Mobile Feature Pack to Upgrade Security

Here's the scenario: Your scatterbrained Human Resources director has once again left his PDA in a cab. On his PDA is salary information, Social Security numbers and other highly sensitive information for every single employee in your organization. Imagining an unscrupulous cabbie or passenger abusing that information has you in a cold sweat.

According to Microsoft, if you have the Messaging and Security Feature Pack for Windows Mobile 5.0, this nightmare can be avoided. The ability to remotely wipe the hard drive of a device that's in danger of being compromised is one of the enhancements to its mobile operating system, due out this fall.

The feature pack works with Exchange Server 2003 Service Pack 2, due around the same time. It's part of Microsoft's effort to win over users of mobile devices like the RIM BlackBerry, using similar "push" technology to move data to PDAs, cell phones and other handheld units. (Microsoft has confirmed that the feature pack will not be backwards compatible, so it won't be available to environments running previous versions of Exchange.)

Microsoft touted some other enhancements of the feature pack, including the ability to look up global address information on a wireless device, and manage and enforce corporate IT policy over the air. John Starkweather, a senior product manager for Windows Mobile, said there's a huge untapped market for the advantages offered by the feature pack. There are between 130 million and 140 million Exchange users worldwide, he estimated. By contrast, only about 20 million people use mobile e-mail in any form.

Although that number is relatively small, it appears the market has embraced the promise of mobile computing; Starkweather said there are currently about 40 OEMs building Windows Mobile devices today. One advantage they have over non-Windows mobile developers is the simplicity of the system. Windows Mobile uses a direct IP connection from Exchange to the device, cutting out middleware and other servers used in a multi-tiered environment like BlackBerry. The data sent between the device and Exchange is encrypted for security. That simplicity, Microsoft hopes, will also lead to reduced hardware and software costs.

Cutting out the extra layers seems to speed up communications; a Microsoft demo showed a PDA synching with Exchange and pulling down e-mail, calendar, contact and other information in just seconds.

At its TechEd announcement of the feature pack, though, the focus was clearly on the security aspects of the update, in recognition of the public and IT's continuing wariness of Microsoft's track record on security when it comes to new products. The biggest security threat with mobile devices, Starkweather said, is "someone leaving the device somewhere."

But another common security threat is not an issue for Microsoft mobile devices—at least so far. Starkweather said there has never been a successful attack on a mobile phone using a Windows OS.

About the Author

Keith Ward is the editor in chief of Virtualization & Cloud Review. Follow him on Twitter @VirtReviewKeith.


  • Microsoft Warns IT Pros on Windows Netlogon Fix Coming Next Month

    Microsoft on Thursday issued a reminder to organizations to ensure that their systems are properly patched for a "Critical"-rated Windows Netlogon vulnerability before next month's "update Tuesday" patch distribution arrives.

  • Microsoft Nudging Skype for Business Users to Teams

    Microsoft on Thursday announced some perks and prods for Skype for Business unified communications users, with the aim of moving them to the Microsoft Teams collaboration service instead.

  • How To Improve Windows 10's Sound and Video Quality

    Windows 10 comes with built-in tools that can help users get the most out of their sound and video hardware.

  • Microsoft Offers More 'Solorigate' Advice Using Microsoft 365 Defender Tools

    Microsoft issued yet another article with advice on how to use its Microsoft 365 Defender suite of tools to protect against "Solorigate" advanced persistent threat types of attacks in a Thursday announcement.

comments powered by Disqus