I approached my boss about having her request that the company that runs out network update it to Microsoft exchange server 2003 SP to allow push e-mail. They have 2003 right now.
When I asked her she said that a decision was made that because we have some proprietary information in our company we can't sync e-mails or other "potential risk" items to mobile devices in the case they get lost or stolen. Now I can understand that frame of thought, but we all use laptops here and take them with us to meetings out of the building.
I want to propose that the powers at be readdress this. The reason being is that my job is to go to client's offices, provide training and be one of the front end guys. Well we have an e-mail alert that is sent out if our network goes down. Plus if I get an e-mail from a client who I would be going to see, while I am out at another client's office how am I going to know, right?
I would like to humbly ask this community to help me gather some very strong points that I can present to them to help them under there naiveness to mobile devices and their "potential" risks.
I know that they all have security built in that goes up to 128 bit encryption. I know that there aren't any virus to worry about.
What about keeping proprietary information safe if it is in an e-mai? Any Ideas? What other benefits would there be to allow push e-mail and synchronization to mobile devices?
I greatly Appreciate any help you can provide me.
Jason
Wipe
I do believe one of the "big" +'s to windows mobile 5 was the ability to remotely wipe the device once its been stolen. Someone with more tech knowledge will know more about this. But I remember seeing the commercial for it. Can anyone help this guy out?
Hi *,
From a long time i'm trying to find a rom for Magic 32B be used for work.
My needs is to have a rom with ActiveSync (Mail, Calendar and Contacts) and, if possible, lookup in the "GAL" of Microsoft Exchange.
I know many software for these features, but it's possible inclusion in a rom?
Thanks in advance!
Ale
Back in the day Eclair ROMs required you to sync your email, contacts, ect. through exchange because Google sign-in was broken. Now-a-days, the sign-in is working, but still. Point of it all is that any Eclair ROM will do what your asking. Just go to the G1 Android Development section here at XDA and find any Android 2.1 ROM you like, then go for it.
DarkOne951 said:
Back in the day Eclair ROMs required you to sync your email, contacts, ect. through exchange because Google sign-in was broken. Now-a-days, the sign-in is working, but still. Point of it all is that any Eclair ROM will do what your asking. Just go to the G1 Android Development section here at XDA and find any Android 2.1 ROM you like, then go for it.
Click to expand...
Click to collapse
Thanks for the reply.
Android 2.1 ROM sync ONLY Email and Contacts. NO CALENDAR
ckale82 said:
if possible, lookup in the "GAL" of Microsoft Exchange.
Click to expand...
Click to collapse
I haven't seen any rom you can do that in ...
1.6 roms seem to use the 'work email' app which is an adapted version of the htc mail app from non-google branded htc devices.
2.x roms have native exchange support, mail and contacts sync only.
I believe you could get what you're looking from the market but you'll probably have to get your wallet out and pay.
But.... the old rom 1.5 with HTC framework had this features... or i'm crazy?
ckale82 said:
But.... the old rom 1.5 with HTC framework had this features... or i'm crazy?
Click to expand...
Click to collapse
That's what I thought too. However I never had a need for it and only basic needs for exchange. gmail for sure did calendar sync.
You'll want to go 3rd party and get a fancy one anyway. Should be worth the money if the feature set is important (not withstanding my opinion).
st0kes said:
I haven't seen any rom you can do that
Click to expand...
Click to collapse
ckale82 said:
But.... the old rom 1.5 with HTC framework had this features... or i'm crazy?
Click to expand...
Click to collapse
yep. the old 1.5 rom with htc framework does exactly this.
i know, because i still use 1.5 for just this reason.
the best rom you'll find that does this without any need for third party apps etc is enomther's the original rogers rom. (not to be confused with his the original donut roms.)
you'll find it in the G1 development forum.
in order to use GAL addresses, you have to use "add receipient" to fill out the "to" field when doing an email. then you can choose between "contacts" (google) or "company" (GAL).
you can't browse the GAL as far as i am aware, but you can search it.
EDIT: by the way, it does full exchange sync. emails, contacts and calendar.
you can get a 2.1 rom and flash the moto apps from droid that includes gal, corporate calendar. that is what i am using now.
you can purchase touchdown and it does everything you ask
on any version you want
includes searchable GAL
I trial a HEAP of different phones for work and this is pretty much what it comes down to when you are talking business use.
While i love the Android and have a N1 myself it falls over on some MAJOR areas.
1: No Client side cert capability.
2: No Encryption
3: No Group Policy Abilities
4: No Remote Wipe of the device
5: Not FIPS rated (no encryption)
The Google phone is great, i love it over an Iphone but until these issues are sorted I would NOT recommend these for business use. As far as personal phones go they are awesome !
The only phones that are correctly rated for use as far as encryption and GPO are unfortunately WM6 and WM6.5 I HATE these phones cant stand them but they are (Believe it or not) the most secure ! Lets hope when the Iphone releases their new OS in the next month or so they may become a more realistic player in the business market.
Or (Fingers crossed) Google and Droid do some real work into making these phones more secure.. If they did i know they would be more popular with the business community !
G.
A.
gymmy said:
I trial a HEAP of different phones for work and this is pretty much what it comes down to when you are talking business use.
While i love the Android and have a N1 myself it falls over on some MAJOR areas.
1: No Client side cert capability.
2: No Encryption
3: No Group Policy Abilities
4: No Remote Wipe of the device
5: Not FIPS rated (no encryption)
The Google phone is great, i love it over an Iphone but until these issues are sorted I would NOT recommend these for business use. As far as personal phones go they are awesome !
The only phones that are correctly rated for use as far as encryption and GPO are unfortunately WM6 and WM6.5 I HATE these phones cant stand them but they are (Believe it or not) the most secure ! Lets hope when the Iphone releases their new OS in the next month or so they may become a more realistic player in the business market.
Or (Fingers crossed) Google and Droid do some real work into making these phones more secure.. If they did i know they would be more popular with the business community !
G.
A.
Click to expand...
Click to collapse
umm android has all those through applications available in the market ....
What are moto apps
markkohfm said:
you can get a 2.1 rom and flash the moto apps from droid that includes gal, corporate calendar. that is what i am using now.
Click to expand...
Click to collapse
What are moto apps - can' seem to find it searching on xda... If anyone could enlighten me, I would appreciate it.
I whole-heartedly recommend Nitrodesk TouchDown. It's a kick-ass app for Exchange. You get push updates for Mail, Calendar, etc.
It might seem expensive relative to your average mini-app, but you have to keep in mind that this is way more useful than those.
My employer's MS exchange set-up incorporates security pin that none of the Android ROMs support - that I'm aware off! I'm currently on day 20 of the 30 day trial with Touchdown and really am impressed. It supports mail, calendar and contacts with GAL and most importantly for me I can finally log on because of the pin security support. The iPhone supports this too however the pin is required every time you want to use it for any app whereas on Android you enter the pin when launching Touchdown. Worth the $20 imo
BigRD said:
My employer's MS exchange set-up incorporates security pin that none of the Android ROMs support - that I'm aware off! I'm currently on day 20 of the 30 day trial with Touchdown and really am impressed. It supports mail, calendar and contacts with GAL and most importantly for me I can finally log on because of the pin security support. The iPhone supports this too however the pin is required every time you want to use it for any app whereas on Android you enter the pin when launching Touchdown. Worth the $20 imo
Click to expand...
Click to collapse
glad we reached a consensus that business users need to stop whining about exchange and drop 20$ for touchdown
is really a stellar exchange client
hopefully there will not always be a need for this as it should be part of the base OS
FYI
The only thing that is needed comparing from the touchdown app to any Android OS to have full Exchange support is to fetch the Active Sync certificates forced by the enterprise security policy.
The enterprise I work for, doesn't use the Active Sync certificates forced and runs on Exchange server 2007. No issues with the Exchange Android OS. No touchdown needed.
The partner who we support has to fetch the certificates and runs on Exchange server 2003. Now, they will migrate everything to Exchange 2007..., than I want to see what will happen because they will keep the security policy or adapt it to the new infra. I'm using the touchdown, because otherwise I'll have my account locked on the Radius server.
iPhone's are even more limited. To sync an iPhone with my partner Exchange server 2003, you need the following:
- On the Inbox folder have less than 500Mb
- Be over the OS version 3.x.x
- If you make a NT password reset, you have to re-create the profile and sometimes hope for a miracle or change the domain to the complete address or insert it on the username.
Once again on the Exchange 2007, no issues.
I had the same issue with android because I use exchange calendar and mail.
CursorSense has exchange calendar, it is 1.5, but works very smooth for me. The main problem was the initially pin, I had to call my exchange IT person to remove that security so I can use it. Otherwise, you are out of luck.
I've never had success with android 1.6. I've tried the Moto apk, and many other names, adb push it to the phone, and it just doens't work. So, for me, 1.6 has no exchange calendar, but only email.
As for 2.1, it does support exchange calendar. But I'm waiting a faster rom to start using it. In the meantime, I use touchdown, which is WAYYYY better than the native software from android. The widget actually works!! The widget from android in 2.1 includes Email and Calendar, but none of them refreshes the information all the time, so you will actually have to go in the email account to see new email, and your calendar to see new updates. With Touchdown, the widget is easier to use and it updates quickly. It is too expensive, I agree.
There is another app, called Roadsync, but I don't like the UI.
ricardomega said:
FYI
The only thing that is needed comparing from the touchdown app to any Android OS to have full Exchange support is to fetch the Active Sync certificates forced by the enterprise security policy
Click to expand...
Click to collapse
Well, that is down to the business running Exchange, not anything to do with Android ... enterprises should be using universally trusted certificates.
If you get a certificate error in activesync it means your exchange admin bought a cheap SSL certificate that your device doesn't trust.
Not agreed.
Ref. 1 (Wiki):
Remote Authentication Dial In User Service (RADIUS) is a networking protocol that provides centralized Authentication, Authorization, and Accounting (AAA) management for computers to connect and use a network service. RADIUS was developed by Livingston Enterprises, Inc., in 1991 as an access server authentication and accounting protocol and later brought into the IETF standards.[1]
Because of the broad support and the ubiquitous nature of the RADIUS protocol, it is often used by ISPs and enterprises to manage access to the Internet or internal networks, wireless networks, and integrated e-mail services. These networks may incorporate modems, DSL, access points, VPNs, network ports, web servers, etc.[2]
RADIUS is a client/server protocol that runs in the application layer, using UDP as transport. The Remote Access Server, the Virtual Private Network server, the Network switch with port-based authentication, and the Network Access Server, are all gateways that control access to the network, and all have a RADIUS client component that communicates with the RADIUS server. The RADIUS server is usually a background process running on a UNIX or Windows NT machine.[3] RADIUS serves three functions:
to authenticate users or devices before granting them access to a network,
to authorize those users or devices for certain network services and
to account for usage of those services.
Click to expand...
Click to collapse
This is GOOD. IT MEANS SECURITY.
Talking about universally trusted certificates... if the windows mobile since 5.1 version and other devices exchange services (like Symbian S60 devices up and others) work flawless ... our new gadgets are the one's who doesn't work ...
The partner that I was speaking are leaders on their security division product for decades.
Sorry, but please point out the Apps.
1: Client side cert import for access to company websites ?
2: Encryption which is FIPS 104-2 certified
3: Group Policy enforcement
Touchdown does work, but its not just exchange email which uses certification
Just thought of a new question. I use excel a ton and frequently need to go to my bosses office to ask questions about certain things. If I were logged onto the companies wifi, would I be able to optain access to the shared drives my NT account (assuming somehow I login from my Xoom) to manually bring the document to my boss, and have the work be easily done in one place???
The quickest way might be to install one of the remote desktop clients out there. Even on the 4.3’’ screen of the Evo, it can be a real pain to use, but I suspect a MUCH more pleasant experience on this.
By tomorrow afternoon, it is my intent to have my xoom talking to a dedicated Win7 vm that lives on one of my servers. Hopefully, I’ll be able to get to a point where creds are saved and I end up with a 1-click process to access the enterprise. Im REALLY banking on the idea that rdp will be usable on this larger screen.
I know that’s not exactly what you were looking for, but I’d be willing to bet that somebody is / has worked on a file browser that will see network shares and store credentials. I will certainly look around.
AndyMan386 said:
Just thought of a new question. I use excel a ton and frequently need to go to my bosses office to ask questions about certain things. If I were logged onto the companies wifi, would I be able to optain access to the shared drives my NT account (assuming somehow I login from my Xoom) to manually bring the document to my boss, and have the work be easily done in one place???
Click to expand...
Click to collapse
I can do this at home now with my Android phone using AndroXplorer on wifi. Just need to create a shortcut to a share on my PC using UNC path. Not sure if your company will have any restrictions on WiFi or not and also not sure if that app will work on Honeycomb. But it is definitely possible.
Forgive my noobness if this sounds stupid but was looking at the company apps setting on my Lumia 928 and was wondering if it could be exploited in anyway as far as sideloading homebrew? Out of curiosity, not that I expected it to work, I emailed myself a .xap file and got an error saying there was something wrong with my company app and to contact the company's support person. So went to company app settings and it asks for email,password, username,domain, and server but does it actually check the authenticity of the domain and/or server for a legitimate company or could someone simply set up a server hosting .xap files to be downloaded simply by registering and logging in with these settings? Even wondered if I simply used this info from the email server if it would install through email but seems too simple and haven't messed with it.
tonbonz said:
Forgive my noobness if this sounds stupid but was looking at the company apps setting on my Lumia 928 and was wondering if it could be exploited in anyway as far as sideloading homebrew? Out of curiosity, not that I expected it to work, I emailed myself a .xap file and got an error saying there was something wrong with my company app and to contact the company's support person. So went to company app settings and it asks for email,password, username,domain, and server but does it actually check the authenticity of the domain and/or server for a legitimate company or could someone simply set up a server hosting .xap files to be downloaded simply by registering and logging in with these settings? Even wondered if I simply used this info from the email server if it would install through email but seems too simple and haven't messed with it.
Click to expand...
Click to collapse
this would work, but theres a lot you have to do to set it up:
There are some general steps that companies must follow to establish a company account, enroll devices, and distribute apps to their enrolled devices. The following sections provide an overview of this process:
1. The company registers a company account on Windows Phone Dev Center and acquires an enterprise certificate from Symantec.
2.The company creates an application enrollment token (AET).
3.The company develops a Company Hub app.
4.The company prepares their apps for distribution.
5. Employees (or other users) enroll for company app distribution on their phones and install the company apps by using the Company Hub app.
you have to use intune director. Companys have to register with windows phone dev and aquire an enterprise cert. This *could* be a way to install homebrew apps, but it'd be easier if there was some kind of workaround.
more info here..
http://msdn.microsoft.com/en-us/library/windowsphone/develop/jj206943(v=vs.105).aspx
Thanks aclegg2011 and my apologies to the Forum Administrator as I just saw a similar post in a different section.