Tuesday, August 11, 2009 3:05 PMIn reference to the following materials: http://technet.microsoft.com/en-us/library/ee323481(office.13).aspx
After having reviewed the reference link above I can find no information that talks about weather the galcontacts.db file stored on the local client is encrypted. If it is encrypted can you please elaborate on what type of encryption is used? If not, can you please offer some recommended methods to encrypt the address book?
In particular, I am concerned about internal company data being stored on non-company hardware. IE: A user installed the MOC client on a non-company approved piece of hardware (aka: their home computer) and connected remotely (through an Access Edge) to the OCS services and thus downloaded the address book. Are methods available in OCS to help prevent this type of situation?
Tuesday, August 11, 2009 4:22 PMModeratorThe file is not encrypted in the sense that most of the data in there is readable view a text viewer, but it's just very messy.
Take a look at this blog for more details: http://blogs.pointbridge.com/Blogs/schertz_jeff/Pages/Post.aspx?_ID=47
Jeff Schertz, PointBridge | MVP | MCITP: Enterprise Messaging | MCTS: OCS
Thursday, August 13, 2009 9:12 PM
I we been thinking of this to and i think that you could set authentication on the reverse proxy to require client certificates, and you only have certs installed on trusted computers right, this would prevent users from accessing the address book files and live meeting content from computers that are not trusted.
Tommy Clarke | http://www.cinline.se
- Marked As Answer by Matt.WadeMicrosoft Employee Friday, August 21, 2009 2:57 PM