Close
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Applications
    • Applications
    • Cybersecurity
    • Development
    • IT Management
    • PC Hardware

    Microsoft Defends Windows Mobile E-Mail Security

    By
    Matt Hines
    -
    November 16, 2006
    Share
    Facebook
    Twitter
    Linkedin

      Responding to analyst reports that elements of its Windows smart phone software may leave users open to data exposure, Microsoft officials contend that the companys wireless e-mail application is secure enough for enterprise adoption today.

      In a recent report published by J. Gold Associates, a wireless research company, analysts proposed that Microsofts decision not to offer file encryption capabilities throughout its Windows Mobile platform could leave users of smart phones running on the software vulnerable to data loss.

      Unlike handheld software from rivals including Good Technology, Research In Motion and Sybase, Microsofts Direct Push e-mail system fails to offer encryption for data once it has reached a handheld, leaving the information open to anyone able to get his or her hands on one of the devices and defeat its password system, J. Gold said.

      Windows Mobile provides for encryption of data while it is in transit to the device, but leaves sensitive corporate data open to access if someone hacks one of the handhelds password, according to Jack Gold, an analyst with the research company.

      As much as lost or stolen laptops with unencrypted data onboard have become a significant pain point for enterprises today, the threat of unprotected information on an easily misplaced handheld could present even greater security challenges, the analyst said.

      However, Microsoft officials said that Windows Mobile 5.0, the latest iteration of the product, provides users with the right balance of security and usability and does not put data stored on the devices at risk by failing to offer additional encryption.

      With the features already built into the handheld software, along with aftermarket security tools available from its partners, the smart phone platform provides more than sufficient protection for enterprise workers who use the software, said John Starkweather, product manager of the Mobile and Embedded Devices division at Microsoft, in Redmond, Wash.

      “Our intent is to provide a solution that works for most organizations; some may want additional security tools, and our partners can provide that and allow end users to encrypt everything natively on the phone,” Starkweather said. “But most people dont want to encrypt everything on the device—most dont even do that on their PCs. There is such limited memory on the wireless devices, even smart phones, that using encryption like that slows performance down to a crawl.”

      Starkweather said that while RIM offers the ability for users to encrypt stored e-mail data, few use the feature because it weighs so heavily on device performance. By offering strong password protection and the ability to remotely wipe out information carried on the devices using third-party tools built to interface with the Windows Mobile application API, customers can protect themselves against the threat of lost and stolen smart phones.

      /zimages/1/28571.gifClick here to read about Symantecs anti-virus software for Windows Mobile smart phones.

      By linking Windows Mobile with its Exchange messaging server software in the way it already does, Microsoft is also trying to make it easy for IT administrators to manage security on the smart phone, he said.

      “We can only work within the available parameters of the devices themselves,” said Starkweather. “Our solution in linking Windows Mobile with Exchange is about leveraging existing infrastructure within organizations, including their mail servers and firewalls; organizations can feel comfortable in using the same security system for Windows Mobile-powered devices that they already use for their PCs.”

      Despite Microsofts defense of its system, Gold said that financial services firms, health care providers and other companies that operate under strict data-handling regulations may see the lack of additional encryption as a reason to go with smart phones running on software other than Windows Mobile.

      “Microsoft has yet to say anywhere that they provide encrypted data storage on the device, which is the crux of the issue, not the data transport, which is done with SSL in Windows Mobile and is secure,” said Gold. “The kill switch is fine but not sufficient for enterprise security needs, nor is the password alone.”

      Security for mobile devices is becoming a more high-profile issue as smart phones become more widely adopted. Some 51 million smart phones were shipped in 2005, representing a mere 6 percent of all wireless handsets, according to iGillottResearch. The research company predicts that the devices will account for 21 percent of handhelds by 2010.

      J. Gold Associates contends that smart phones will make up roughly 10 to 20 percent of wireless device shipments over the next four years but expects that for business users, the number will be much higher, accounting for as much as 50 to 60 percent of all handhelds.

      In September, the Trusted Computing Groups Mobile Phone Work Group issued a draft of its Mobile Trusted Module standard, which is meant to establish guidelines that help wireless device and software makers improve the security of their products.

      A final draft of the set of product specifications is expected to arrive before the end of 2006, and aims to dovetail with other wireless security initiatives driven by groups including the Open Mobile Alliance, Open Mobile Terminal Platform, and Mobile Industry Processor Interface Alliance.

      Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Ryan Naraines eWEEK SecurityWatch blog.

      Matt Hines
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.

      MOST POPULAR ARTICLES

      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Applications

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Applications

      Kyndryl’s Nicolas Sekkaki on Handling AI and...

      James Maguire - November 9, 2022 0
      I spoke with Nicolas Sekkaki, Group Practice Leader for Applications, Data and AI at Kyndryl, about how companies can boost both their AI and...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×