Hi Adam
Cloud Extender is MaaS360's OnPremise appliance which can do the job you need.
It is installed on a Windows VM or server and requires administrator rights to the Exchange platform.
On the basis of PowerShell scripts it uses the AutoQuarantine function on Exchange to control who can access mail.
Then you can use Compliance rules so that only devices enrolled in Maas360 can access mail, and if they are not enrolled the mail synch is blocked even if it was already working.
Documentation below. The following assumptions / conditions are valid:
- You need the necessary admin rights to Exchange, and Cloud Extender 'takes over' these rights.
- Cloud Extender is installed on a Windows server with 2016 or later version.
- Depending on the number of devices - for example for greater than 1000 devices connected to Exchange to be controlled - you may need extra Cloud Extender servers
- The support applies equally for OnPremise Exchange as for Office365
- If you want to control Windows PC's they would need to be enrolled into MaaS360 as well
https://www.ibm.com/docs/en/maas360?topic=modules-exchange-module
Hope this helps.
------------------------------
Eamonn O'Mahony
Client Success Manager
IBM Security
Dublin
------------------------------
Original Message:
Sent: Tue September 24, 2024 04:50 PM
From: Adam Afshar
Subject: Outlook App Configuration - Attribute and Value
Hi Eamonn,
Thanks for the response however I checked both links before and neither will give me the specific restriction I needed for the outlook app (iOS or Android). The security risk identified by our cyber party is a scenario where users tries to setup their personal email account under outlook app as a second email and able to forward content by changing the from field. The MaaS360 link does not have any specific on the configuration values and I googled alot to find a similar situation without any luck. I will appreciate your further advice for this matter.
Thanks,
Adam
------------------------------
Adam Afshar
Original Message:
Sent: Tue September 17, 2024 04:34 AM
From: Eamonn O'Mahony
Subject: Outlook App Configuration - Attribute and Value
Hi Adam
Just to confirm the basis. You add an app such as Outlook from the Microsoft/Apple/Google stores to the MaaS360 App Catalog, and distribute it to devices. When it is installed based on this, the app becomes managed and the configurations you push will take effect.
The app config that you can use is documented as a general approach here: https://www.ibm.com/docs/en/maas360?topic=configurations-creating-app-configuration
Microsoft's documentation includes an initial reference to their equivalent product, ignoring this you will find the AppConfig recommendations for Outlook further down:
https://techcommunity.microsoft.com/t5/intune-customer-success/new-outlook-for-ios-and-android-app-configuration-policy/ba-p/370481
Best regards
------------------------------
Eamonn O'Mahony
Client Success Manager
IBM Security
Dublin
Original Message:
Sent: Thu September 12, 2024 03:30 PM
From: Adam Afshar
Subject: Outlook App Configuration - Attribute and Value
Hi,
I would like to restrict outlook app (on both iOS and Android) platoform for the followings:
- Only one corporate account with @mycompany.com be allowed to setup and prevent multiple email account added to the outlook app
- Remove email forwarding
So far, I tried two manual configuration (for iOS) and neither worked. I'm clueless on the Android side as well.
com.microsoft.outlook.EmailAllowedAccounts @mycompnay.com or mycompany.com (did not work)
com.microsoft.outlook.EmailForwardingEnabled false (did not work)
Please help!
Thanks,
Adam
------------------------------
Adam Afshar
------------------------------