Best practices and security issues to consider when you use Windows Live Sync

Article translations Article translations
Article ID: 925077 - View products that this article applies to.
Expand all | Collapse all

SUMMARY

This article describes some best practices and security issues to consider when you configure Windows Live Sync on a network.

INTRODUCTION

Sync is a Windows Live service. If you use Sync incorrectly, you might unintentionally disclose information on a network.

MORE INFORMATION

Windows Live Sync is a free service that is designed to help you do the following:
  • Synchronize files across all the computers that you use.
  • Share files and photos with friends, coworkers, and family.
  • Remotely access your files from any other computer that is connected to the Internet.
If you have more than one computer, you can create personal folders to synchronize files between them. You can also share files with friends or colleagues when you create a shared folder or connect your computer to a shared folder.

For more information about Sync, visit the following Web site:
https://sync.live.com
The following best practices address the security considerations of system administrators who have Sync installed on their networks:
  • If your organization has filtering enabled on a firewall, you can effectively block outgoing traffic to Sync. To permanently block the Sync satellite from running in a particular environment, block access to the following host name on port TCP/443:
    connect.sync.live.net
  • Block incoming and outgoing connections at the network perimeter, such as at the firewall or at the proxy server. You can also enforce software restriction policies through the Active Directory directory service to prevent Sync from running.

    For more information about software restriction policies, visit the following Microsoft TechNet Web site:
    http://technet.microsoft.com/en-us/library/bb457006.aspx
  • Use other security controls to deny outgoing network traffic from workstations. For example, a user must decide which folders to share. If a user does not understand the implications of explicitly sharing information that might be sensitive, revisit your organization's user education and security policies to raise user awareness.
  • Make sure that your organization's user education and security policies are updated to explicitly warn users against installing unapproved peer-to-peer software.

Properties

Article ID: 925077 - Last Review: December 15, 2008 - Revision: 4.0
APPLIES TO
  • MSN
Keywords: 
kbsecurity kbhowto kbinfo KB925077

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com