"Chris" <Chris@discussions.microsoft.com> wrote in message
news:160C67BC-44AB-445C-A36F-5371883AB6C6@microsoft.com...
> I am running Exchange 2007 using ActiveSync to a Motorola Q smartphone and
> I'm trying to understand my exposure when a device is lost. If I'm using
> an
> Active Sync policy that requires a strong password, encrypts storage cards
> and enable remote wiping of the device, is that all I can do? If so,
> there
> is a gap when a device is lost while logged in, and not reported
> immediately,
> is that right?
>
> In other words, the data (mail, contacts, etc) on the smartphone itself,
> not
> on a storage card, is not encrypted and therefore accessible, is that
> right?


I think it's worse than that. If the device is lost/stolen whilst unlocked
everything is accessible.
Although it doesn't help in that case, I use a registry modification to
store mail on the encrypted storage card.