Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Installing Lotus Notes in BYOD environment

Posted on 2014-02-13
5
Medium Priority
?
429 Views
Last Modified: 2014-02-14
We are in the early planning stages of implementing a BYOD (Bring Your Own Device) solution and are fleshing out some potential issues.

We currently use Lotus Notes and one question presented was "How are we going to install Notes on these devices)?". We aren't worried about email on tablets or phones, but if a user decides to use a MacBook or a Windows laptop, is it even possible to install Notes without the user actually being on the network to communicate to the Domino server?

We don't have SCCM or anything like that yet, but other than giving every single user VPN (which is not an option) I am unaware of any other method out there.

I figured I would run it by you guys anyways.

Thanks in advance.
0
Comment
Question by:ErikDorr
5 Comments
 
LVL 1

Accepted Solution

by:
Hans Holt, Ph.D. earned 2000 total points
ID: 39858411
Notes clients on the internet can access your Domino server if your port 1352 is open in the firewall.
The Domino server must be set up to use encryption on the network connection to gain best security.
The installation of the Notes client should use local encryption on all databases.
When a user is no longer wanted on the server - put his name in a Deny Access group.

Only people with Notes ID files from your company can access your Domino server.


I think the biggest problem is when someone leaves the company - how do you secure that all data on the local device is destroyed?
0
 
LVL 43

Expert Comment

by:Steve Knight
ID: 39858504
I would do as above with 1352 open depending upon the specifics of the situation, or look at a simple for the users SSL VPN, and/or remote desktop solution where their device is only used as access into your own provided virtual desktop with company apps on.

Also you could consider using iNotes for the emails, and/or the Notes browser plugin to provide access to notes apps.

Will all be "fun" dealing with the random client machines, lack of rights, and on the other hand users running everything with full admin rights on unprotected machines directlt on the net.  Unknown quanitity on virus checkers, their kids playing games and downloading dodgy stuff on the same machine your business is advertised from ...

Can work well or not depends on the users!

Steve
0
 
LVL 31

Expert Comment

by:captain
ID: 39858961
It depends whether you are using a web facing Domino server for this or not.

Traditionally you have business owned machines using VPN tunnels to connect to internal mail servers. I would not do this on BYOD devices as it requires again more local config that when the employe leaves gives cause for concern about how to restrict or remove this.

A web facing Domino server in a DMZ was the simplest solution for us. Either for iNotes or for clients. The latter requires a client to be installed but this is fine.

I have done this on the BYODs for a few staff, we just used the policy that replication to local copies for any laptops (Mac or PC) was disabled, so they could only use our DMZ mail server to connect to with their client live rather than having a local copy. They have a local ID file but as it has been said, you simply Deny access via Names.nsf once they leave.

You will never be able to completely mitigate security with any mobile users, but for our tablets and phones Lotus Traveler works fine (we only have Apple mobile users) and the BYOD laptops have to live with no local replica as the price but with broadband being everywhere this has yet to be an issue.
0
 
LVL 1

Expert Comment

by:Hans Holt, Ph.D.
ID: 39859006
Well - To me - Lotus Notes/Domino on the internet is much simpler than any VPN.

With Notes you use ID files which is your encryption key to secure communication between the client and the server.
You do not depend on any other security software.
0
 

Author Comment

by:ErikDorr
ID: 39859076
These have all been fantastic responses. I appreciate the time.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Have you ever run into that annoying problem where the computer won't boot?  Wouldn't it be great if you had a tool that would make that disk boot again?  I have found one tool that works more often than not ...
If something goes wrong with Exchange, your IT resources are in trouble.All Exchange server migration processes are not designed to be identical and though migrating email from on-premises Exchange mailbox to Cloud’s Office 365 is relatively simple…
The viewer will learn how to successfully download and install the SARDU utility on Windows 8, without downloading adware.
XMind Plus helps organize all details/aspects of any project from large to small in an orderly and concise manner. If you are working on a complex project, use this micro tutorial to show you how to make a basic flow chart. The software is free when…

972 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question