Applies to: Exchange Server 2010 SP3, Exchange Server 2010 SP2

Topic Last Modified: 2010-01-25

When you allow mobile phones or other mobile devices to synchronize with your Exchange 2010 server, you allow sensitive corporate information to be stored on small, portable devices that can be easily lost or stolen. Before you deploy Exchange ActiveSync, we recommend that you familiarize yourself with the various security settings you can configure to keep your corporate information safe. You can configure an authentication method for Exchange ActiveSync, deploy Exchange ActiveSync mailbox policies, and use remote device wipe to remove personal and corporate data from a lost or stolen mobile phone.

Exchange ActiveSync Server Security

There are several security-related tasks you can perform on a server that's running Exchange ActiveSync. One of the most important tasks is to configure an authentication method. Exchange ActiveSync runs on a computer running Exchange 2010 that has the Client Access server role installed. This server role is installed with a default self-signed digital certificate. Although the self-signed certificate is supported for Exchange ActiveSync, it isn't the most secure method of authentication. For additional security, consider deploying a trusted certificate from a third-party commercial certification authority (CA) or a trusted Windows public key infrastructure (PKI) certification authority. For more information about how to configure a trusted digital certificate, see Configure SSL for Exchange ActiveSync.

Selecting an Authentication Method for Exchange ActiveSync

In addition to deploying a trusted digital certificate, you should consider the different authentication methods that are available for Exchange ActiveSync. By default, when the Client Access server role is installed, Exchange ActiveSync is configured to use Basic authentication with Secure Sockets Layer (SSL). To provide increased security, consider changing your authentication method to Digest authentication or Integrated Windows authentication.

Device Security

In addition to enhancing the security of the Exchange ActiveSync server, you should also consider enhancing the security of your users' mobile phones. There are several methods that you can use to enhance the security of mobile phones.

Exchange ActiveSync Mailbox Policies

Exchange ActiveSync for Exchange 2010 enables you to create Exchange ActiveSync mailbox policies to apply a common set of security settings to a collection of users. These settings include the following:

  • Requiring a password

  • Specifying the minimum password length

  • Requiring numbers or special characters in the password

  • Designating how long a mobile phone can be inactive before the user is required to re-enter the password

  • Specifying that the mobile phone or mobile device be wiped if an incorrect password is entered more than a specific number of times

For more information about Exchange ActiveSync mailbox policies, see Managing Exchange ActiveSync with Policies.

Remote Device Wipe

Mobile phones can store sensitive data that belongs to your organization and provide access to many of your organization's resources. If a mobile phone is lost or stolen, that data can be compromised. Remote device wipe is a feature that enables the Exchange server to set a mobile phone to delete all data the next time that the mobile phone connects to the Exchange server. A remote device wipe effectively removes all synchronized information and personal settings from a mobile phone. This can be useful when a mobile phone is lost, stolen, or otherwise compromised.

Warning:
After a remote device wipe has occurred, data recovery is very difficult. However, no data removal process leaves a mobile phone or other mobile device as free from residual data as it is when it's new. Recovery of data from a mobile phone or other mobile device may still be possible using sophisticated tools.

For more information about remote device wipe, see Understanding Remote Device Wipe.