iPhone OS 3.1 Enforces Exchange Encryption Policy; Affects Non-iPhone 3GS Users

BY Jason

Published 10 Sep 2009

iPhone OS 3.1

Based on this Apple Discussions thread it looks like many iPhone 3G and iPhone 2G users who have upgraded to iPhone OS 3.1 that was released yesterday are facing problems accessing their Microsoft Exchange accounts due to device incompatibility with Exchange's server-side encryption.

iPhone 3GS users are not facing the problem as it already supports device-level encryption.

TUAW explains that the issue iPhone 3G and iPhone 2G users are facing is not a bug. They were able to access Microsoft Exchange  prior to upgrading to iPhone OS 3.1 utilizing the encryption option in iPhone OS 3.0, but the ability was apparently an oversight on Apple's part. They have actually fixed the security hole in iPhone OS 3.1, which is causing the problem.

“While many are reacting to this issue as though it's a bug, and are reporting it as such, the reality is that the Exchange encryption requirement is a feature and the fact that it was not being correctly enforced was actually a security hole. IT administrators with Exchange 2007 SP1 servers and iPhone clients are probably going to be fielding an above-average level of incoming questions, but at least they can rest easy knowing that Exchange encryption is now working correctly. Cold comfort for their users, though.”

Apple has also posted a Knowledge Base article today to provide more details about the issue. They have mentioned that the only workaround to the problem for iPhone 3G and iPhone 2G users would be to request their Exchange Server administrator to change the mailbox policy to no longer require device-level encryption.

If you are not facing this issue after upgrading to iPhone OS 3.1 then your Exchange administrator has probably not turned on the 'require encryption' flag in the server settings.

Even though Apple has actually fixed a security hole, non-iPhone 3GS users will probably get annoyed with this change as it stops them from accessing email. Ideally, it shouldn’t have worked in the first place but the fact that it worked means, users would have probably gotten used to it.

It will definitely come as a relief to system administrators, but they can expect to get a lot of calls from their colleagues using iPhone 3G or iPhone 2G complaining about the problem.

Did you face this issue after upgrading to iPhone OS 3.1?

[via TUAW]