Securing your Email with S/MIME

Today we start an awesome mini-series from one of our support gurus, DragonFly, about how S/MIME works in general, with following tutorials on how to implement S/MIME in TouchDown on iOS, Android and Mac platforms.  Check out today’s tutorial on iOS!

Hi,

Dragonfly from NitroDesk support here. In the following, today I’ll be describing how to import and use S/MIME in Touchdown for iOS. Using this functionality you can sign messages, proving that you are the person sending that particular message, and optionally encrypt them, meaning the email will only be readable by people who you have included in the message. Signing provides you with non-repudiation and potentially detect tampering on the fly and encryption prevents unauthorized viewing of the message. This type of functionality is great for keeping your emails safe and ensuring that information’s coming from the right source. (For more information on how S/MIME works, here’s a good tutorial: http://technet.microsoft.com/en-us/library/aa995740%28v=exchg.65%29.aspx) Just know that to send an encrypted email, you need to have the recipient’s public key and vice versa- these can be verified from within Touchdown when that person sends you a signed message. Here’s what you’ll need before you get started:

First, you’ll need a certificate for S/MIME signing and the latest version of Touchdown. To get a certificate for S/MIME, you’ll want to contact your IT team. Also, keep in mind the only two certificate types Touchdown supports is .pfx and .p12. The certificate would need to include the complete chain to the root certificate authority.

If you have your certificate already in IE, but need to export it to your desktop,Here’s how (in IE):

1. Go into the Settings>Internet Options, and clicking on the Content tab.

2. Click on Certificates, and find the one you want to export

3. Click Export. Make sure you choose the option to export the private key and also to include all certificates in the certification path.

4. Choose a file path, and save it.

5. Don’t forget to  remember the password you use to perform the export. This password prevents anyone else from being able to access the certificate. If you’re having difficulty with this process, contact your IT team and see if there’s another way you should be doing it. As with any operations like this, make sure you are staying within your IT team’s best practices so you stay in alignment with any security policies.

6. Once you have your certificate backed up to a file, send that file to your email as an attachment, and you’re ready to go.

Let’s start with the iOS version.

S/MIME for iOS

In this demo, I show how to send an encrypted email to the ‘welovenitrodesk’ account.

First, I want to ensure that I have my certificate for S/MIME, so I find the email with the attached certificate, and view it in the attachment list.

The attached certificate, note the file type is .pfx. 

After downloading, I click the ‘I’ icon and choose to ‘Import for both.’

Choose Import for Both.

A password prompt appears.

Enter your certificate password here that was created when you generated the certificate. 

After entering the correct password (This is set up during certificate exporting from your browser, for help with this  please contact your IT team) it will tell you your certificate has been saved.

Saved certificate message. 

Now that I have a certificate, I’m ready to send the account  welovenitrodesk an encrypted message:

I click on the tools/options icon and enable Encryption and signing.

Tools icon to enable encryption signing.

Enable signing and encryption for the email.

I send the email. If you suddenly see this message (see below), it means you didn’t validate the recipient’s public certificate key from a signed message. (This can also be done over the GAL if your company supports it.) Remember how I said earlier that to send an encrypted email, you need the recipient’s public key? Now I just need to fetch it. Thankfully, a while back welovenitrodesk sent me a signed message, which contains the key.

Oops!

I find the email where welovenitrodesk sent me the key, and click on the lock icon.

Welovenitrodesk sent me a signed message.

I click ‘verify signature’ and it verifies.

Now I can send that encrypted message!

The second time, I attempt to send the encrypted message again. This time it comes through.

Back in welovenitrodesk, after having imported the public certificate and the welovenitrodesk certificate, I check the encrypted message, and am able to successfully decrypt it.

The signed and encrypted email.

Clicking on the lock icon, I can confirm that it is indeed signed and encrypted.

Hope this helps you get a better understanding on how to use S/MIME functionality with Touchdown for  iOS. If you have any questions, please feel free to contact us at  iossupport@nitrodesk.com for any iOS queries. Be sure to check in on Monday for Part II, SMIME for Android. Thanks for reading!

Why many are dumping their MDM

It is here!!!!  If you’re ready to have excellent BYOD data security, without all the complications and cost of an MDM, check out:

 

 

 

http://www.cockpitcontrol.com

Putting you at the Helm of your Enterprise Data Security

A little movie about TouchDown

Alex Fauske is a genius – we love what he did for us!

TouchDown for Mac Beta – new release

Heh faithful TouchDown for Mac Beta testers!  Check out the latest Beta release – we’ve incorporated many of your suggestions!   Here are the changes:

1. PIN Policy support (now it will ask you to create a PIN based on the security policies)

2. PIN prompting works thus : When starting touchdown it will ask for PIN. But the timeout kicks in only if you shutdown the machine, or put it to sleep (and the timeout occurs in sleep).

3. Support for SMIME signing and Encryption. To set signing/encryption cert, go to the Certificates node under Email in settings and import certs. Once a cert has been imported, you can click the lock button when composing an email to sign/encrypt

4. When replying, moves the focus to the body of the email and not the sender box

5. Support for gal search when composing emails.

Download the new version at : http://mactouchdown.com

Need a license key to beta test? We are allowing a certain number of beta testers until we turn the key off, so get yours while you can. Beta testers will get free lifetime versions of TouchDown for Mac!   Simply

1. Download the beta,

2. Use TOUCHDOWNMACBETA as the license key and you will be issued a permanent key.

3. Send us feedback at macsupport@nitrodesk.com to help us build YOUR TouchDown.

TouchDown for Mac – Custom notifications

Despite working on the UI on the Mac version of TouchDown, there are still fun features that Goutham (who built it) surprised me with – especially my new favorite feature, the custom notification feature.

I like to know when I have new email, and since I am often working on a Mac desktop, a Macbook air and a Samsung PC  all at the same time, (meaning my eyes aren’t always staring at the inbox), I LOVE that I can create sound notifications.  Not the boring “Ding” that says you have a new email, but awesome, completely custom, speech notifications, PER account.  So lets says I have my main inbox,  which just happens to be my name @nitrodesk.com.  I might have it say “Heh, you have mail.”  or if Im having a bad day, I might even have it say “You are amazing” everytime I receive an email.

The coolest part is not the self-esteem booster, but the fact that I can then go to my second and their and fourth account that I have configured for Touchdown, and give each one a different sound/speech notification.  So for my support email I may have it say “check support email.”  So whether I am pouring over the PC working on some Windows 8 design issue, or having a snack in the lunchroom, I know exactly what account just landed an email that needs my attention.

Want to know who the email is from or who sent it?  You can do that too.  Here’s how:

In general, you will want to select the account you want to change the notification for – below, I have selected my main account, Daniela@nitro….

1. Click on Settings Icon (lower left hand corner)

2. Click on Notifications, making sure its the Notifications tab under the account you want to amend.

3. Select the Speak radio Button

 

4. Enter what you want it to say when you receive a new email in the “Speech String” box

5. If you are feeling down, have it say something positive about you, and send yourself email (ok, maybe that’s me…)

 

 

Differentiating notifications between accounts

If you want to have a different notification for additional accounts you have configured on your TouchDown for Mac, simply click on that account (mine is blank in this example) and repeat steps 1-4 above.  Easy Peasy!!

 

To get even more details, like WHO sent the email, or the title of the email, repeat steps 1-3, and then:

4.  If you want to hear the sender, write something like “Message from” (or email from) and then write “from” like this: %from%      An example would be “Email from %from%”

5. If you want to hear the subject of the email, write something like “email titled %subject%”
   You can even do both, such as “You have an email from %from% with the subject %subject%”

 

SO whether you want  differentiate your incoming email with speech notifications, boost your self-esteem or TouchDown tell you what the subject line is, this is one cool feature I am already hooked on.

Let me know what you think, and what your notification is.

TouchDown for Mac is here

So here at TouchDown, we are thrilled that we launched our Beta version of Touchdown!  Here are the details !!

Have you been dying for a completely secure Mac Productivity client?

At NitroDesk we’ve always been known as the ultimate in secure email and productivity on all your mobile devices. Whether you have an iPhone or an Android, TouchDown is there with secure email and integrated calendar, contacts and tasks. Mac users rejoice, for you can now have the same awesome power on your Mac OS! We are the only Mac productivity client that offers all the things you need, like SMIME, OOF and IRM along with integrated productivity and a complete set of customizable features. Mac users, your email and productivity has arrived.

TouchDown for Mac offers the same awesome features as TouchDown for Android, Windows8 and iOS, but goes even further:

Security

TouchDown for Mac brings Unparalleled Security on the Mac:
– Everything is encrypted, regardless of your server or technology
– Use of PIN when mandated by server administrator or MDM
– SMIME and IRM, per-email signing and encryption
– Native AES-256 Encryption on the data at rest! (this means other apps only see an encrypted blob of data)
– Selective remote wipe if your device is lost or compromised – only corporate data is removed.
– Support for client certs when connecting to server

Features
TouchDown for Mac has many more features than are available on Mac Mail or any other third party Exchange solution:
– ActiveSync push for lightning fast access to your corporate data
– Supports Microsoft Information Rights Management Server
– Incredible price – no monthly charges, lifetime license includes all upgrades.
– User-selectable themes, with quarterly updates
– Ability to search the server for email not synced to a device
– GAL searches
– Quick Replies when you simply want to send a one-liner
– Great UI – easy to read, sort and respond to mail efficiently while still having familiar MacOS interface elements

TouchDown for Mac is completely innovative – we actively listen to our users, and integrate requests like categorization support, messages and appointments at a glance from a selected user, and time management techniques like GTD, MYN, etc.

TouchDown for Mac is the ONLY secure Exchange ActiveSync solution for BYOD shops that have invested in mobile security; now you can feel secure in allowing employees to bring in their Macs without worrying about the security of your corporate data.

Thanks for being part of the TouchDown community and for your great feedback. We hope you love this new Mac App as much as we do, and that it brings you incredible productivity on your Mac. You won’t want to use anything else.

Complete, Secure, Productive. What are YOU waiting for??   Want in?  Download at http://mactouchdown.com/download.html

 

Touchdown – Getting to know your Diagnostics

Today’s post comes from Dragonfly, our trusty, awesome and beloved iOS Support Guru.

Getting diagnostic information from TouchDown for iOS.

Occasionally during the troubleshooting process, a support technician may request a diagnostic log.  Here’s a visual guide on how to retrieve one from TouchDown for iOS:

There are two locations where you can get diagnostic information from the iOS version of TouchDown.

1. During configuration, which can be useful to determine where TouchDown is failing to connect.
2. The diagnostics menu.

In this blog post, I will cover the two methods of obtaining a diagnostic log.

Obtaining a configuration diagnostic:

When you open TouchDown for the first time, or any time after you reset the database, you will be  prompted to configure. On this screen, there is a toggle to Enable Logging. To get a configuration log, slide that to the ‘on’ position (see red circle below) and enter in your information.

In the below screenshot, I intentionally entered wrong information and attempted to configure. Note  that as the configuration fails, there is an option to ‘Copy Log.’  Click that to put a copy of the log on your clipboard. Once you click it, you will get a notification that it has been added to your clipboard.

 

As I was unable to configure TouchDown, I entered my gmail account using the device web browser, and opened a new email to send to iossupport@Nitrodesk.com.  After long pressing on the body of the email, an option to paste appears. I click it, and it puts the contents of the diagnostic log into the body of the email:

After you paste the log into the email, send it to iossupport@nitrodesk.com with a description of the issue so the technicians there can see where the configuration is having issues.

Obtaining a regular diagnostic log:

If the support staff request an iOS diagnostic log of some specific behavior, here is how to retrieve it.  On the main mail screen, tap the circle triangle button, and choose the diagnostics button:

To ensure you get us a correct log, please tap ‘clear,’ which may return you to the main screen again. Enter diagnostics again via the circle triangle button, and enable logging:

Go back to TouchDown and perform the action you are having difficulty with.  Return to the diagnostics screen after you are done, and copy the log using the ‘copy’ button. You should receive a notification that it has been copied to the clipboard:

Open a new email, and long press on the body. An option to paste the log should appear. Select that, and you will have a diagnostic log pasted in the body of an email:

Thanks for reading and hope this was helpful in describing the different types of diagnostic logging in TouchDown for iOS.

Dragonfly

Tasks in Touchdown for iOS

Today we wanted to touch (no pun intended – well, maybe a little) on how to utilize tasks in iOS.  (not iOS7, we’ll get to that once iOS7 is officially released.  Patience, iphone lovers!)

Open Touchdown and Tap the Tasks button.

There are several functions, such as Sort, Filter and Search that I find really critical.

SORT allows you to sort Tasks in the list by:
Subject, Start Date, Due Date or Importance, in either Ascending or descending order.

FILTER
helps you organize your Task list. You can filter by Folder, Category or status such as pending, complete, Overdue or Due today.  I like to have mine set for “due in the next seven days” so I have an overview of all the things I have to get done this week. There are many more options such as “Today AND Overdue Tasks,” etc.  You can totally nerd out on this little detail to make it work for your needs.

SEARCHING FOR TASKS
Open Tasks & pull down on the Tasks bar.

Type in your search criteria.
The best matches for your search criteria will appear below the search bar. Oila!

(To search for Tasks in other folders, Tap the Tasks button, enter search criteria and click search.)

CREATING A NEW TASK

Open TouchDown  and Tap the Tasks button.
Tap the New button and fill in your info!

Pretty nifty.  Task away!  (Im off to write in more tasks…)

Want more mini tutorials? You can find them all in one place right here in our Nitrodesk Knowledge Base!

Outlook on the go?

Yesterday Microsoft released an iOS version of their Outlook Web App (OWA) …have you tried it? Probably not, unless you have a subscription to Office 365.  Yes, its super cool that Microsoft offers these apps for free, but free with a price tag of Office 365 subscription just  isn’t….free.  But I digress.

I do love the fact that Microsoft is developing apps for iOS, Im a big supporter of across platform development.  The UI is pretty good, and is different for the iPad versus the iPhone, as it should be.   The UI utilizes touch gestures as well as voice commands, which is great when you are on the go or using it with one hand.

So, congrats to Microsoft for doing more iOS development – keep going, because the potential is there.  Just be aware that OWA apps are an online client, meaning that they only work online…when your device goes online, it simply mirrors what is on the Office 365 (or any other service you use) server.  When that connection is broken, you can not access  your information.  The security aspects of an online client versus an offline client also differ (more on this in tomorrows post).  And in today’s world of online snooping, I still insist the best way to control the safety of your data is to utilize SMIME and AES encryption with policies such as requiring a PIN.

If you want more information on TouchDown’s secure Email, Calendar, Contacts, etc, read the latest blog post about Encrypted email.  Come visit us at www.nitrodesk.com to see what the buzz about our Secure email that works with Exchange is all about.

Dont you hate it when…

Don’t you hate it when you forget to turn off your Out Of Office (OOF) automatic reply?  And no on tells you that your email is sending out an automatic reply that states you will be back three weeks ago.  Somewhat silly in your personal email, and downright unprofessional appearing in your work email.  It is SUPER easy to change this and many other settings on TouchDown, even if you are away from your desk.  (which makes it possible to turn the OOF ON if your forgot to do so and you remember when you are at the airport!)

Lets use the Android Phone as an example.   Simply go to Settings, and then Advanced Settings.
Select Out of Office (OOF) reply

Make your choice

Diasble OOF turns off the automatic Out of Office Reply
Enable OOF sends out an automatic Out of Office Reply, which you can select be internal or external to your organization

Scheduled OOF allows you to specify exactly when the OOF starts and stops – I highly recommend this option if you are setting up your OOF since it requires no further action once you time away is complete.  If you need to add onto it because you are having way too much fun and need to stay away form the office longer, you can easily change this time frame.

 

So there you go!  No worries about leaving on a jet plane and suddenly realizing you are going to have to deal with tardy email responses, or even worse, remembering that you forgot to turn the OOF OFF (say that three time super fast!)

Did you know that we have a ton of how-to’s on all of the TouchDown functions in our Knowledge Database?