It is now very common for employees to access corporate e-mail accounts via mobile devices, such as smartphones.
Administrators have the ability to ensure that mobile devices used to access corporate mailboxes adhere to minimum security standards. Amazon Web Services (AWS), like other platforms, allows administrators to create policies to manage mobile device security.
You are likely familiar with mobile device mailbox policies if you have managed Microsoft Exchange Server or Office 365 Exchange Online. Although the AWS mobile policies are similar to Microsoft’s ActiveSync policies (sometimes referred to as ActiveSync policies), they are much simpler than those used at Microsoft.
AWS mobile policies are simple to understand. There is one policy (which is known as the default policy) that serves all organizations. Exchange Server uses the default policy concept, but allows you to create additional policies that can then be applied to user mailboxes as needed. Although Microsoft’s approach gives you more control over policy enforcement, AWS allows for greater consistency as the same policy applies to everyone.
Log in to AWS console, then select WorkMail from the available services. Once you do this, you will be taken directly to the WorkMail Organizations List. Click on your organization as shown in Figure 1.
[Click on the image to see a larger version.] Figure 1: Click on the name of your organization. Click the Mobile Policies option on the left side to open WorkMail. Figure 2 shows how this looks.
[Click on the image to see a larger version.] Figure 2: Visit the Mobile Policies section. You can configure 10 different policy settings, as you can see from the above figure. The policy settings with a green checkmark icon next to them will be enabled. WorkMail is set up by default to require that mobile device passwords contain at least four characters. Simple passwords are permitted. The default policy settings allow users to attempt up to 10 unsuccessful login attempts. After 300 seconds (five minute) of inactivity, the screen will lock. These settings can be changed.
Click on the Edit button shown in Figure 2 to make changes to existing policy settings. After clicking on the Edit button, you will be taken directly to the Mobile Policies screen (see Figure 3 below).
[Click on the image to see a larger version.] Figure 3: AWS allows for individual policy settings to be set up. The Mobile Policy screen can be divided into two sections. The first section, called General, contains encryption-related settings. This section contains simple check boxes that enable or disable storage card encryption and device-level encryption.
The Password Settings section is the second section. You can toggle check boxes to enable or disable two of the policy settings in this section. These settings include Password Requirement and Allow Simple Password.
You can enable or disable the remaining policy settings by using check boxes. However, they also require a value. You can enable the Minimum Password length setting by using the check box. However, AWS will need to know what the minimum password length should be. AWS provides some default values you can use, but you can also define your own.
These policy settings are: Minimum Password Length; Require AlphanumericPassword; Number of Failed Attempts Allowed; Password Expiration; Enable S