SYNERGYTECH
asked on
Turn Off PIN# requirement in Exchange 2003 Mobility Services.
I have an exchange 2003 SP2 with Mobility device security enabled. The handhelds are mostly Windows Mobile Treo 650's with the direct push firmware upgrade. I have a policy that requires the handheld user to enter a 4 digit pin number after 15 minutes of idle time; and they 8 oppurtunites to get it right.
The principals in the firm now want to turn off the requirement to enter a 4 digit pin number.
I've unchecked that property in the Global Mobility Services Area of ESM. and rebooted the server. The handhelds are still asking for a password. Do I need to wipe the devices and have them re-sync now that ere is no PIN requirement to disable that policy?
Thanks in advance, Geoff
The principals in the firm now want to turn off the requirement to enter a 4 digit pin number.
I've unchecked that property in the Global Mobility Services Area of ESM. and rebooted the server. The handhelds are still asking for a password. Do I need to wipe the devices and have them re-sync now that ere is no PIN requirement to disable that policy?
Thanks in advance, Geoff
ASKER
I agree that it's unacceptable, I've argued hard to keep it in place. even increasing the idle period and # of oppurtunities. Unfortunately, I'm not the ultimate decision maker on this one, it's very probably though that when one is stolen, the user will want assurances from me that their data is secure.
<The user of the device now needs to go in to the password setting and disable the password requirement. . >
We're not talking about the Activesync properties on the handheld here right? Does the exchange server policy enable a password setting on the handheld?
<The user of the device now needs to go in to the password setting and disable the password requirement. . >
We're not talking about the Activesync properties on the handheld here right? Does the exchange server policy enable a password setting on the handheld?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for the quick response Simon.
They are a big iron technology sales company, the worst thing that can happen is that one of them loses their phone at a trade show and their competitor gets a hold of their contacts, pricing methods and short/long term strategy.
cheers, geoff
They are a big iron technology sales company, the worst thing that can happen is that one of them loses their phone at a trade show and their competitor gets a hold of their contacts, pricing methods and short/long term strategy.
cheers, geoff
Remote wipe requires a password on the device. If you do not require a password and it is removed, then when you try to remote wipe, the device comes up with a prompt about enforcing a password. All the thief has to do is click no, and they have access to the device.
To answer your specific question, turning off the option on the device simply stops the requirement being enforced, it does not turn off the setting on the device. The user of the device now needs to go in to the password setting and disable the password requirement.
However this does mean there is no protection of the device and I would find that unacceptable.
Simon.