1. oysteinhermansen's Avatar
    This is about encryption of the local mail store on a WP 7.5 device. I know that WP does not yet provide local device encryption, but someone claimed today that the local mail (Exchange-ActiveSync) is encrypted.

    Can someone verify or deny this ? Maybe with a link to techinical documentation as well. I have searched at Microsoft, but I do not find anything about it.

    So the questions are:
    1) Is local mail (and attachements) encrypted in any way on a WP 7.5 device ?
    2) Is local "Exchange mail" (and attechments) encrypted in any way on a WP 7.5 device ?

    These are 2 seperate questions because Microsoft may threat them diffenrently.

    Thanks (and hoping for a quick reply)
    /Oystein
    02-27-2012 08:52 AM
  2. paulm187's Avatar
    As you already know Windows Phone 7 does not suppiort device encryption. The following article shows the Exchange policies which are supported by WP7. Notice, no require encryption policy.

    Understanding Exchange ActiveSync Mailbox Policies: Exchange 2010 Help

    PasswordRequired

    MinPasswordLength

    IdleTimeoutFrequencyValue

    DeviceWipeThreshold

    AllowSimplePassword

    PasswordExpiration

    PasswordHistory

    DisableRemovableStorage

    DisableIrDA

    DisableDesktopSync

    BlockRemoteDesktop

    BlockInternetSharing

    The Android devices prior to Honeycomb 3.0 (which was only available on tablets) didn't support device encryption either. Only now phones with ICS Android 4.0 supports device encryption. With Android however the solution is to use a 3rd party app like Touchdown which has its own Active-Sync implementation (bypassing built-in) and stored the data in its own encrypted database. As far as I know there isn't an alternative 3rd party Active-Sync client for Windows Phone perhaps due to API's not being available. I still dont know if Microsoft made available the API's to the PIM.

    If its any consolation Windows Phone does not support a file system, removable storage (some phones sort of do) or present itself as an external storage device. So it is not possible to steal data without perhaps jail-breaking the phone and side-loading tools etc.

    As long as the screen lock policy is enforced and the phone is not jail-broken it is safe for normal usage. However even though I'm a fan of WP7 I can't recommend it for sensitive corporate use especially government & financial sectors. The best devices for these environments are still Blackberries and BES.

    As for Active-Sync even though it pains me to say it - the iPhone has the best implementation at the moment including full device encryption. But rejoice! the silver lining is that Windows Phone 8 which is to be released later in the year is a different ball game and will support on-device encryption as well as many other features such as native code etc.
    02-27-2012 09:42 AM
  3. paulm187's Avatar
    As I finished typing this someone posts this lol. Looks like we may have a solution for encrypted e-mails.

    http://forums.windowscentral.com/win...ion/187715.htm
    02-27-2012 09:48 AM
LINK TO POST COPIED TO CLIPBOARD