I work for a large consulting firm and my employer has decided that instead of empowering their employers they will handcuff them.
Specifically my employer has decided to limit its consultants to only access our email via internal access to an Exchange server, or external access via either Outlook Web Access (a web mail client for Exchange) or via our corporate Blackberry BES (Blackberry Enterprise Server). The later is only an option for connectivity if you are either senior enough and get a company issued Blackberry or have management sign off on allowing you access the company owned BES.
This means for the average consultant at my company we will no longer have easy access to their email outside of the office. Will this impact the rank and file’s ability to be responsive to both internal demands and our customers? In my ever so humble opinion, yes. Will this be noticed by the people who made this decision? Probably not because they are disconnected from the the people who actually generate revenue for our firm.
The sad part is that in the name of security they migh end up encouraging insecure practices. For instance some people might start using external email addresses for business purposes which exposes potentially sensitive corporate data to outside parties. This didn’t have to happen either it is entirely possible despite this statement “IMAPS - it turns out the “S” is pretty darned weak” [1] to allow for a publicly available email solution.
Sadder still is that unless this impacts someone senior enough, which it won’t because they all have company issued blackberries, it will happen no matter how much the rank and file might complain, which they won’t anyway.
[1] I asked for clarification on this statement on Tuesday and to date have not received a response.
“the ‘S’ is pretty darned weak” … what the hell? They have a problem with TLS-based security systems? I’m genuinely curious what answer they have for why IMAPS is an insecure protocol.
Since they have OWA enabled for Exchange, did they at least enable RPC-over-HTTPS, so that employees can use a full Outlook client from home?
I too was puzzled by the the statement about how weak ‘S’ is….as I said to date I haven’t hear any more info on it.
Yes OWA is enabled so one can use Outlook or Entourage outside of the office. Of course that is using the same ‘S’ that IMAPS would be using. And that is still restricting employees to only using clients that work with OWA, which limits the ability to use the IMAP client on most non-Windows Mobile Phones (or iPhones). Not very empowering for a mobile workforce.