Beyond ActiveSync for mobile security

Technical Brief
Beyond ActiveSync
for mobile security
What ActiveSync can (and can’t) do
Microsoft ActiveSync was developed as a synchronization protocol for mobile devices to
connect to Exchange mail servers and is now available on almost all smartphone devices,
including iOS, Android, Symbian and others. Over time it has gained basic mobile device
security features and thus provides for a logical first step towards securing mobile devices
connecting to corporate networks.
The following table highlights how ActiveSync provides only basic features when compared
to a full-capability Enterprise Mobility Management suite.
Security Feature
ActiveSync
EMM
Authentication
Weak
(username/password only)
Strong
(client certified based)
Password rules (complexity,
length, expiration and more)
Data Wipe
Device compliance reports
Compliance actions
Block jailbroken / rooted devices
Device camera control
Available
Available
Available
Wifi control
Available – on/off only
App Management
Limited to blocking unsigned apps
Content Management*
Not available
Security Feature
ActiveSync
Full wipe only
Not available
Not available
Not available
Available –on/off only
EMM
Full & Enterprise Wipe
Available
Available
Available
Available – geo-fenced
/ time-fenced or app-controlled
Available – whitelist, blacklist, wifi
profile setup and more
App Store, App Policies and other
features
Available
*Refers to broad capabilities to sync enterprise documents with cloud storage and control access rights
Kony Technical Brief • Beyond ActiveSync for mobile security
As show above, ActiveSync provides the capability to identify and secure a device for email
transactions only. Any device can connect to the server as long as valid credentials are used,
whereas EMM products give administrators the ability to control which devices can connect and
fetch enterprise data. ActiveSync also lacks the ability to provide a dashboard view of enrolled
devices and their compliance status with the ability to take quick remedial actions.
The binary on/off modes for camera and wifi security make it an inflexible solution for BYOD
use cases. It is also restricted to a full device wipe, which deletes a user’s personal data and thus
renders ActiveSync unsuitable for a BYOD program.
Should you upgrade to an EMM solution?
ActiveSync can only secure email transactions with the Exchange server. If you wish to fully utilize
the capabilities of smartphones by pushing applications and content to users it’s important
to utilize a containerization approach to keep enterprise data secure and separate from user
content, especially in a BYOD environment.
EMM solutions offer administrators much greater control and insight over their mobile program:
• Quickly view enrollment, compliance and application deployment reports in a
dashboard view
• Take compliance actions on policy violations (e.g. attempting to launch camera
in restricted zone)
• Restrict jailbroken / rooted devices due to the higher risk of malware infection
• Securely deploy enterprise apps via Enterprise App Store and implement
fine-grained policies
• Enable secure sharing of enterprise content via integration to sharepoint /
dropbox / other providers
If you’re rolling out a BYOD program, or expanding your mobile program to offer more apps
/ content to users on their devices, consider upgrading to an EMM solution such as Kony’s
Enterprise Mobility Manager.
Page 2
Kony Technical Brief • Beyond ActiveSync for mobile security
About Kony, Inc.
Kony is the fastest growing cloud-based mobile application development platform
(MADP) in the industry with over 600 live multi-channel apps, serving over 20 million end
users across 45 countries, and generating over 1 billion sessions. The Kony Experience
Platform is an integrated software development lifecycle (SDLC) platform to define,
design, develop, test, deploy, and manage multi-channel applications from a single code
base. With Kony, you can deliver stunning user-first experiences, get to market faster, and
lower your application TCO. Kony also offers a suite of more than 33 ready-to-run B2E
and B2C apps that enable customers to quickly extend their business.
For more information, please visit www.kony.com and connect with Kony on Twitter,
Facebook, and LinkedIn.
© 2013 Kony Solutions, Inc. All rights reserved.
Page 3