More Information
I am a Manager at T-Mobile. When the Android G1 first launched my challenge was to find a program that would push/pull my Exchange email. There were many applications out there but none seemed to work for me. Once I found Touchdown, my troubles were solved. The support is excellent and the application has worked without error. If I had to recommend an Exchange application for your MyTouch or Android G1 – Touchdown by NitroDesk is your best bet.
— Philip Wilhelm
Security Overview
When TouchDown™ is configured in ActiveSync protocol, it supports enforcement of relevant Exchange ActiveSync policies.
Encrypted communications
NitroDesk Inc. recommend ensuring that your server is SSL-enabled, and not accessible through non-SSL connections. TouchDown™ utilizes HTTPS/SSL for communications with the server when the server is configured for SSL encryption. This ensures that your information cannot be compromised in transit between your device and the server.
PIN enforcement
TouchDown™ honors the PIN policy with the following additional controls that the administrator may set
- Require pasword
- Require alphanumeric passwords
- Minimum complex characters
- Enable password recovery
- Allow simple password
- Number of failed attempts allowed
- Minimum password length
- Password Timeout
- Password expiration
- Password History
Remote Wipe
TouchDown™ supports the remote wipe command which may be issued by an adminitrator or a user in the event that the device has been lost or stolen. This remote wipe process deletes all the corporate data held inside TouchDown as well as any attachments under its control.
Data Encryption
TouchDown™ honors the data encryption policy by encrypting the sensitive fields in emails, calendar and contact entries that are stored on the device. TouchDown™ employs 3DES encryption for sensitive data held on the device.
SD Card Encryption
Android does not support an encrypted file system on the SD card. If the server requests SD card encryption policy, TouchDown honors that by encrypting the attachments downloaded to SD card using 3DES encryption. If the removable card encryption policy is enforced, moving the SD card from one device to another renders the downloaded attachment files unreadable.
Email-Initiated Data Wipe (NEW)
TouchDown™ now includes the ability for the user to set a Remote Kill Code (press Remote kill button in the last tab of settings) as well as a notification SMS number. When an email is received (regardless of connection mode), if the subject contains TDKILL:<KILLCODE> (replace <KILLCODE> with the specified code), TouchDown will wipe its data and optionally send an SMS confirmation to the specified number.
This feature is for those users who either don't use ActiveSync, or does not have an administrator readily available to do a remote wipe. Simply sending an email to your account with a specially crafted subject from another account will cause the device to lose the Touchdown data. You can also get some assurance by specifying another phone number to send an SMS message confirming the wipe.
