DroidForums.net is the original Verizon Android Forum! Registered Users do not see these ads. Please Register - It's Free!
Results 1 to 10 of 10

Thread: Exchange server permissions

  1. Droid
    preusstang's Avatar
    Member #
    191556
    Join Date
    Apr 2011
    Posts
    80
    Phone
    Droid X
    #1

    Exchange server permissions

    Ok, first off I searched for this in the tapatalk app and found nothing useful. I found an old discussion in a google help thread here but it proved un-useful:
    http://www.google.com/support/forum/...ba23dc49&hl=en

    Ive never been able to actually test the exchange client on android until the other day (usually the IT department allowed IMAP, but not at my new workplace.) The network dude set up something and gave me the domain and whatnot so I typed it in. I was greeted by a security permissions dialog that stated that the server REQUIRED the ability to remotely wipe my entire phone data without warning, along with requiring a password unlock and an automatic wipe if too many incorrect passwords were entered.

    Obviously I did not accept this. This is my phone - not the exchange servers. I researched this and some people reported not getting this message in other roms. Even so, is this "feature" still silently active? Can I get rid of it?
    Im sure the network guy will be glad to address my concerns, but I know he's a security nut..

    Anyone have any info on this?

    EDIT: sorry, im on LGB v0.6
    Last edited by preusstang; 07-03-2011 at 07:29 AM.
  2. Junior Droid
    Ivory Bill's Avatar
    Member #
    117084
    Join Date
    Sep 2010
    Posts
    10
    Phone
    Droid X
    #2
    The wipe policy is a function of the IT department, not of your phone's software. Your employer allows you to download their data (some or all of which may be proprietary) and you are allowing them to delete the data if they feel like it (say, once you no longer work there, or if the phone is reported lost or stolen.) Because once it has been downloaded, the data can be stored anywhere on your phone the company needs the ability to wipe all of the user storage on the device. We make a virtually identical deal with our users.

    I will emphasize that your email and anything else kept on the company's servers continues belong to the company once it is downloaded to your phone. Since those emails may contain trade secrets or confidential client/customer data, IT is nowhere near out of line in making that request.

    Your choice -- Get your work email on your phone or do not allow your employer to wipe your phone.

    I made nearly the same deal with my employer to get my email on my phone. I backed up all my .apk's before I agreed to the conditions and connected to the mail server.
  3. Droid
    preusstang's Avatar
    Member #
    191556
    Join Date
    Apr 2011
    Posts
    80
    Phone
    Droid X
    #3
    Thank you for the quick response. Does that mean there's no way to block that feature on my end? Like, are there any workarounds known? Like a patch
  4. Junior Droid
    Ivory Bill's Avatar
    Member #
    117084
    Join Date
    Sep 2010
    Posts
    10
    Phone
    Droid X
    #4
    This policy is controlled by IT. Any patch would be a violation of policy and a breach of your contract wtih your employer. I have seen people fired for less. Your employer is imposing a reasonable polcy to protect company and customer data. Most companies with knowledgeable IT departments have similar policies.

    Once again, (and I feel like Jiminy Cricket here) remember that company email belongs to the company. The ability to receive company email on your phone is a privelege which your employer extends to you. They can impose whatever condiditons they want to impose. Just be glad that they allow Android phones at all. Many companies are blackberry only.
    Last edited by Ivory Bill; 07-03-2011 at 04:03 PM.
  5. Senior Droid
    bkendrick's Avatar
    Member #
    167987
    Join Date
    Feb 2011
    Posts
    204
    Phone
    Enter Current Phone Model Here
    #5
    Should termination seem imminent just put your phone in airplane mode and delete the account. Remote wipe is a function of MS Exchange 2010 and is primarily reserved for stolen phones or issuing used phones to a new employee. However, if your boss is an a-hole then I would take precautions.

    DX. CFU. LIB GB.7
  6. Droid
    preusstang's Avatar
    Member #
    191556
    Join Date
    Apr 2011
    Posts
    80
    Phone
    Droid X
    #6
    Quote Originally Posted by bkendrick View Post
    Should termination seem imminent just put your phone in airplane mode and delete the account. Remote wipe is a function of MS Exchange 2010 and is primarily reserved for stolen phones or issuing used phones to a new employee. However, if your boss is an a-hole then I would take precautions.

    DX. CFU. LIB GB.7
    So they can't still wipe me after I remove the account? Cause I've seen some pretty shady stuff go on at this place; they locked one lady out of her vpn account and then fired her.

    Also, the "wipe" is just like a factory reset, correct? So, my SD card - with all of my subsequent backups - will remain unscathed?
  7. Senior Droid
    bkendrick's Avatar
    Member #
    167987
    Join Date
    Feb 2011
    Posts
    204
    Phone
    Enter Current Phone Model Here
    #7
    By removing the account you are deleting client/host credentials so there's no way a remote wipe can occur. I don't know what a remote entails.

    DX. CFU. LIB GB.7
  8. Droid
    preusstang's Avatar
    Member #
    191556
    Join Date
    Apr 2011
    Posts
    80
    Phone
    Droid X
    #8
    Just to let everyone know, I worked everything out with the networking guy, but its official, in exchange server 2007 and later admins have the ability to not only wipe ALL data on the device but also ALL data on external storage. Yeah, they can wipe your SD.
  9. Droid Newbie
    mikejad's Avatar
    Member #
    254752
    Join Date
    Mar 2012
    Posts
    1
    Phone
    HTC Inspire 4g / CM7
    #9
    Quote Originally Posted by Ivory Bill View Post
    The ability to receive company email on your phone is a privelege which your employer extends to you.
    That must be in the same privilege group of taking work home in the evening and working all weekend.

    Sorry to bump an old thread, but I just ran into this as well. Despite years of connecting iPhones, Androids, and even a co-workers WM7 phone to exchange, I just recently, after upgrading my phone, got the prompt that says I agree to give the exchange admins these rights over my phone.

    So my question is, while I got prompted and had to accept or reject the terms, what about all the people who didn't have to accept those terms when syncing the phone. Do the exchange admins have that right over there phones as well and they just don't know it?

    And secondary, what policy options are available for Exchange admins when setting this up? Is there anything less strict that they could use (such as giving them permission to wipe all exchange data, not the entire phone)?

    IT department says nothing has changed recently, especially not overnight the night I upgraded my phone, so it has me wondering if they're really concerned about this or if it was just something that was setup but not really enforced. I'm preparing to go make the case for looser restrictions (or a company provided phone) but I'd like to know what solutions I can provide rather than just saying "remove these restrictions, please"...

    Thanks in advance.
  10. Droid Newbie
    Quotas47's Avatar
    Member #
    290270
    Join Date
    Sep 2012
    Posts
    1
    Phone
    Droid Razr Maxx
    #10

    Permissions on Exchange

    The Permissions are what they are. It's one policy and in my opinion, all of them are required for data integrity.
    By the way, Simply removing the account in "airplane mode" might screw you over a bit.

    It doesn't just let them delete your data, but you agree to encrypt it. That means that the entire phone becomes essentially passworded. If you take the phone's memory card out and put it in another device, it would be unreadable.

    I enforce these policies at my place of employment. We offer options.
    We issue cell phones for people whose job requires it/supervisor requests it.
    We also offer to subsidize a small amount of an employee's cell phone bill every month, allowing them to use their personal phone.

    We stopped issuing Blackberries, though they still comprise 30% of our phone population. We largely issue iphones, with the occasional Android if requested.
    As you may or may not know, iPhones can't even be connected to a computer as easily as an Android, nor do they have a removeable memory card. When that data gets lost, it's LOST.

    Lots of our people have begun to use their personal phones with the subsidy, and I don't think they understand what they're doing when they accept the permissions on the phone.
    They just don't want to carry two phones around, but want to keep their personal phone.
    These people will be very disappointed when their personal phone is wiped when they lose it or leave the company.
    Tough ****.


    The best thing you can do is backups. Keep your phone synced with your Google account, and don't keep anything on your phone you can't afford to lose.
    You should be practicing these steps anyway, or you're just asking for trouble.

Links

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Similar Threads

  1. Rom w/Modded Exchange Permissions
    By deletion in forum Droid Incredible Roms
    Replies: 0
    Last Post: 04-08-2011, 12:15 PM
  2. exchange server issues fyi
    By dmacleo in forum Sourcery ROM
    Replies: 1
    Last Post: 01-20-2011, 09:06 PM
  3. MS Exchange Server
    By GaryK in forum Droid Incredible Tech Support
    Replies: 16
    Last Post: 01-12-2011, 07:20 PM
  4. How do you access an exchange server...
    By Matth3w in forum Motorola Droid
    Replies: 0
    Last Post: 01-28-2010, 05:19 PM
  5. No More Exchange Server
    By dieselpowered in forum Android General Discussions
    Replies: 4
    Last Post: 12-10-2009, 07:05 AM

Search tags for this page

android exchange permissions

,
android ms exchange permissions
,
exchange android permissions
,

exchange android security policy

,
exchange erase the phone?s data without warning by perform
,
exchange security policies android erase all data
,

exchange security policies erase all data

,
microsoft exchange android factory reset
,
microsoft exchange android permissions
,
microsoft exchange permissions android
Click on a term to search our site for related topics.
Find us on Google+