A developer claims that the newly launched Outlook app for iOS breaks your companies security for mobile PIM access on many levels. This was claim about the Microsoft app, which was released this Thursday, was made by René Winkelmeyer. The company released this email management and cloud-based app after its Acompli buyout, which helped Microsoft to launch a full-fledged app. Let us take a look at Outlook’s features which are a security nightmare to understand the security concerns in a better way:
This Outlook app has built-in capabilities to share files to Dropbox, OneDrive and Google Drive. A user can share or use all services within his company mail account. This transfer is app-internal and you can’t control it, which makes it a security threat.
Also, Microsoft’s Outlook doesn’t use a unique ID for syncing data and app shares one single ID for all the devices. This means that it doesn’t distinguish an iPhone from an iPad. Again a security concern.
Now René Winkelmeyer tells about the worst part:
“Microsoft will get and store your mail account credentials in the cloud if you use the iOS Outlook app.”
He writes on his blog that Microsoft stores all your credentials and server data. It doesn’t ask for permission, it just scans and stores that. This way they have full access to your PIM data.
He also advises the readers to immediately block the app from accessing your companies mail servers. Microsoft was contacted for comment, but they didn’t respond.
Read René Winkelmeyer’s blog post to know more.
Read our how-to guides for simple and useful tips and tricks.