This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Users logging into company email on personal devices

This seems like a very common situation but I’m struggling with the what the actual risks are. We use Microsoft Exchange for our email. We have users who have their own devices such as PCs, Android phones, iOS devices, etc. I have no control over these devices. If a user logs into their email on a compromised device, what are the risks to my Exchange environment? Can that user’s credentials be exposed? Can a Spear Phishing campaign be launched using our Exchange Address Book?

I’m trying to avoid putting any MDM on a BYOD. Saying to someone who works here, “Hey, gimme your phone so I can install some software on it,” isn’t going to go over well. Also, I have no control where or what someone might use to check their emails.  

I trying to find the balance between productivity and security, but I feel I don’t have all the information I need to make good decisions.

Any input or advice is welcome.

Thanks!

Dane



This thread was automatically locked due to age.
Parents
  • Hello Dane,

    are you asking because you are using a Sophos firewall and/or WAF-proxy? Or just as a general question how to solve this?

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

Reply
  • Hello Dane,

    are you asking because you are using a Sophos firewall and/or WAF-proxy? Or just as a general question how to solve this?

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

Children