Hi Gang,

I am working on fine-tuning our IT policies here. I have searched around a fair bit and have not found a "Best Practices" for setting them up. I would love to see what others have setup for security etc. and why they picked those settings.

If you guys could post a link to something like this, I would really appreciate it!

Welcome to the forums!

What you set for security all depends on your corporate environment. If your company is concerned about trade secrets getting out, you may have more stringent security than another company. Here's what we have in nutshell:

- Enforced password, 6 character minimum, must have at least 1 number & 1 letter. User can change timeout up to 1 hour.
- Password expires every 90 days, cannot reuse last 8 passwords
- BIS mail is restricted so people can receive it, but not send FROM the BIS email account.
- Camera is disabled
- SMS, PIN, and phone calls are all logged

There is another policy that includes all of the above, but also disables the phone and voice activated dialing.

Other than that, my users go wild

I'd have a revolt if I enforced some of that ...

On that note...(sort of off topic) how do you setup PIN logging???

PIM Sync Policy Group > Disable PIN Messages Wireless Sync

Set to False.