Aquamail bypasses PIN/wipe security policy?

[Friedrich_NL]

Hi, like the app a lot.

A bit concerned though about phone security. When I've tried other mail apps the Exchange Server imposes the dreaded PIN+wipe, not so Aquamail.

Searched the web for answers on wether ActiveSync is different than Exchange Web Services (that AquaMail uses) in this respect, no luck.

E.g. tried MailWise - PIN is enforced on my current Exchange server, but not on my former employer's. Here it seems the former has a security hole.
Using AquaMail on my current server, no security is enforced (and of course not on the old one either).

Hope to hear from you soon.

/ Friedrich

[Kostya Vasilyev]

It's true.

I never bother to implement this, since most users find this annoying.

Still, I don't understand what sort of "security hole" you're talking about.

You're describing this from the employee's point of view, not the employer, right?

If you wish to use a more secure device unlock method -- there is nothing preventing you from doing so.

If you wish to use storage encryption -- there is nothing preventing you from doing so.

If you wish to use Aqua's own PIN lock feature -- there is nothing preventing you from doing so.

[Friedrich_NL]

OK, so you (the developer) can opt out of implementing these security features. I thought they were imposed from the Exchange Server.

That means you're not bypassing, just not implementing. So, I'll ask my current employer if this is OK.

As for the 'security hole', I mean my former employer didn't even force security settings in the first place. They have no written instruction to do this manually either.

So, depending on my employer's security policy I'll keep or uninstall Aquamail.

Great work!

/ Friedrich

[Kostya Vasilyev]

Yes, ultimately this comes down to corporate security policies.

And from my side -- on whether I'd want to get Aqua officially "Certified for Exchange", which I don't, for various reasons.