RE: Exchange ActiveSync not forcing encryption on Androids???
Androids lie. Google "Android Activesync policies". Carl From: Derrenbacker, L. Jonathan [mailto:jderrenbac...@kshgs.com] Sent: Friday, June 17, 2011 11:12 AM To: MS-Exchange Admin Issues Subject: Exchange ActiveSync not forcing encryption on Androids??? Has anyone had issues where androids can sync even though your activesync policy says it requires encryption? I would think if my activesync policy says it requires encryption, and androids don't have encryption, they shouldn't be able to pull down email? Environment: Exchange 2010/2003(coexistence) - Mailboxes in questions are on 2010 HTC EVO and Incredible running android 2.3.3 and 2.2 Default Android Mail app. Activesync settings(Exchange 2010): - Allow non-provisional devices is UNCHECKED - Require encryption on device is CHECKED - Misc other password settings are selected. I made a forensics image of my android(after mounting it as a disk), scanned it with EnCase, and I can see my emails in plain text. Any ideas? Thanks, Jon --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe exchangelist
RE: Exchange ActiveSync not forcing encryption on Androids???
Thanks Carl. I found this: "Exchange correctly sends the policy to the device. The device accepts the policy and discards the pieces it doesn't understand. It doesn't report that it refuses the entire policy so it's still "provisioned"." http://social.technet.microsoft.com/Forums/en-US/exchangesvrtransport/thread/c81ee66a-7cb0-4ef2-865c-2cd505847087/ At least I now know it's not just me... It seems really troublesome though. How is everyone else blocking non-encrypted devices??? Jon On Fri, Jun 17, 2011 at 12:07 PM, Carl Houseman wrote: > Androids lie. Google "Android Activesync policies". > > > > Carl > > From: Derrenbacker, L. Jonathan Sent: Friday, June 17, 2011 11:15 AM To: 'MS-Exchange Admin Issues' Subject: Exchange ActiveSync not forcing encryption on Androids??? Has anyone had issues where androids can sync even though your activesync policy says it requires encryption? I would think if my activesync policy says it requires encryption, and androids don't have encryption, they shouldn't be able to pull down email? Environment: Exchange 2010/2003(coexistence) - Mailboxes in questions are on 2010 HTC EVO and Incredible running android 2.3.3 and 2.2 Default Android Mail app. Activesync settings(Exchange 2010): - Allow non-provisional devices is UNCHECKED - Require encryption on device is CHECKED - Misc other password settings are selected. I made a forensics image of my android(after mounting it as a disk), scanned it with EnCase, and I can see my emails in plain text. Any ideas? Thanks, Jon --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe exchangelist
Re: Exchange ActiveSync not forcing encryption on Androids???
Apple's iP* lied for a while too - may still for all I know, though it's supposed to have been corrected. That's one of the reasons why there are solutions like Good Technologies, etc. Kurt On Fri, Jun 17, 2011 at 09:07, Carl Houseman wrote: > Androids lie. Google "Android Activesync policies". > > > > Carl > > > > From: Derrenbacker, L. Jonathan [mailto:jderrenbac...@kshgs.com] > Sent: Friday, June 17, 2011 11:12 AM > To: MS-Exchange Admin Issues > Subject: Exchange ActiveSync not forcing encryption on Androids??? > > > > Has anyone had issues where androids can sync even though your activesync > policy says it requires encryption? > > > > I would think if my activesync policy says it requires encryption, and > androids don’t have encryption, they shouldn’t be able to pull down email? > > > > Environment: > > Exchange 2010/2003(coexistence) – Mailboxes in questions are on 2010 > > HTC EVO and Incredible running android 2.3.3 and 2.2 > > Default Android Mail app. > > > > Activesync settings(Exchange 2010): > > - Allow non-provisional devices is UNCHECKED > > - Require encryption on device is CHECKED > > - Misc other password settings are selected. > > > > I made a forensics image of my android(after mounting it as a disk), scanned > it with EnCase, and I can see my emails in plain text. > > > > Any ideas? > > Thanks, > > Jon > > > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe exchangelist --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe exchangelist
