Moving Targets

Mobile security vendors must distinguish themselves-from or with Microsoft.

Microsoft's recent announcement of its new System Center Mobile Device Manager 2008 should be a galvanizing moment for the mobile security industry. While the market still has not opened up as much as expected—largely due to a threat landscape that still hasn't truly evolved (but undoubtedly will)—the idea of a large vendor with deep pockets playing on mobile security turf is undoubtedly disquieting for many players.

However, there is still plenty of opportunity to tap into this burgeoning market for security vendors that can distinguish themselves through wide platform support, richer feature sets, and thoughtful partnerships and integrations.

By extending its reach from the corporate network out to mobile devices anywhere in the world, Microsoft has finally turned the Windows Mobile operating system into a complete mobile ecosystem, marrying device functionality with centralized management, connectivity and security.

The new platform will definitely enhance Windows Mobile's existing security features with new global control, as integration with Active Directory will extend group policy controls to Windows Mobile devices. Centralized management of the native encryption, feature lockout and VPN capabilities of the operating system will be a key selling point.

But Microsoft is not tackling every kind of mobile security problem with MDM (Mobile Device Manager) 2008, as firewalling and intrusion detection, anti-malware and SMS (Short Message Service) anti-spam remain unaddressed.

Like Research In Motion's BlackBerry Enterprise Server, Microsoft's MDM 2008 will be geared solely toward a single mobile operating system environment.

Unfortunately, most organizations are not single-platform shops. Through mergers and acquisitions or piecemeal deployment strategies, many companies are rife with a range of devices—a patch of BlackBerry, a fistful of Palm, with pockets of Windows Mobile here and there.


Steven J. Vaughan-Nichols says Microsoft's MDM is no BlackBerry killer. Click here to read more.

These shortcomings leave room for third-party security vendors to fill the breach with a solution that layers on additional security functions while seamlessly blending and adding value to core features customers already have—provided they meet a few requirements. The software must work with a company's existing Mobile Device Management platform (the one used for provisioning, software deployment, event logging and so on), and it should work with most major mobile platforms (or at least the open ones) a company supports.


The big anti-virus vendors have a leg up in mind share here. A satisfied customer using an anti-virus solution for the desktop and server should turn to that same company first for mobile, both because the solution will be familiar and because of the expectation that the mobile solution will slide right into the security management systems already in place.

My tests of one such solution—Symantec's Mobile Security Suite 5.0 for Windows Mobile—indicate that some of these products don't yet meet these goals (see review, here). Symantec's new features—including device lock, encryption and policy-based management, which are licensed from BlueFire—are not yet well-integrated into Symantec's familiar management systems, nor are they available for any mobile operating system other than Windows Mobile 5.0.

This month, Trend Micro will launch Version 5.0 of its Mobile Security platform, targeted at Windows Mobile (versions 5.0 and 6) and Symbian OS 9.1 deployments. Like Symantec, Trend Micro is layering on new features that address today's concerns: FIPS-140-2 encryption for cards and devices with centralized key management, device wiping, time-based access controls and centralized policy-based management to go with the anti-virus, firewall, IDS (intrusion detection system) and SMS anti-spam Trend Micro already offers. Also like Symantec, Trend Micro has partnered to bring in some of the new functionality—in this case, with TrustDigital for encryption.

While I have not yet had hands-on experience with Trend Micro's product, it appears the company has done a much better job at cross-platform integration than Symantec has, hooking mobile device management (both policy creation and ongoing monitoring) into the Office­Scan 8.0 console used for regular desktop or server-based security deployments via a plug-in. Trend Micro has also laid out a clearer timeline for multiplatform support than Symantec has.

Future opportunities

In recent discussions with Hewlett-Packard about its new line of iPaqs, I learned that the device maker was working with customers and software vendors to bake mission-critical applications directly into ROM to aid customers with upfront device provisioning. Major third-party security vendors such as Symantec and Trend Micro should have significant leverage in getting their agents integrated from the start.

Microsoft makes both the mobile operating system and its own anti-malware software (ForeFront Client Security), which will likely be ported to the Windows Mobile platform at some point. However, it is safe to assume that Microsoft will be unlikely to reach an accord with device makers to bake ForeFront into ROM, simply because such a move would likely light a fire under the European Union and other anti-competition watchdogs.

Check out's Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK's Security Watch blog.