The recent revelation that Apple's iPhone OS had been falsely reporting to Exchange servers that iPhones and iPod Touches provided on-device encryption when in fact they did not has raised several questions regarding mobile device support for EAS (Exchange ActiveSync) policies -- vital safeguards many businesses employ to secure access to corporate information, whether to meet specific regulations or as a matter of general security prudence.
As it turns out, information on EAS policy support among mobile devices is not easy to come by. Also not easy is ascertaining what exactly will happen when an Exchange server is configured to use a policy that any given mobile device may or may not support.
[ The InfoWorld Test Center evaluates just what Apple's iPhone Configuration Tool can manage. | Read the "7 myths about iPhone Exchange policies" that users often believe. ]
Here's what IT can do to ensure the EAS policy compliance of users' mobile devices.
What EAS policies the devices really do support
Exchange ActiveSync 2007 supports 29 access and security policies that IT can enable. (To get the details on the policies and their values, check out Microsoft's documentation for Exchange Server 2007 policies.)
Just a handful of mobile devices support at least some EAS policies: Apple's iPhone; smartphones using Microsoft's Windows Mobile OS; Nokia's E and N series, as well as the S60 through a download; and Palm's WebOS, along with its defunct Palm OS.
Windows Mobile 6.1 supports all 29 policies, though an Exchange enterprise license is needed for 14 of them. Apple and Nokia did not respond to InfoWorld's request to list specifically what EAS policies their devices support; a Palm spokeswoman was unable to find the information even after several days. (Update: I finally got an answer from Palm eight weeks later, confirming the information below.) All three companies have published limited information on their Web sites:
