Here's the best work around if your company won't enable activesync ...

Discussion in 'iPhone' started by spamdumpster, Aug 7, 2008.

  1. spamdumpster macrumors 6502a

    Joined:
    Jan 22, 2008
    #1
    *** Based on the feedback I've received (see below), most people think that this is a bad idea because it potentially compromises email security. Continue at your peril ....

    If your using outlook/exchange, but your company won't enable activesync, here's the best workaround. It requires an application (Mailshadow for Google Apps, free to try $30 for a one year license) and the free www.nuevasync.com. Both are beta, so use at your own risk.

    FYI - I have no affiliation at all with either company. I'm a lawyer at a firm in Boston. AFAIK, my law firm has no connection with these companies either.

    STEPS:
    1. On your work computer, download Mailshadow for Google Apps from Cemephore (http://www.cemaphore.com/mailshadow_g.php). It's 60 days to try and $30 for a one year license. Once configured, it keeps your outlook calendar, contacts, email, and email folders completely synced with a gmail account. It doesn't work completely as advertised, but it's supposed to sync emails, read/unread marks, foldering, deletions, etc.

    2. Sign up for an account at nuevasync.com and set it up to push your gmail contacts and calendar. Then set up nuevasync as an exchange account on your iphone -- calendar and contacts from outlook should now push to your iphone.

    3. Set up your work account as an imap on your iphone. Use gmail for the incoming imap server, and use an outgoing smtp server that allows you to send from your work address. I use comcast as Gmail does not really allow this. Set this to fetch every 15 minutes, or jailbreak and set it to fetch more frequently. [Nuevasync's website says there going to add imap email support soon, which would make this a true push solution]. Also set up your iphone to bcc you when you send an email and then set up an outlook rule to move emails from you to the sent email folder.

    TIPS:

    1. I recommend setting up a virgin gmail account for this solely to be used for your work account.

    2. Mailshadow runs in the background, so it requires you to have outlook running at all times. I borrowed a switch and an old pc from the IT folks, and have the pc under my desk, running outlook 24/7. I access the pc via windows RDC. Mailshadow was causing outlook to crash every so often, but I disabled all of the add-ins that my company installs in outlook and now it works much better. I also set the computer to reboot every morning at 1 am, and I use TweakUI (free from microsoft) to automatically log me in. I also downloaded the freeware windaeomon (http://www.webexcavator.com/WindowsDaemon.php), which monitors outlook and restarts it if it crashes.

    3. Mailshadow gives you the option to set how many days of your emails are synced to the gmail account. I would start out small and test it out. I have it set to do only 3 days and it works pretty well. I have no idea how it would work if you tried 30 days or longer.

    MY RESULTS:
    Contacts & Calendar. With a few bugs, my contacts and calendar get pushed from outlook/exchange to my iphone and from my iphone to my outlook/exchange almost instantly. I've had a few issues with duplicated events, but it works pretty well. There have been times when nuevasync was down, so calendar and contacts pushed from outlook to gmail, but not to the iphone. Also gmail had some issues yesterday that caused some delays. But nothing major.

    Email. Works ok. Most of the deletes and foldering from my iphone are synced back to outlook/exchange. Some don't. Folder and deletes from outlook aren't always synced back to gmail.

    Mailshadow creates labels in gmail to match your outlook folders, but be careful with this. Deleting a label in gmail simply removes the label, but deleting a fodler in outlook deletes the folder and all of the emails in it. I;ve had some issues with changing the name of a folder in outlook and then having both the old and new folder show up in gmail.

    WARNINGS:
    1. This is probably against your company's policies and could get you in trouble/fired. If they disable activesync, it's probably for a reason (maybe not a good one, but a reason). I ran this by my local IT approval to let them know what I was doing. You may want to do the same if you think they'll be cool with it.

    2. Backup your outlook pst file first, in case something goes horribly wrong.

    3. It's not foolproof, so if you really rely on emails, make sure you have a backup plan. I have two: first, I keep my old blackberry in my bag, in case I need it. Second, I set up a server side rule in outlook that forwards my mail to a yahoo account. I keep this account turned off on my iphone, but it's there if I need it.

    Post any questions -- I've been tweaking this setup since I came across Mailshadow on Saturday night.
     
  2. chadamorrill macrumors 6502

    Joined:
    Sep 13, 2007
    Location:
    Orlando, FL
    #2

    You, sir, are an IT department's nightmare.... No offense :)
     
  3. spamdumpster thread starter macrumors 6502a

    Joined:
    Jan 22, 2008
    #3
    I know. They call me the "Fiddler." On the other hand, they're perpetually understaffed, and, when I have the time, I help out imagining pcs and laptops, setting up blackberrys, etc.

    In any event, not only does my solution work, it doesn't require any server-side rules (I have one set up, but you don't need it). Because there's nothing happening in the server side, there's less of a chance of bringing down the exchange server.
     
  4. Ninja Guidan macrumors regular

    Joined:
    Sep 30, 2005
    #4
    I'm reporting you to management and HR. Dang hackers...
     
  5. kg9ov macrumors member

    Joined:
    Feb 12, 2005
    Location:
    In front of a computer...
    #5
    Wow... most people wouldn't make it past step one and already be fired. Two violations of (most) company policies right there. Installing unapproved third party software and forwarding company email to an external email account.

    -Tony
     
  6. spamdumpster thread starter macrumors 6502a

    Joined:
    Jan 22, 2008
    #6
    Yeah, as I said, I ran this by my local IT department, but your mileage may vary.
     
  7. Sky Blue Guest

    Sky Blue

    Joined:
    Jan 8, 2005
    #7
    As already stated by others, forwarding your work email to an external account should be blocked by your IT dept, if not you should definitely not set it up yourself.
     
  8. spamdumpster thread starter macrumors 6502a

    Joined:
    Jan 22, 2008
    #8
    It was stated by me, too. I'd like this thread to focus on the solution, not the problems, ok?
     
  9. AM0801 macrumors newbie

    Joined:
    Aug 5, 2008
    #9
    I don't know what type of law you practice, but that definitely sound scary that you are forwarding work emails (with potentially privileged info) to a gmail account. My firm would not look kindly on that. I would be careful if I were you!
     
  10. spamdumpster thread starter macrumors 6502a

    Joined:
    Jan 22, 2008
    #10
    I give up.
     
  11. Geckotek macrumors G3

    Geckotek

    Joined:
    Jul 22, 2008
    Location:
    NYC
    #11
    I wonder if someday we'll see spamdumpster in the headlines......

    "Companies are seeking to avoid becoming the latest example of compromised security. Earlier this year, a laptop computer containing the names and Social Security numbers of 16,500 current and former MCI Inc. employees was stolen from the car of an MCI financial analyst in Colorado. In another case, a former Morgan Stanley employee sold a used BlackBerry on the online auction site eBay with confidential information still stored on the device. And in yet another incident, personal information for 665 defendants of a law firm in Boston was recently stolen along with an iPhone belonging to a FORMER lawyer that goes by the pseudonym spamdumpster. We understand that spamdumpster was recently disbarred for the incident as he purposefully circumvented his companies IT system to get the data onto the unsecured iPhone."


    I hope you at least have a password on your phone....not that it will keep everyone out......
     
  12. spamdumpster thread starter macrumors 6502a

    Joined:
    Jan 22, 2008
    #12
    In light of the reaction to my post, I've added a disclaimer:

    *** Based on the feedback I've received (see below), most people think that this is a bad idea because it potentially compromises email security. Continue at your peril ....

    In my case, I've run everything by my IT Department, so I'm not circumventing my company's IT system. And, of course, the device is password protected. But I get the point.
     
  13. markgamber macrumors 6502

    Joined:
    Jul 2, 2005
    Location:
    Redneck, PA
    #13
    LOL...well, that's what you get when you post on scaredlittlegirls.com. :-D Whatever works, I say. I've set up stuff like that before simply because, if there was an IT department at all, they had no idea how to do anything better.
     
  14. Geckotek macrumors G3

    Geckotek

    Joined:
    Jul 22, 2008
    Location:
    NYC
    #14
    I didn't say you circumvented the staff or you didn't get permission (from people who are obviously not concerned about information security.) But you did circumvent the systems.....just with implied permission.

    Glad you got the point. I'd hate to think that if I was in the middle of a lawsuit where I perferred the details not be leaked, that a lawyer in the firm I hired had details of that lawsuit on his unencrypted iPhone.
     
  15. Geckotek macrumors G3

    Geckotek

    Joined:
    Jul 22, 2008
    Location:
    NYC
    #15
    Wake up to the 21st century bud....information is valueable and there are people out there doing whatever they can to get it. Doing whatever works without concern for security is just asking to get burned.
     
  16. sushi Moderator emeritus

    sushi

    Joined:
    Jul 19, 2002
    Location:
    キャンプスワ&#
    #16
    Agree.

    If I were using company X for my representation, and found out this was happening, I would probably move my represention elsewhere.

    This does not bode well for the company IMHO.
     
  17. cmschmidt macrumors 6502

    Joined:
    Jun 15, 2007
    #17
    Why is everybody being such a douche? He's offering a solution to a problem people are having. He has a disclaimer and obviously understands that this may not be a solution that works for everybody.

    If it does work for you, great. If it doesn't, move along... :cool:
     
  18. FoxyKaye macrumors 68000

    FoxyKaye

    Joined:
    Jan 23, 2004
    Location:
    San Francisco, Terre d'Ange, Bas Lag, Gallifrey
    #18
    +1
     
  19. sushi Moderator emeritus

    sushi

    Joined:
    Jul 19, 2002
    Location:
    キャンプスワ&#
    #19
    Why?

    Because others on the board will read it, and try it at their work area because they will fail to take into account his warning.

    BTW, I've seen folks removed from positions, as in fired, for doing things like this. What concerns me in this situation, is that his IT staff may be okaying something from his perspective, that they in fact are not and there is a miscommunication because they are inexperienced or do not understand the ramifications of what he is really doing.

    Additionally, I would venture to say that most folks do not understand e-mail security, and thus will forward their e-mail to unsecured accounts or via unsecured methods, as well as other sensitive information. This, of course, can exasperate the problem.
     
  20. joeconvert macrumors 6502

    Joined:
    Nov 18, 2003
    Location:
    TX
    #20
    The OP is obviously aware of the risks - he mentioned them for crying out loud.

    To the rest of you, you have some valid points, but as usually is the case with subjects like this - you know less than you think you do. Unless you are encrypting your email - it is inherently unsecured as a medium of communication.

    On the activesync front the iPhone's implementation sucks. It still doesn't have parity with the WM mobile solutions that have been out for several years. - NO RSA SecurID, etc.

    to the OP - nice write up and solution. Some IT departments (albeit few) may actually forwward a copy to an external address given it meets certain security requirements. The real issue that most responders are missing is that the rules are less about security (see my earlier comment) and more about retention and deletion policies.
     
  21. spamdumpster thread starter macrumors 6502a

    Joined:
    Jan 22, 2008
    #21
    Thanks. You make a good point regarding security vs. retention. I am pretty surprised at the reaction to my post. I guess I should have posted in the Hacks forum. Mods -- feel free to move or delete if my post is too much of a threat.
     
  22. joeconvert macrumors 6502

    Joined:
    Nov 18, 2003
    Location:
    TX
    #22
    Expected justification for removing this - It's for the children.

    Seriously, people need to be responsible for their own actions.
     
  23. AM0801 macrumors newbie

    Joined:
    Aug 5, 2008
    #23
    Obviously yes, this guy gets that what he is doing is against his firm's normal IT policies and has gotten at least some sort of tacit permission from the IT guys. HOWEVER, I highly doubt that the IT guys are really current on all of the legal implications of this. And I am not talking the implications based on the firm's own IT policies, but the implications of forwarding confidential and privileged information to a device that might not be secure, let alone to gmail. The OP is putting a lot in jeopardy...his own job (which he seems to think is safe based on his "permission" from the IT dept), his firm, and his bar license, not to mention the confidential and/or privileged information of his clients. I am sure the disciplinary committee is not going to take "Oh the IT guy said it was ok" as an excuse if god forbid something happened and a complaint was made. Unfortunately, once you are an attorney, you owe a duty to people other than yourself, and forwarding your work email to iPhone just to be cool or have fun with it is not going to cut it.
     
  24. spamdumpster thread starter macrumors 6502a

    Joined:
    Jan 22, 2008
    #24
    1. Can you give me an example where a lawyer was disciplined in any way or faced any type of malpractice suit for forwarding emails from his work account to another email account? I'm not trying to be an ass; I'm curious. If any such guidance exists, I would like to know about so that I can comply.

    2. We often have clients who ask us to copy emails to them at their gmail/yahoo/comcast/whatever emails accounts to make it easier for them to access. Almost all that I have experience with work in the legal departments of Fortune 100 companies. How should I handle these requests in the future?

    Thanks for your help.
     
  25. AM0801 macrumors newbie

    Joined:
    Aug 5, 2008
    #25
    spamdumpster, check this out:

    http://www.utd.uscourts.gov/judges/E-Ethics 0408.pdf. Nothing in here is in SHALL language (other than that Nevada statute), but I wouldn't want to mess around with ethical obligations.

    as to number 2, obvi that is different because the client is specifically requesting that you send it there.
     

Share This Page