Android Exchange Discrimination! (need some help)

[robbo323]

My employer's IT Dept has decided to stop simply forwarding work e-mail to our personal e-mail accounts connected to our phones. They say they are going to cut that off and go to a "Blackberry Exchange Server" and that "only those employees using Blackberry devices" will get e-mail pushed to their phone. I inquired with one of the IT guys today whether the many of us using Android 2.2 can get in on this and was told - "No, only Blackberry". He justified that saying that only Blackberry has the necessary security, remote wipe, etc. I pointed out that Android 2.2 supports this as well, and the excuse changed to "this is a Blackberry-only Exchange Server".

Is there such a thing? I thought Exchange Server was a Microsoft product that worked across multiple operating systems. Can someone tell me if I'm getting BS'd by an IT guy who simply wants to keep his work load to a minimum? Any info to help me straighten this out is much appreciated. Thanks.

 

[mwhartman]

The BES serves is BB and very expensive. Sounds like your IT folks are taking a very narrow road.

Ask they what safeguards are in place for employees who use laptops. Should the laptop be lost or stolen it is the same security risk, in my opinion.

 

[KZIWarrior]

^+1
There are BB servers and they are expensive but they are secure.

Your IT department is like that of many major corps. With the fragmentation of the smartphone market they have had to look more closely at security. If they are that secure chances are not only are they only allowing BBs but likely only a select few models. The only real advantage RIM has right now over their competitors is their security features (the top secured BBs are VERY hard to crack and impossible w/o loosing all the data on the pone, though I haven't followed them in a while there used to be at least two models that couldn't be cracked at all, might have changed). Personally I agree with mwhartman but IF they are that worried and IF the are knowledgeable enough the laptops can be secured through a variety of means/measures but in reality it's all for not. Most hackers with malicious intent will find other routes to get secured data, normally through direct attacks. But many companies don't have a choice (e.g. companies that work with the government must meet government guidelines no matter how ridiculous or ill-informed said policies are).

 

[takeshi]

I pointed out that Android 2.2 supports this as well, and the excuse changed to "this is a Blackberry-only Exchange Server".

No but there is such a thing as a Blackberry Enterprise Server and only BB's ca connect to it.

The only real advantage RIM has right now over their competitors is their security features (the top secured BBs are VERY hard to crack and impossible w/o loosing all the data on the pone, though I haven't followed them in a while there used to be at least two models that couldn't be cracked at all, might have changed).

There's also built-in device management, IT policies, built in intranet access, proxy, etc etc. Users might not see them as a an advantage but they're pluses from the company's side.

Ask they what safeguards are in place for employees who use laptops. Should the laptop be lost or stolen it is the same security risk, in my opinion.

We encrypt the hard drives. Neither here nor there though. It's not unusual for companies to specify what can and cannot be used with their Exchange environments. Don't like it? There are other employers out there to work for if it's that big of a deal.

 

[KZIWarrior]

The only real advantage RIM has right now over their competitors is their security features (the top secured BBs are VERY hard to crack and impossible w/o loosing all the data on the pone, though I haven't followed them in a while there used to be at least two models that couldn't be cracked at all, might have changed).

There's also built-in device management, IT policies, built in intranet access, proxy, etc etc. Users might not see them as a an advantage but they're pluses from the company's side.

Android has all those as well. Though 3rd party apps are better at implementing them (particularly the IT policies) they are built into/supported by the OS.

Ask they what safeguards are in place for employees who use laptops. Should the laptop be lost or stolen it is the same security risk, in my opinion.

We encrypt the hard drives. Neither here nor there though. It's not unusual for companies to specify what can and cannot be used with their Exchange environments. Don't like it? There are other employers out there to work for if it's that big of a deal.

:icon_ banana:lol, yep, THEIR servers, THEIR business, THEIR rules, don't like it find another employer or start your own company... though you can be pretty sure that they are not going to spend the capital on the BBES unless there is a real reason/concern so though you may not like it or understand it you can be pretty sure they are doing it for real reasons other than to upset you (unless they just really don't like you :wink:,lol)

 

[mwhartman]

We've all raised excellent points. For me, however, the biggest security risk is not what is or is not on the device, it is the individual using the device.

I was an IT dir in central HR and no matter how much we tried to convince folks that the safeguards we put in place were for their protection as well and the Universities they could not grasp that they had a responsibility in the equation.

Mike

 

[Detonation]

My company is the same way. Unless you have a company issued blackberry, they will not allow you to connect to the exchange server. My boss even offered me a blackberry when I asked him about it, but I didn't feel like carrying around 2 phones just to have my work email. I can still access it on my Droid via our webmail interface anyways, its just a lot less user friendly.

 

[mwhartman]

My company is the same way. Unless you have a company issued blackberry, they will not allow you to connect to the exchange server. My boss even offered me a blackberry when I asked him about it, but I didn't feel like carrying around 2 phones just to have my email. I can still access it on my Droid via our webmail interface, its just a lot less user friendly.

And no more secure that having the mail pushed to your Droid!

 

[chrstdvd]

This thread reminds me of the Navy. There I was in the middle of the Atlantic Ocean walking around the ship with a 45 cal pistol on what was called "Roving Patrol" to keep my shipmates from trying to "attack" the missile house or other sensitive area. You have not seen "dumb" until you have been in the military. LOL!

On the serious side, Google is not secure yet. At least not as secure as RIM.

 

[mwhartman]

This thread reminds me of the Navy. There I was in the middle of the Atlantic Ocean walking around the ship with a 45 cal pistol on what was called "Roving Patrol" to keep my shipmates from trying to "attack" the missile house or other sensitive area. You have not seen "dumb" until you have been in the military. LOL!

Ah the good old days! :biggrin:

 

[Jaxidian]

There are easy-to-implement hacks out there to pull the client-based security out of FroYo. All it takes is a custom email.apk which is very easy to obtain. It might also require root - I'm not sure.

 

[KZIWarrior]

This thread reminds me of the Navy. There I was in the middle of the Atlantic Ocean walking around the ship with a 45 cal pistol on what was called "Roving Patrol" to keep my shipmates from trying to "attack" the missile house or other sensitive area. You have not seen "dumb" until you have been in the military. LOL!

On the serious side, Google is not secure yet. At least not as secure as RIM.

:rofl3: sad but soooo true... though there is one example even worse... buddy of mine works for DHS... they strive to one day be only as 'dumb' as the military, they have a LONG way to go:icon_eek:

There are easy-to-implement hacks out there to pull the client-based security out of FroYo. All it takes is a custom email.apk which is very easy to obtain. It might also require root - I'm not sure.

Exactly, only one example of why so few corps allow Androids to connect. Though I'm glad they do I'm REALLY surprise my University does and I won't be surprised if/when they change it and block them. I think the only reasons they haven't is 1) they didn't have enough Android users and 2) I don't think they knew it wasn't (I was told it wasn't, but that proved to not be the case).