[NA] ActiveSync. Help Please.

OkieFlyer

En-Route
Joined
May 16, 2011
Messages
3,225
Location
Lindsay, OK
Display Name

Display name:
Andrew L.
About a week ago, I got a notification on my phone saying that my Microsoft Exchange account needed me to update security settings, or something like that. I ignored it for the time being and opened up my work e-mail account. When Exchange opened up, I got a pop-up wanting me to enable ActiveSync. I didn't know what that was, so I went on to the next step to see what permissions ActiveSync wanted. It said the following:

capture.jpg


So, being a non-IT type, this kind of thing is about equivalent to giving a some stranger the keys to my house. I assume this is something the network administrators at work are requiring now to access our company e-mail on our devices. Does that sound right? Is there a way around it? If this is what it takes to open company e-mail, I'll just not do it, but I thought since POA is made of 90% IT guys, I'd ask about here.
 
This is a legacy implementation of Mobile Device Management (MDM). Your company should have a policy that company email belongs to the company. It is routine and common and if they don't have that policy, they should. In any case, they are acting like they do.

In the old days, it was more common for a company to issue a company owned mobile device. In that case, the companies ability to wipe the device if it is lost, stolen or you leave the company would not be in question. In today's world, it is now more common for a company to have a policy of bring your own device (BYOD), possibly giving you a stipend for your company use of that device. Tools for managing company data on these devices have improved, as well (MDM). I have worked with a large healthcare company, who offered BYOD, but did not want to pay the premium for modern MDM tools, so, their policy was, if you want company email on your personal device, then back it up, because we can wipe it. Obviously, that isn't a user friendly policy. Modern MDM tools are capable of selective wipe, where corporate data (including email) is siloed and can be wiped without wiping the whole phone. There are several popular implementations of this and MDM is included with Office 365, if you happen to host your email online. With Office 365, it is included, but you need to implement it and enroll the devices.
 
Thanks for the reply. I totally get that they should be able to wipe the email data if they think there is a breech of some kind or a if I get fired, but to want the ability to wipe my whole phone is a bit much. Now, if we were on the company network, then I get it, but our personal devices aren't even allowed on the network, so we're just talking about e-mail. Surely there is a way to secure the e-mail without requiring us to hand over our entire phone to some jackwagon in the home office.
 
Thanks for the reply. I totally get that they should be able to wipe the email data if they think there is a breech of some kind or a if I get fired, but to want the ability to wipe my whole phone is a bit much. Now, if we were on the company network, then I get it, but our personal devices aren't even allowed on the network, so we're just talking about e-mail. Surely there is a way to secure the e-mail without requiring us to hand over our entire phone to some jackwagon in the home office.
Like I said, there is now, but the free tool built into Exchange on premise wipes the whole phone. It would take additional investment to deploy a more sophisticated tool that can do selective wipe.
 
Roger, Roger. I appreciate the input. I just wanted to get a little info about it. Thought it was kind of weird it just showed up after 4 years with the company.
 
Back
Top