If a device is lost or stolen, it's probably best to remotely wipe the device's contents to protect your company's privacy and intellectual property.
By creating an Exchange ActiveSync Mailbox Policy, you have made the mobile device resistant to tampering, but it would still be a bad idea to just assume that a thief isn't interested in your data or isn't sophisticated enough to crack the device's password. Rather than relying on your mobile device security policies, it is better to remotely wipe a device as soon as it is reported lost or stolen.
One interesting feature of Exchange Server 2007 is that the user doesn't even have to bother reporting the mobile device stolen. They can actually wipe the data from the device themselves through Outlook Web Access (OWA):
- Open Internet Explorer and navigate to HTTPS://your_exchange_server/OWA.
- The Exchange Server 2007 version of OWA looks something like what is shown in Figure 5. Click on the Options button in the upper right corner and select the Mobile Devices link to reveal a series of options related to mobile devices.
Figure 5 : The Options button lets you customize the OWA experience.
Figure 6 : Users can manage their own mobile devices directly through OWA.
- Normally, a user should only have one mobile device, but it is possible for a user to have multiple mobile devices. Any mobile devices registered to the user will be listed on this screen. All
- a user has to do towipe a mobile device that has been lost or stolen is to select it from the list and then click the Wipe All Data From Device link.
- Assuming that the device probably isn't ever going to be found, the user can then use the Remove Device From List link to remove the device from their profile.
STEP-BY-STEP GUIDE: HOW TO SECURE MOBILE DEVICES IN EXCHANGE 2007
Step 1: How to create an ActiveSync Mailbox Policy in Exchange Server 2007
Step 2: How to assign an Exchange 2007 ActiveSync Mailbox Policy to users
Step 3: How to remotely wipe a mobile device in Exchange Server 2007
|ABOUT THE AUTHOR:|
Brien M. Posey, MCSE|
Brien M. Posey, MCSE, is a Microsoft Most Valuable Professional for his work with Exchange Server, and has previously received Microsoft's MVP award for Windows Server and Internet Information Server (IIS). Brien has served as CIO for a nationwide chain of hospitals and was once responsible for the Department of Information Management at Fort Knox. As a freelance technical writer, Brien has written for Microsoft, TechTarget, CNET, ZDNet, MSD2D, Relevant Technologies and other technology companies. You can visit Brien's personal Web site at http://www.brienposey.com.
This was first published in May 2007