Solved

How to secure device using ActiveSync from Syncing with unauthorzied devices with same OS platform

Posted on 2014-01-08
5
333 Views
Last Modified: 2014-01-09
Hi Experts

I've Google this question in different ways, but didn't find the answer I'm looking for, so I thought I would try here.

We are in the midst of discussions on ActiveSync usage, as whether to move away from strictly BBs and BES environment that we have now, which is working fine as is... but...  

We recently migrated to using Office 365 and I've got all our BBs now activated in the Blackberry Cloud Services that is integrated with Office 365.  We have users requesting BB10 devices(Q10/Z10), currently BBCS with Office 365 doesn't provide Enterprise Activation for BB10 devices. I have not been able to get any info as to if and when RIM plans to upgrade their BBCS to BES10 platform. So if we let Users get BB10 devices we have to Use ActiveSync protocol, and with that, Users are asking if we'd consider another platform such as IPhone or Android.

Question that came out of that is if a Users has a Corporate Authorized IPhone for Example: also owns a Personal IPad(popular).  Are we able to prevent them from Syncing the two iOS devices?  If I understand correctly, if they are fully Synced the email from the authorized phone can find it way over to the Unauthorized personal IPad if the User was to enable Syncing of devices, am I correct in that assumption? and if Yes, this is possible with iOS and perhaps even Android devices? Is there a way for us to prevent Syncing of Devices in that way, via ActiveSync policies or on the Phone itself?

Thank you
Note: I'm on Atlantic Canada time
0
Comment
Question by:CATHY-IT
  • 3
  • 2
5 Comments
 
LVL 37

Accepted Solution

by:
Jamie McKillop earned 250 total points
ID: 39767873
Hello,

The Exchange mail account will not sync between the devices. Only the iCloud me.com address will sync between devices. If you have device quarantine tuned on in your Exchange environment, you can control which devices are allowed to sync with your Exchange server. Unless the user starts forwarding all their email to an outside address, the mail will not end up on any other iOS devices.

-JJ
0
 

Author Comment

by:CATHY-IT
ID: 39769003
Yes, I do have quarantine turned on to allow me to approve devices. Thanks for confirming our question.

Just a quick opinion, do you consider ActiveSync a secure alternative to use instead of BES? Or should I be pushing to stay with BES and wait for RIM to upgrade the Blackberry Business Cloud Services to BB10 version to allow BES connection with BB10 OS devices.
0
 
LVL 37

Expert Comment

by:Jamie McKillop
ID: 39769037
In my opinion, BES security is over hyped. We are really looking at two distinct security components. The fist is the data flow between the server and the device. BES is more secure with its 256bit encryption but we rely on the 128bit encryption ActiveSync uses for everything else on the internet. If you are allowing your users to use webmail, the security level is the same as ActiveSync. The other component is the device itself. Again, Blackberry has better device security than competing devices but it isn't a trivial process to get data off Andriod or iOS devices that have a proper passcode. The reality is that unless you operate in an ultra high security environment, such as the defense industry, your data isn't likely going to be worth the cost and effort to crack into the data stream or the device itself.

-JJ
0
 

Author Comment

by:CATHY-IT
ID: 39769087
That's the general notion I had, but definitely different opinions out there about it.  Though I do like that the BES can Push other Policy that ActiveSync just doesn't have.

Thanks Again
0
 

Author Closing Comment

by:CATHY-IT
ID: 39769089
Thanks again
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Not sure what the best email signature size is? Are you worried about email signature image size? Follow this best practice guide.
Are you irritated by repeating emails issue in Microsoft Outlook 2016 after recent update ?  Lets’ see how to resolve and prevent duplicate emails in the Outlook 2016 using some simple techniques.
This Experts Exchange video Micro Tutorial shows how to tell Microsoft Office that a word is NOT spelled correctly. Microsoft Office has a built-in, main dictionary that is shared by Office apps, including Excel, Outlook, PowerPoint, and Word. When …
CodeTwo Sync for iCloud (http://www.codetwo.com/sync-for-icloud?sts=6554) automatically synchronizes your Outlook 2016, 2013, 2010 or 2007 folders with iCloud folders available via iCloud Control Panel. This lets you automatically sync them with…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now