Microsoft has released the Outlook applications for iOS and Android in January and they were soon labeled as a “ security nightmare ” when the IBM researcher Rene Winkelmeyer reported the discovery of several flaws in IT controls . He says the service break the safety rules of any company, for example, he saves the user credentials in the cloud service .
Some errors were discovered by Dirk Sigurdson , engineering director of Rapid 7′s Mobilisafe. According to the findings, the Active Exchange controls as well as password and encryption policies , made no effect on smartphones or tablets running Android or iOS.
User Comments also claim that even after uninstalling the application, does not delete the user credentials that were stored in the Microsoft cloud, which also synchronizes the details about users.
Microsoft promised to correct the flaws in your application. A company spokesman said the V3 site that the company is aware of the problems and is working to improve features of security applications and Outlook business management.
Our first release was focused on bringing to market a great user experience. Today, Outlook for iOS and Android support some IT controls as Remote Wipe.
It also ensures that features such as locking via PIN will be available in the coming weeks, plus additional features that support Exchange ActiveSync policies to be implemented over the coming months.
Until then, Dirk Sigurdson recommends that IT departments that use Active Exchange controls disable applications for now, despite assurances from Microsoft.
For Robert Miller, Senior Consultant Security MWR Infosecurity, failures show that companies should not judge the safety of products by design. He says you have to be more proactive in defense strategies and it is important for companies to “take the time to investigate the safety of products before using them.”
No comments:
Post a Comment