4.3 Enabling a Device Password Security Policy

As an administrator, you can control several aspects of the behavior of mobile devices that connect to your Mobility system. By establishing a security policy for the passwords that users set on their mobile devices, you help prevent unauthorized access to your Mobility system from lost or misplaced devices.

  1. In the Mobility Admin console, click Config, then click Device to display the Device Sync Agent Configuration page.

  2. Select Enable in the Device Security Policy field.

    When you enable the security policy, users are informed of the specific security settings that are in effect when they create their mobile device accounts and set their device passwords. Users are prevented from configuring their mobile devices to connect to the Mobility system without following the security policy you establish.

    If a user’s device uses another locking method, like a lock pattern, that method is overridden by the Mobility system’s device password security policy when they attempt to connect for the first time.

    NOTE:When mobile devices connect for the first time to a system that has been updated from the Data Synchronizer Mobility Pack to GroupWise Mobility Service 18, some devices automatically switch from ActiveSync 2.5 to 16. When this occurs, some devices prompt users to accept a new “security policy,” which can sound like a substantial change. In reality, no substantial change is being made, and users should simply accept the “policy” when prompted.

  3. Set the security policy options as needed for the level of device password security that you want for your Mobility system:

    Both Letters and Numbers: By default, any combination of characters is permitted in device passwords. Enable this option to require complex device passwords. Valid options for his settings are 1 (lowest complexity) - 4 (highest complexity). Devices behave differently to this setting depending on the type of OS.

    Minimum Password Length: By default, the user can set a device password of any length. Enable this option to specify the minimum number of characters required in device passwords. The minimum value is 0; the maximum value is 18. If you specify 0, the security policy does not require the user to set a password on the device.

    Inactivity Time: By default, the mobile device does not lock itself in the absence of user activity. Enable this option to specify the number of minutes after which a mobile device locks itself when no user activity occurs.

    Reset Device after Failures: By default, an external Reset command must be sent to the mobile device in order to wipe personal data from it. Enable this option to specify the number of failed password attempts after which the mobile device automatically resets itself to factory default settings.

  4. Click Save to save the new setting(s).

  5. Restart the Mobility Service:

    gms restart