As mentioned in BYOD Basics: Proper Planning and Considerations , "Bring Your Own Device" provides great potential to one's organization when planned for properly.  Choosing the right tools that meet the requirements of your organization requires proper research to ensure said organization's mobile worker connectivity goals are achieved without sacrificing security.  This applies to all sizes of organizations.  While larger businesses have specific requirements around smartphone and tablet enablement, smaller to medium size businesses can sometimes get by on the bare essentials.  While there are a barrage of software offerings to manage and control any BYOD deployment, sometimes all an organization needs is the software already deployed in their own infrastructure.

Microsoft ActiveSync, included with Microsoft Exchange since 2003 SP2 and with Office 365 since inception, can provide secure connectivity to one's email but can also do so much more.  It can enable IT departments with the ground tools necessary to begin their BYOD enablement strategy on behalf of their organization.  What's more, Microsoft Exchange ActiveSync not only support Windows Phone, but iOS, Android, and even BlackBerry natively without third party software requirements.  While granted, some organizations will require more than the ability to remotely wipe a device if lost or stolen or enforce the requirement for passwords on said devices, the capabilities of enablement ActiveSync provides extend beyond just that.

The following is a small example of the policing capabilities provided by Microsoft Exchange ActiveSync:  

Product

Windows Phone

Windows Phone

Windows Phone

iPhone (iOS)

BlackBerry 10

Android

Version

7.0

7.5

8.0

5.0

10.0

2.2, 2.3

3.0, 3.1
Honeycomb

4.0
Ice Cream
Sandwich

Remote wipe

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

SSL encrypted transmission

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Min Password Length

Yes

Yes

Yes

Yes

Yes

Depends On Manufacturer

Password Complexity

Yes

Yes

Yes

No

Yes

Depends On Manufacturer

User started remote wipe

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

PIN reset

No

No

No

No

No

No

No

No

Auto Discover Settings

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Bandwidth reduction

No

Yes

Yes

Yes

Yes

No

No

Yes

Allow attachment download (client side)

No

No

Yes

No

Yes

No

No

Yes

Maximum attachment size

No

No

Yes

No

Yes

No

No

Yes

Allow simple password

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Password expiration

Yes

Yes

Yes

Yes

Yes

Depends On Manufacturer

Enforce password history

Yes

Yes

Yes

Yes

Yes

Depends On Manufacturer

Encrypt storage card

No

No

No

N/A

Yes

Depends On Manufacturer

Disable removable storage

Yes

Yes

Yes

N/A

No

No

No

No

Require device encryption

No

No

Yes

Yes16

Yes

No

Yes

Yes

Allow IRM over EAS

No

Yes

Yes

No

No

Depends On Manufacturer

 

Allow/Block/Quarantine Capabilities

One additional item to make mention of which is natively available in Exchange 2010 and up is the ability to Allow, Block or Quarantine (ABQ for short) devices attempting to connect to your organization's infrastructure through Exchange ActiveSync.  This ability of control allows IT departments the ability to allow approved devices, block devices that do not meet the specific requirements as agreed to by the organization, or to quarantine, in essence await access approval, devices pending further investigation around device capabilities.

As stated earlier, Microsoft Exchange ActiveSync provides a great ground level BYOD strategy.  While it does not have all the features full blown mobile device management suites offer, the policies provided do give IT departments the ability to enable an organization's workforce with secure access in mind. 

Further information regarding Microsoft Exchange ActiveSync can be found here.