4.3 Enabling a Device Password Security Policy

As an administrator, you can control several aspects of the behavior of mobile devices that connect to your Mobility system. By establishing a security policy for the passwords that users set on their mobile devices, you help prevent unauthorized access to your Mobility system from lost or misplaced devices.

  1. In the Mobility Admin console, click Service Configuration Service Configuration icon, then click Device to display the Device Sync Agent Configuration page.

  2. Select Enable in the Device Security Policy field.

    Device Security Policy options

    When you enable the security policy, users are informed of the specific security settings that are in effect when they create their mobile device accounts and set their device passwords. Users are prevented from configuring their mobile devices to connect to the Mobility system without following the security policy you establish.

    If a user’s device uses another locking method, like a lock pattern, that method is overridden by the Mobility system’s device password security policy when they attempt to connect for the first time.

    NOTE:When mobile devices connect for the first time to a system that has been updated from the Data Synchronizer Mobility Pack to GroupWise Mobility Service 2.0.x, some devices automatically switch from ActiveSync 2.5 to 12.1. When this occurs, some devices prompt users to accept a new “security policy,” which can sound like a substantial change. In reality, no substantial change is being made, and users should simply accept the “policy” when prompted.

  3. Set the security policy options as needed for the level of device password security that you want for your Mobility system:

    Both Letters and Numbers: By default, any combination of characters is permitted in device passwords. Enable this option to require device passwords that include at least one letter, one number, and one special character.

    Minimum Password Length: By default, the user can set a device password of any length. Enable this option to specify the minimum number of characters required in device passwords. The minimum value is 0; the maximum value is 18. If you specify 0, the security policy does not require the user to set a password on the device.

    Inactivity Time: By default, the mobile device does not lock itself in the absence of user activity. Enable this option to specify the number of minutes after which a mobile device locks itself when no user activity occurs.

    Reset Device after Failures: By default, an external Reset command must be sent to the mobile device in order to wipe personal data from it. Enable this option to specify the number of failed password attempts after which the mobile device automatically resets itself to factory default settings.

  4. Click Save to save the new setting(s).

  5. Restart the Mobility Service to put the new setting(s) into effect:

    rcgms restart