Exchange Insider

Help with Office 365, mobile devices, Exchange security


Problem solve Get help with specific problems with your technologies, process and projects.

Exchange Online mobile device support: A comprehensive look

As Exchange organizations look to Office 365, questions arise about mobile device support in the cloud. Exchange Online may have the features your enterprise wants and needs.

Many Exchange customers have upgraded to Exchange 2010 already; however, a large percentage of on-premises deployments are still on Exchange 2007 or earlier. That install base has an interesting decision to make as they plan for Exchange 2010. Existing Microsoft Business Productivity Online Services subscribers can reap the benefits of Exchange 2010 as they upgrade to Office 365.

Exchange Server has paved the way for mobile device support. Exchange Server 2010 is extremely feature-rich, so organizations currently running Exchange 2010 on-premises have certain expectations regarding mobile device support in the cloud. The question is: Will Office 365’s Exchange Online component meet enterprise hopes?

Supported mobile devices in Exchange Online
Exchange Online supports three mobile device operating systems: Windows Phone 7.5, other Exchange ActiveSync devices and BlackBerry smartphones. The other ActiveSync category includes the following OSes:

  • Windows Mobile 6.x
  • Windows Mobile 7
  • iOS (iPhone/iPad)
  • Nokia Symbian
  • Android 2.0
  • Palm OS

Even though Motorola and Sony Ericsson are listed as supported phones for Exchange 2010 ActiveSync, they are not listed on the Exchange Online documentation as supported devices. Check with the device manufacturer to verify its product is compatible with Exchange Online. In many cases, IMAP4 and POP3 can be used as alternatives to ActiveSync for incompatible devices.

Of the supported mobile devices, the following features will work (with a few exceptions):

  • Direct Push
  • Email sync
  • Calendar sync
  • Contacts sync
  • Tasks sync*
  • Remote wipes
  • Sync multiple folders
  • Global address list lookup
  • SSL encrypted transmission
  • AutoDiscover*
  • Pin reset*

*Windows Mobile 7, iOS and Android 2.0 cannot perform Task sync; Windows Mobile 6.x cannot perform AutoDiscover.

ActiveSync compatibility. The “Microsoft Exchange Online for Enterprises Service Description” document provides insight into feature parity between the cloud and on-premises Exchange. Table 1 shows a subsection of a features comparison available in ActiveSync.

Exchange mobility Exchange 2010 SP1 Exchange Online
Windows Phone 7 devices Yes Yes
Windows Mobile devices Windows Mobile 5.0+ Windows Mobile 6.0+
Other Exchange ActiveSync devices such as iPhone Yes Yes
Remote device wipe (implementation varies by mobile device manufacturer) Yes Yes
Customize Exchange ActiveSync security policies and settings, including PIN and password lock Yes Yes
Disable Exchange ActiveSync access Yes Yes
Mobile device allow, block, quarantine Yes Yes
Certificate-based authentication for Exchange ActiveSync Yes No
Over-the-air-update for Outlook Mobile Yes Yes
Mobile SMS sync through Exchange ActiveSync Yes Yes
SMS (text messaging) notifications Yes Yes

Table 1. Exchange mobility on-premises vs. Exchange Online

Based on the service descriptions, there is a strong feature loyalty between Exchange Online and Exchange 2010 on-premises for mobile devices that use ActiveSync. However, not all Exchange environments use ActiveSync.

BlackBerry Enterprise Server compatibility. In the first release of Exchange Online, Microsoft supported Blackberry devices as an additional subscription. BlackBerry Enterprise Server (BES) installments were hosted as part of the infrastructure and Research in Motion (RIM) built in custom administrative tools to manage BES and BlackBerry users. Exchange Online for Office 365 has evolved somewhat.

RIM provides BlackBerry devices access to Exchange Online mailboxes, free of charge, using two services. Blackberry Internet Service (BIS) is available for Exchange Online subscribers and will push email to BlackBerry devices. It will not, however, support calendar and contact synchronization. BIS users can sync using a wired connection.

A more robust option, the recently announced BlackBerry Business Cloud Services, is a hosted version of BES. Functionality-wise, it is closer to BES Express because it doesn’t have all the security features as its on-premises counterpart. The free subscription includes the features listed here:

  • Email reconciliation
  • Email filters
  • Email-message forwarding
  • Signatures
  • Out-of-office reply
  • Contact lookups
  • Contact list updates
  • Send attachments**
  • Download attachments
  • Save Sent items
  • Personal distribution lists
  • Personal folders*
  • Follow-up flag
  • Personal contact subfolder
  • Calendar entry forwarding
  • Availability of meeting invitees
  • Email with rich content
  • Sync schedule with Outlook
  • Gal integration
  • Tasks
  • Remote device wipe
  • Web-based administration
  • Policy management
  • Self-service portal
  • Notes

*BlackBerry 5.0 or later
** 3 MB max per attachment, 5 MB max per email

Exchange Online mobile device setup and management
Administrative tools for Exchange Online differ significantly from on-premises administrative tools, so much of the step-by-step documentation is found as self-help information online. In the case of configuring a mobile device for Exchange Online, a Mobile Phone Setup Wizard is available to help admins find the correct step-by-step procedures.

Once you’ve selected the phone or device OS, the wizard will ask if you want to set up the device for Exchange ActiveSync or IMAP/POP and will provide detailed steps for the option you choose. A video demonstration is also available to show how to perform the steps and find prerequisite information.

Creating a mobile device security policy
Security conscious enterprises with compliance policies are concerned not only with what a mobile device can do, but also about what it won’t do -- and how administrators can prevent the device from becoming a weak security link.

End users who connect mobile devices to Exchange Online have to accept the ActiveSync Device Policy that the admin assigns to their mailbox. If no policy is defined, the Default policy will be applied. ActiveSync device policies help administrators enforce defined mobile device polices. Administrators must have a solid understanding of the devices that are being used in their environments and which policy settings can and cannot be enforced on specific devices. It’s important to check the detailed comparison of Exchange ActiveSync clients and the policy settings they support.

Microsoft also offers step-by-step instructions for creating a new ActiveSync Device policy in Exchange Online. Some ActiveSync Mobile Device Policy settings are not configurable in Exchange Online, as shown in Table 3.

Section Option/Description
  Allow browser
  Allow consumer mail
  All desktop sync
  Allow Internet sharing
  Allow IRM over Exchange ActiveSync
  Allow IrDA
  Allow Mobile OTA update
  Allow POP/IMAP email
  Allow remote desktop
  Allow S/MIME encryption algorithm negotiation
  Allow S/MIME software certificates
  Allow unsigned applications
  Allow unsigned installation packages
  Approved application list
  Unapproved InROM application list
Sync settings  
  Maximum HTML email body truncation size
  Maximum email body truncation size
Device security  
  Require encrypted S/MIME messages
  Require signed S/MIME algorithm
  Require signed S/MIME messages

Table 3. Additional Exchange on-premises ActiveSync Device Policy Settings

Does Exchange Online have what enterprises need?
Exchange organizations make up the largest subscriber base in the Microsoft Office 365 cloud. There is a good chance that organizations running Exchange on-premises will consider a full or partial transition to Exchange Online. The decision to go all-in to the cloud may come down to a combination of feature and compliance requirements.

Exchange Online’s feature set could pave the way for a smooth transition. But if, after performing a full needs assessment, you determine Exchange Online is missing something your enterprise requires, don’t discount the cloud completely. Microsoft Office 365’s Exchange Online allows a high-fidelity coexistence strategy that can give an enterprise the best of both worlds.

Richard Luckett
is the President of SYSTMS of NY Inc. Richard is a Microsoft Certified Trainer with more than ten years Exchange Server instructional experience. He is a three-time Exchange MVP. Richard is an accomplished author and speaker who authored Administering Exchange 2000 Server and The Complete Reference: Microsoft Exchange 2007 SP1, both by McGraw-Hill. He is also the course director of seven best-selling Exchange courses for Global Knowledge, Inc.

Article 1 of 2

Dig Deeper on Exchange Online administration and implementation

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.