Today we get to hear straight from the mind of our developer himself!
Why TouchDown for Mac?
Some of you may wonder why NitroDesk, traditionally a mobile email product developer, would build a Mac version of TouchDown. TouchDown has traditionally been available on mobile platforms Android and iOS, but Mac is really a desktop platform. So what gives?
Last year when we switched from a pure android shop to build an iOS version, it forced some of us to start using Macs as our desktops (it’s hard to build an iOS app on a Windows desktop). Initially we got by installing parallels on the Mac and with using Outlook. We also had the native Mac client syncing our emails. But eventually we got tired of having to switch between Mac and Windows just to do everything unrelated to development (performance issues due to the two OSs, and the fact that we use Eclipse on Windows to build our android app was another reason – there are several legacy reasons why we could not switch to Eclipse on the Mac). So, we switched from Parallels to BootCamp to dual boot Win8 and Mac on the same computer. That made life easy in some ways (we could actually boot back and forth and get the job done – Eclipse would actually run in Win8 on bootcamp). Personally the best windows PC I have used is a Mac PowerBook Retina (shhh, don’t tell anyone).
This was a good move in a sense. This helped us focus on one platform at a time. The pain of rebooting to switch from iOS to Android was enough to prevent our minds from wandering.
But it caused a couple of problems
- We would get a notification of emails on our mobile devices as soon as mail arrived. However, if the mail required us to write a reply from a computer, we had to wait and wait until Mac Email finally received the message. This was most frustrating for email junkies like us who needed to finish responding so we could move on to the next task.
- Tooling around in the Mac partition, we discovered this:
Every email received in the Mac Mail app was in plain view in Windows, when using Boot camp. While promiscuous sharing like this between platforms was just great when we need to copy files over from one platform to another, we were not too thrilled with the implications of this (each .emlx file contains the received message in base 64 encoding), which had some serious implications – consider this not too uncommon scenario:
Your CFO is traveling with a MacBook Air and an iPad. You have spent some serious coin on an MDM that would protect the email content on the iPad (probably even mandated the use of TouchDown and an MDM on your iPad). So your corporate data is more secure than Fort KNOX, with a GATE around it. Lose that iPad? You can whip out your cannon and do a remote wipe on it, disable it and nuke it to kingdom come. BUT what happens when he loses the MacBook Air? The MacBook probably syncs with either outlook or Mac Mail. It has waaay more data (no control on email history to download to it) than the mobile device you just nuked. This time around, all you can do is pray for the finder to simply format it rather than trying to get the data out.
YES, laptops are MOBILE! And Macs are vulnerable when they have a partition!
Consider this other scenario:
Your employees use Macs. Every email they send or receive is in that directory in plain text. Any application they may have downloaded from the internet (you can side load applications with no restriction on what they can do) can contain a Trojan which looks for the Mac Mail directory, enumerating, reading and decoding emails, contacts, calendar, notes etc, looking for passwords, credit-card numbers, (PHI if you are a hospital).
This was indeed an OH CRAP moment for us. We have been working hard for the past five years to protect your corporate information, and still we haven’t done enough for our corporate customers.
Hence TouchDown for Mac.
With TouchDown for Mac, all the data in the application is encrypted, so no other application can read or decode it easily. Without explicit user action, none of the email data or attachments can leak outside the protected sandbox we place around it. And no, They cannot be viewed in Windows if you dual boot. Boot away 🙂 “And there’s more!”
…and all the nice tweaks and productivity measures we have added to our mobile apps, and a future resplendent with new ways to work with your corporate email account. (GTD, MYN ? anyone?)
…and PUSH email with an exchange client without being limited to an IMAP connection.
…and the ability for you to import SMIME certs to the application sandbox (not the whole computer) and have touchdown use those to encrypt and sign your emails.
…and the ability to set your OOF.
…and the fact that it may even be a viable solution for implementing the Direct Project (http://directproject.org/content.php?key=overview) – Physicians love Macs (at least mine does), and if we can get them to communicate via secure email, we would have done some good.
Well then, Why NOT TouchDown for Mac!
-g