Mobile Management Tools to the Rescue

Systems help enterprises define and enforce security policies.

Its one thing to set up a password program on a single personal digital assistant. Its quite another to enforce password policy on hundreds or even thousands of handheld devices.

Thats where enterprise mobile management systems come into play, allowing IT managers to quickly and consistently define and enforce security and configuration policies that can reduce exposure of corporate data while making it relatively easy for end users to live with the security policies.

Mobile Automation Inc.s MA2000 handheld management tool protects lost devices that have wireless connectivity. After such a device is reported missing, it can be moved into the "lost" policy group. The next time the device is connected to the network, the Mobile Automation agent loaded on the device automatically receives command scripts that can destroy all data on the device.

More typically, handheld management systems can help IT managers enforce password policies. Tranzao Co.s OnlyMe, for example, enforces sophisticated policies on Palm OS-based devices that can lock a device every time the screen is turned off, activate a time delay after a certain number of bad log-in attempts or wipe the memory of the device after a certain number of time-delayed "cracker time locks."

In addition, Mobile Automations MA2000 can enforce corporate security policies so that, for example, the handhelds native operating system uses passwords correctly. And if an encryption system is being used, MA2000—like Novell Inc.s ZENworks for Handhelds and XcelleNet Inc.s Afaria—can make sure the components are delivered to all appropriate devices.

IT managers can expect to see a number of other improvements in handheld device management. For one, they will soon be able to manage encryption, firewall and VPN (virtual private network) functions in a single interface. Check Point Software Technologies Ltd. announced a combined firewall/VPN product for handhelds earlier this year.

eWeek Labs would also like to see the integration of desktop and mobile management products so that policies and management tasks such as password enforcement could be conducted in the same management console.

Also on our wish list is technology that would audit device configurations for security risks. One thing managers can do today is run asset inventory tools on handheld devices to determine what software is installed.

Senior Analyst Cameron Sturdevant can be reached at cameron_sturdevant@