New work IT system help/question?

[Andy_con]

my work has decided to spend loads of money and upgrade its old and dated system.

previously although the system was old and slow things worked without a problem, work used a MS exchange server for emails. but not a problem i set it up correct on my phone and could sync all my work emails to my own phone.

now they have upgraded everything to windows 2010 and when i tried to sync my phone yesterday it came up with my phone has been quarantined and wont sync until its been given authorisation etc...

work are now saying they dont want people to sync personal mobiles with the system which is a tad gay!

is there a way round this or am i buggered?

 

[bmh.01]

Buggered, and a logical policy from an admin point of view i'm afraid.

 

[Andy_con]

Why? If work give me a shitty blackberry its fine but you can't use your own?



Totally pointless

 

[bmh.01]

What if you configure it incorrectly and cause system issues?
What if you loose it? (potential loose of business data)

They are just two points, the list goes on.

 

[Adam.]

Depends how they have the cals set up on the new server too.

If they say no then chances are it ain't gonna happen.

 

[Andy_con]

Configure incorrectly and it won't sync



loose s work phone or my own phone there is z risk of data loss

 

[Adam.]

Bullshit with data loss. Just perform a remote device wipe.

 

[Andy_con]

Agreed.



I'm guessing there's no way of setting it up on my phone as pop3

 

[Adam.]

Worth trying it but chances are that kind of thing won't be enabled.

 

[Andy_con]

Do i use the same settings as the exchange server?

 

[Adam.]

Yes. The ports may be different or not even open though.

 

[Cookie]

WTH is Windows 2010?

 

[Adam.]

WTH is Windows 2010?

Server 2008 with Exchange 2010 OBV.

BTW I had a problem with a web appliance today...I looked at it and though...what would Cookie do...so I restarted it and hey presto...it was back up and running in minutes.

Cheers!!!

 

[AK]

...I looked at it and though...what would Cookie do...

go for lunch?

 

[ChrisR]

Argh it's lose not loose!

It's becoming a bit of an archaic policy now to only allow work provided and fully managed devices to access your personal data such as email and diary.

But if that's the way it is then not much you can do, ask them for the reasons behind it though to see what it is they don't want/like about people using their own.

Blackberrys are historically liked for this kind of thing as they can be fully managed and provide decent enough logging for stuff, also depends what industry and if there are any regulatory requirements.

 

[dk]

We've just have ms active sync taken off us, not secure enough apparently (which isn't actually correct if you do it properly) but they also didn't want to be hit with having to remote wipe people's devices and then them complain if it was done in error etc.

And as we are going for ISO 27001 (I think that's the one) we need to have secure email, so we have now used a system called Good, it uses a kind of proxy server, just like a bb server I guess, then we have an app on our phone, which I requires a key to have it installed etc. then whenever we want to check mail we have to use this app and enter a password. It's a pita tbh, it's all encrypted, but it's not as fast as the native apple app, and it downloads all the messages since you last sync and then deletes the ones you're already deleted on another device, rather than just downloading the ones you need.

Also, no sync with calendar for iPhone, you have to use the calendar in the app which is another pain as I was sed to having a single calendar. It was so bad, when I had a meeting reminder it would just come up as a Good reminder, no details of what it is or location, you had to log into the app to find out, pants. But last week they sorted this with a patch and you can now see the subject and location.

Still hate the app, takes so much longer to do things, but it's just one of those things, IT people are generally controlling b******s who like to control everything you do, monitoring your web access etc. even on my blackberry my web on that actually goes through ,y corporate IT proxy and filters. Which is a pain if I'm onsite and need to access a forum, blocked. They've even blocked the app world app. More recently theyve put a web proxy in that even if you have a laptop (like I do as an engineer) and are not even on the corporate lan and are at home, you still have to go through their proxy. So I just dont log onto the domain anymore to get their policies, if I need the intranet I just Citrix or TS in, problem solved. I hate people making it harder for me to work though, it's pointless, the more access you give people, the more likely they are to carry on working at home etc, answering emails at night. Luckly, I'm a domain admin as I also work on the internal systems, so I can normally get around most things, active sync though, no, I have to use Good (oh, the irony of it being called good too!)

 

[iain187]

we have iso 27001 and it's funny to see peoples comments on what you are allowed, whats considered a bit old hat etc... we have nothing!! only senior managers get company issued blackberrys, you dont get emails on anything else and that's final

our encrypted emails go via this firm: https://www.cjsm.net/ it works pretty well.

 

[Andy_con]

so much for companies moving with the times...

in reality you cant do any damage to an IT system from syncing emails, its just ghay

 

[ChrisR]

Ahh ISO27001, so much fun

 

[Cookie]

IT people are generally controlling b******s who like to control everything you do, monitoring your web access etc. even on my blackberry my web on that actually goes through ,y corporate IT proxy and filters

Hi! We have our browsing locked down tighter than a nuns chuff, even on people's home PC's if they're VPN'd in. Users (for the most part) are not to be trusted. Technical users even more so.

 

[dk]

so much for companies moving with the times...

in reality you cant do any damage to an IT system from syncing emails, its just ghay

synced email, not encrypted, person goes on the piss and leaves phone on the train, on the table, person picks it up and can get very important emails, contacts, appointments etc.

also if the user has a vpn set on the phone, etc.

it can be just as bad as leaving a laptop on the train these days.........

 

[dk]

Hi! We have our browsing locked down tighter than a nuns chuff, even on people's home PC's if they're VPN'd in. Users (for the most part) are not to be trusted. Technical users even more so.

i get my own back, i control the storage as i'm the only one who knows SANs, so when they ask for more storage I get them to put a business case to me as to why lol

 

[Cookie]

i get my own back, i control the storage as i'm the only one who knows SANs, so when they ask for more storage I get them to put a business case to me as to why lol

The storage guy here gets blamed for EVERYTHING.

 

[BatFastard]

I am chuffed I don't sync my e-mails with my phone (although I could) I probably get about 10 mails every hour.

 

[Cookie]

I am chuffed I don't sync my e-mails with my phone (although I could) I probably get about 10 mails every hour.

Is that it? I'd love to only get 10 an hour

 

[NFox]

Do you have the ability to set rules still? If so you could always just open a gmail account and set a rule that all inbound mail to your work account is forwarded to you gmail account which you can access on your phone. Obviously in terms of replying its no use but might be of use if your just wanting to keep an eye on emails in?

 

[koi]

Do you have the ability to set rules still? If so you could always just open a gmail account and set a rule that all inbound mail to your work account is forwarded to you gmail account which you can access on your phone. Obviously in terms of replying its no use but might be of use if your just wanting to keep an eye on emails in?

Beware, might be against policy to forward emails outside of your companies network

 

[richy22]

We are having a "panic" moment at work here at the minute.

Working on a project and our boss is afraid the Chinese will hide capture software etc in facebook etc to steal our ideas.

So they are making a "double green side" server which has no access to the outside world. The thing is they have moved all our component database that we use for PCB design onto this "protected network" but there are a few people who dont need to be on that protected side as they are not on that project. That means that we have no transparency between what people add/edit with components between those two "protected and un-protected" servers. FML its already a mission making sure we use the same components for things.

Also the CAD software we use il be the one looking after updates on it...the ONLY way to get updates to the people on the protected side is to update the software (Altium) from within itself via the web...there is no other way now as they (Altium) are trying to clamp down on pirates. Im tempted to go back to our old version (last years release) of it as you can run numerous people off one license and it doesn't detect it.

In practice its a good idea but our system here is shiiiitttt and is hacked together. I foresee lots of headache

 

[BatFastard]

Is that it? I'd love to only get 10 an hour

This is out of work time - in work is much more

 

[sn00p]

We are having a "panic" moment at work here at the minute.

Working on a project and our boss is afraid the Chinese will hide capture software etc in facebook etc to steal our ideas.

So they are making a "double green side" server which has no access to the outside world. The thing is they have moved all our component database that we use for PCB design onto this "protected network" but there are a few people who dont need to be on that protected side as they are not on that project. That means that we have no transparency between what people add/edit with components between those two "protected and un-protected" servers. FML its already a mission making sure we use the same components for things.

Also the CAD software we use il be the one looking after updates on it...the ONLY way to get updates to the people on the protected side is to update the software (Altium) from within itself via the web...there is no other way now as they (Altium) are trying to clamp down on pirates. Im tempted to go back to our old version (last years release) of it as you can run numerous people off one license and it doesn't detect it.

In practice its a good idea but our system here is shiiiitttt and is hacked together. I foresee lots of headache

Sounds a bit excessive (paranoid).

If china want to make a copy, they'll be on shelves almost as quickly as you can get the real product there.

Go ask segger.

 

[dk]

The storage guy here gets blamed for EVERYTHING.

Lol, they always try and blame the storage for any issues they experience, it's never the storage!

 

[iain187]

Beware, might be against policy to forward emails outside of your companies network

It is here. Plus if you have any image except the company logo you will get your emails blocked by the filter and we wouldn't release to a hotmail/Gmail etc

 

[cava83]

i get my own back, i control the storage as i'm the only one who knows SANs, so when they ask for more storage I get them to put a business case to me as to why lol

What happens if something god forbid happens to you, is your business screwed as you're the only one who has access?!

We control web filtering and emails, quite strict, only because people take the piss.

 

[cava83]

Do you have the ability to set rules still? If so you could always just open a gmail account and set a rule that all inbound mail to your work account is forwarded to you gmail account which you can access on your phone. Obviously in terms of replying its no use but might be of use if your just wanting to keep an eye on emails in?

Why, why would you want to do that for work stuff. You must be a right pain in the ass at work

 

[dk]

What happens if something god forbid happens to you, is your business screwed as you're the only one who has access?!

We control web filtering and emails, quite strict, only because people take the piss.

Im actually slowly letting control go, I let the noc do most things now, I havent got time for the internal stuff, but I still have all the access, but I'd rather not have to worry about it. The noc guys just mess around and work it out, I just close my eyes and hope they don't mess it up too much

 

[richy22]

Sounds a bit excessive (paranoid).

If china want to make a copy, they'll be on shelves almost as quickly as you can get the real product there.

Go ask segger.

Segger? Ie jtag ?

Who ripped them then? Yes its extremely paranoid IMO.

I'm now trying to work out how to control all my PCs and monitors with one keyboard.

 

[Cookie]

I'm now trying to work out how to control all my PCs and monitors with one keyboard.

KVM?

 

[richy22]

Not as easy as that...I posted a thread a few below this one.

 

[sn00p]

Segger? Ie jtag ?

Who ripped them then? Yes its extremely paranoid IMO.

Yes, the jtag people. When you go to download the the latest firmware there's a button which says something like "I don't want to enter my serial number", this then takes you to a page which says don't download if your device looks like "pictures of a crap load of clones"!

The chinese ripped them. They figured out how to make clones and started making them by the bucketload.

 

[dave_rudabar]

Company pays you to do work for them, company gets to decide how they want you to connect to THEIR infrastructure.
I have an encrypted laptop which is supposed to be put away each night whilst in the office. THAT's silly!