Re: Use of Acompli to accelerate email to IOS and Android

[Steve Terry <terrys () DENISON EDU>]

Mike:

How many schools are not already in the cloud with email?  Exchange,
on-prim may be the exception, rather than the norm?  So if schools are
already using cloud-based solutions (Gmail, Office365, etc.)  is the OAuth
scenario still applicable?

Steve

*Steve Terry*
Director of Enterprise Applications
ITS
*Denison University*
Fellows Hall - 102B
Granville, OH 43023
740-587-8685 | *www.denison.edu <http://www.denison.edu/>*

On Fri, Jan 30, 2015 at 12:24 PM, Mike Osterman <ostermmg () whitman edu>
wrote:

> I think the issue with Acompli (or CloudMagic, Inky and the others that
> support non-OAuth mail) password storage is that it's storing the password
> on a remote server rather than on the person's device. There's always the
> risk that the app itself could turn evil and leak your credentials, but in
> the remote server scenario, you're providing a credential to a third party
> that could prove very dangerous in SSO-enabled environments like the EDU
> space. Sure, it's encrypted, but if they lost their encryption keys and the
> database, that's a pretty substantial loss.
>
> Worse still, I don't think anyone but IT folks really understand the
> distinction of the location of the password storage or cares to do the
> research to make an informed decision.
>
> Even in the OAuth scenario, you're avoiding the credential issue, but do
> still have highly-sensitive mail data (except in the case of Inky -
> http://inky.com/faq/) passing through 3rd party servers in most
> implementations. If an organization is using Exchange on-premise, then
> you'll lose the inherent data privacy benefit by having institutional mail
> data--"metadata" at a minimum--traveling outside the organization.
>
> It's tough, because this new breed of mail clients offer some fantastic
> functionality (I personally love the Snooze feature in Mailbox.app and use
> it with my personal email), but there are privacy tradeoffs, and many of
> our institutions don't have the policies and/or technical controls in place
> to be able to address these risks.
>
> Mike Osterman
> Director, Enterprise Technology
> Whitman College
> (509) 527-5419
>
> On Jan 30, 2015, at 9:00 AM, Steve Terry <terrys () DENISON EDU> wrote:
>
> Dennis:
>
> Microsoft purchased Acompli a short time ago and turned it into a new
> version of Outlook for iOS and Android devices:
>
> http://www.theverge.com/2015/1/29/7936081/microsoft-outlook-app-ios-android-features
>
> I have used Acompli for about a year and have found it to be a fantastic
> piece of software.  I have also downloaded and run the new version of
> Outlook to compare it to my previous version of Acompli - it is same, but
> better!  (Add file access to Dropbox and other services.)
>
> As for authentication, (Denision is a Google Education shop) - it prompts
> and uses our SSO authentication services to establish the initial
> connection to (Gmail) for us.  I see no differences, in this new version of
> Outlook, in terms of "storing" account information over any other previous
> iOS email clients?
>
> Steve
>
> *Steve Terry*
> Director of Enterprise Applications
> ITS
> *Denison University*
> Fellows Hall - 102B
> Granville, OH 43023
> 740-587-8685 | *www.denison.edu <http://www.denison.edu/>*
>
> On Fri, Jan 30, 2015 at 10:11 AM, Dennis Levine <dennis_levine () emerson edu
> > wrote:
>
> >  Hi All.
> >
> >   Just wondering if anyone is using or is considering the use of Acompli (
> > https://www.acompli.com) to accelerate email distribution to IOS and
> > Android mobile devices.
> >
> > I’m a bit hesitant because they require a login to the exchange server
> > and then store the email and account information on their servers, though
> > they say it’s encrypted.
> >
> > Any thoughts,
> >
> > Dennis
> >
> >
> >
> > *Dennis Levine *| Network and Security Administrator | 120 Boylston
> > Street  Boston, MA  02116-4624 | (617) 824-8972 |
> > Dennis_Levine () emerson edu | www.emerson.edu
> >
> > <image001.jpg>