<HTML>
<HEAD>
<TITLE>Re: [itdiscuss] Smart Phone Security</TITLE>
</HEAD>
<BODY>
<FONT FACE="Calibri, Verdana, Helvetica, Arial"><SPAN STYLE='font-size:11pt'>We do the same. <BR>
<BR>
The user may own the iPhone, but we ‘own’ the data from our Exchange server and have the responsibility to protect it.<BR>
<BR>
If a users want to access their work/church email, then they must have a 4-digit passcode which is enforced through ActiveSync (and can be remote wiped through ActiveSync).<BR>
<BR>
-- <BR>
<IMG src="cid:3342685676_71173156" ><BR>
<BR>
<BR>
<BR>
<BR>
<BR>
<HR ALIGN=CENTER SIZE="3" WIDTH="95%"><B>From: </B>Jason Powell <<a href="jpowell@gccwired.com">jpowell@gccwired.com</a>><BR>
<B>Reply-To: </B>IT Discussion Forum <<a href="discuss@itdiscuss.org">discuss@itdiscuss.org</a>><BR>
<B>Date: </B>Tue, 1 Dec 2009 19:55:17 -0500<BR>
<B>To: </B>IT Discussion Forum <<a href="discuss@itdiscuss.org">discuss@itdiscuss.org</a>><BR>
<B>Subject: </B>Re: [itdiscuss] Smart Phone Security<BR>
<BR>
<FONT COLOR="#1F497D">We currently enforce passwords on all mobile devices using activesync to hit exchange. It’s not that big of a deal since you can usually set the timeout value pretty high. Our users haven’t complained about it (almost 40 iphone users and 4 Pre)<BR>
<BR>
<BR>
</FONT></SPAN></FONT><FONT SIZE="2"><FONT FACE="Tahoma, Verdana, Helvetica, Arial"><SPAN STYLE='font-size:10pt'><B>Jason</B> Powell<BR>
IT Director<BR>
Granger Community Church<BR>
</SPAN></FONT></FONT><FONT FACE="Tahoma, Verdana, Helvetica, Arial"><FONT SIZE="1"><SPAN STYLE='font-size:8pt'>630 E. University Drive<BR>
Granger, IN 46530<BR>
574.243.2022 • <a href="jpowell@gccwired.com">jpowell@gccwired.com</a> • GCCwired.com<BR>
<a href="http://jpowell.blogs.com">http://jpowell.blogs.com</a> <<a href="http://jpowell.blogs.com/">http://jpowell.blogs.com/</a>> - yup, I've got a blog<BR>
<a href="http://twitter.com/JasonPowell">http://twitter.com/JasonPowell</a> - My twitter feed<BR>
<a href="http://facebook.com/jason.powell">http://facebook.com/jason.powell</a> - My facebook page<BR>
</SPAN></FONT></FONT><FONT COLOR="#1F497D"><FONT FACE="Calibri, Verdana, Helvetica, Arial"><SPAN STYLE='font-size:11pt'> <BR>
<BR>
<BR>
</SPAN></FONT></FONT><FONT FACE="Calibri, Verdana, Helvetica, Arial"><SPAN STYLE='font-size:11pt'><BR>
</SPAN></FONT><FONT SIZE="2"><FONT FACE="Tahoma, Verdana, Helvetica, Arial"><SPAN STYLE='font-size:10pt'><B>From:</B> <a href="discuss-bounces@itdiscuss.org">discuss-bounces@itdiscuss.org</a> [<a href="mailto:discuss-bounces@itdiscuss.org">mailto:discuss-bounces@itdiscuss.org</a>] <B>On Behalf Of </B>Jay Betancourt<BR>
<B>Sent:</B> Tuesday, December 01, 2009 7:44 PM<BR>
<B>To:</B> IT Discussion Forum<BR>
<B>Subject:</B> Re: [itdiscuss] Smart Phone Security<BR>
</SPAN></FONT></FONT><FONT FACE="Times New Roman"><SPAN STYLE='font-size:12pt'> <BR>
</SPAN></FONT><FONT SIZE="2"><FONT FACE="Verdana, Helvetica, Arial"><SPAN STYLE='font-size:10pt'>Hi Dave,<BR>
<BR>
Sorry to hear about that situation. We tell our iPhone users to password protect their devices in the event of loss or theft. However, we do not require it. Instead, users are shown how to automatically wipe the device from their Outlook Web Access in the event that such situation should occur. While it’s a hassle to have to enter the password every time, it’s probably well worth it in case it falls into the wrong hands. It’s probably not a good idea to keep contact information on the SIM card and instead store it on the phone locally since it’s synchronizing with the Exchange server.<BR>
<BR>
Jay<BR>
<BR>
On 12/1/09 6:26 PM, "Dave Ketcham" <<a href="dketcham@northcoastchurch.com">dketcham@northcoastchurch.com</a>> wrote:<BR>
</SPAN></FONT></FONT><FONT COLOR="#1F497D"><FONT FACE="Calibri, Verdana, Helvetica, Arial"><SPAN STYLE='font-size:11pt'>We recently had one of our staff's iPhones stolen and it was not password protected and emails were deleted by the thief. We currently aren't implementing any "Mobile Device" security features on our Exchange 2003 server.<BR>
<BR>
What mobile device policies do you implement? Do you require device unlock passwords? etc?<BR>
<BR>
Dave Ketcham<BR>
North Coast Church<BR>
</SPAN></FONT></FONT><FONT FACE="Calibri, Verdana, Helvetica, Arial"><SPAN STYLE='font-size:11pt'><BR>
<HR ALIGN=CENTER SIZE="3" WIDTH="95%"></SPAN></FONT><SPAN STYLE='font-size:11pt'><FONT FACE="Consolas, Courier New, Courier">_______________________________________________<BR>
it discuss mailing list: <a href="discuss@itdiscuss.org">discuss@itdiscuss.org</a><BR>
Mailing List: <a href="http://itdiscuss.org/discuss">http://itdiscuss.org/discuss</a><BR>
Internet Relay Chat: irc://irc.freenode.net/citrt<BR>
</FONT></SPAN>
</BODY>
</HTML>