Overcoming ActiveSync security hurdles

ActiveSync is used to synchronize data with handheld devices and desktop computers.

ActiveSync is used to synchronize data with handheld devices and desktop computers. As a commonly used tool that positively impacts business efficiency and remote workforces, it is important to understand ActiveSync security vulnerabilities in order to proactively address them.

ActiveSync security risks

Passwords used to access email are often a weak link in security enforcement leaving systems wide open to attack from anywhere on the Internet, and allowing unauthorized access to sensitive communications and data. Often companies choose to leverage an additional layer of authentication that requires the possession of a certificate on a user's device to ensure that compromised passwords cannot be used to gain access to email or connected services.

How can CSS help ensure the security of ActiveSync?

  • Deliver non-exportable certificates directly to Windows, Windows phone, iOS, Mac, Android and Linux platforms
  • Issue tailored certificates for unique access to ActiveSync and related services
  • Enable user self-service for requesting and installing certificates
  • Deliver certificates with on-device key generation (ODKG) and support non-repudiation for users authenticated into line-of-business applications
  • Centrally monitor and report on PKI operations across multiple vendors and operating systems, including impending client certificate expiration
  • Implement demonstrable and fully auditable security operations

How PKI and digital certificates improve ActiveSync security

  • ActiveSync supports authentication via a user's x.509 certificate
  • PKI is a high assurance proven technology for digital certificates
  • A well-managed PKI can issue, deliver, revoke, track and update certificates on an as needed basis

Learn more ways to boost the security stance of your ActiveSync.