange ActiveSync Mailbox Policies: Exchange ActiveSync Mailbox Policy Examples
I mentioned you're using iphone too, regarding iphone, please note the iPhone 3GS supports device encryption, and is the first version to do so. Previous iPhone models, including the iPhone 3G, do not support device encryption. For more information:
Exchange ActiveSync and iPhone OS 3.1
http://msexchangeteam.com/archive/2009/09/22/452592.aspx
You could also write a post on our Windows Mobile forum to see if someone have experience of the security of downloaded emails:
http://social.microsoft.com/Forums/en-US/category/windowsmobile/
Thanks,
Elvis
- Marked As Answer byAlbert Widjaja Tuesday, October 06, 2009 2:09 AM
All Replies
- You can create Activesync policies and fine tune it to the security needs of your organization.
http://technet.microsoft.com/en-us/library/bb123484.aspx
Keep in mind that some settings require an Enterprise CAL.
Here's a good matrix that explains what Windows Mobile versions support what features:
http://blogs.msdn.com/jasonlan/archive/2007/12/04/exchange-activesync-policies-summary.aspx
MVP | MCITP: Enterprise Messaging Administrator | MCTS: OCS + Voice Specialization | http://www.shudnow.net- Marked As Answer byAlbert Widjaja Tuesday, October 06, 2009 2:09 AM
Hi Albert,
As Elan said, you could use ActiveSync policies to achieve your requirement. You could refer to the last chapter of Understanding Exchange ActiveSync Mailbox Policies: Exchange ActiveSync Mailbox Policy Examples
I mentioned you're using iphone too, regarding iphone, please note the iPhone 3GS supports device encryption, and is the first version to do so. Previous iPhone models, including the iPhone 3G, do not support device encryption. For more information:
Exchange ActiveSync and iPhone OS 3.1
http://msexchangeteam.com/archive/2009/09/22/452592.aspx
You could also write a post on our Windows Mobile forum to see if someone have experience of the security of downloaded emails:
http://social.microsoft.com/Forums/en-US/category/windowsmobile/
Thanks,
Elvis
- Marked As Answer byAlbert Widjaja Tuesday, October 06, 2009 2:09 AM
- Hi Albert,
Just check if you have any further questions on the thread, if so, let us know.
Thanks,
Elvis - Hi Elan,
thanks for the suggestion, by using the active-sync policy i think that is the least thing that we can do to secure the mobile devices.
Cheers.
/* Windows Infrastructure Support Engineer */ - Hi Elvis,
thanks for the follow up, I've implemented the ActiveSync Policy now :-)
Cheers !
/* Windows Infrastructure Support Engineer */
