ZCS Administration Guide Network Edition 6.0.6 March 2010
Table of Contents Previous Next Index


Zimbra Mobile : Setting up Mobile Device Security Policies

Setting up Mobile Device Security Policies
The administrator can configure mobile security policies that enforce security rules on compliant mobile devices that sync with ZCS accounts. You can enforce general security policies including password rules and set up local wipe capability on compliant devices.
Note: Only WM6 devices and IPhones support security policies set by the server. Older devices do not respond to security policies.
Setting up a mobile policy can be either by COS or for an individual account and is configured from the administration console.
After the mobile policy is set up, the next time a mobile device sends a request to the server, mobile devices that are capable of enforcing security policies automatically set up the rules and immediately enforces them.
This typically means that if a Personal Identification Number (PIN) has not been set up on the device or the PIN is not as strong as required by the mobile policy you set up, the user is required to fix the PIN before they can sync with the server. Once the server confirms that the policy is enforced on the mobile device, the device can sync.
If a mobile device is lost or stolen the device is protected by the following policy rules:
When the Idle Time before device is locked is configured, after the number of minutes configured, the device is locked. To unlock the device, users must enter their PIN.
When the Number of consecutive incorrect PIN inputs before device is wiped is configured, after the PIN is entered incorrectly more than the specified number of times, a locally (generated by the device) initiated wipe of the device is performed. This erases all data on the device.
In addition to the rules, Remote Wipe can be used to erase all data on lost or stolen devices. See the Users’ Mobile Device Self Care Features section.
Setting Mobile Device Policies Attributes
The following attributes can be configured to establish rules for PIN and device lockout and local wipe initiation rules.
.
Allow partial policy enforcement on device
Devices that are capable of enforcing only parts of the mobile security policy can still be used. For example, the policy requires an alphanumeric PIN, but a device that only supports numbered PIN could still be used.
Force the user to create a personal identification number on the mobile device.
Require alpha-numeric password for device
Require that the password include both numeric and alpha characters.
Number of consecutive incorrect PIN input before device is wiped
The number of failed login attempts to the device before the device automatically initiates a local wipe. The device does not need to contact the server for this to happen.
How long the device remains active when not in use before the device is locked. To unlock the device, users must enter their PIN.
Users’ Mobile Device Self Care Features
The Zimbra Web Client Preference> Mobile Devices folder lists users mobile devices that have synced with ZWC. Users can directly manage the following device functions from here:
Perform a remote wipe of a device. If a mobile device is lost, stolen, or no longer being used, users can initiate a remote wipe from their ZWC account to erase all data from the mobile device. A user selects the device to wipe and clicks Wipe Device. The next time the device requests to synchronize to the server, the wipe command is initiated. The device is returned to its original factory settings. Once the wipe is complete, the status of the device in the Preference> Mobile Devices folder shows as wipe completed.
Users can cancel a device wipe any time before the device connects with the server.
Delete a device that from the list. If a device is deleted from the list and attempts to sync after that, the server forces the device to re-fetch the policy on the next sync of the device.
Note: This list can include devices that do not have the ability to support the mobile policy rules. Wiping a device does not work.

Zimbra Mobile : Setting up Mobile Device Security Policies

Table of Contents Previous Next Index
ZCS Administration Guide Network Edition 6.0.6 March 2010
Copyright © 2010 Zimbra Inc.