Monday, April 20, 2009

Webcast on SCMDM

Link here: http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID=1032410692&EventCategory=4&culture=en-US&CountryCode=US

This is actually on of the sessions I had lined up (and approved) for doing at Tech Ed in LA next month, but times being what they are the $'s to cover travel etc didn't happen. Still, this stuff is and remains too good to keep to myself, so come one come all! :-)

Friday, March 20, 2009

UK survey on mobile phones being vulnerable to Identity Theft.

Interesting survey by Credant (http://www.credant.com) just published byAuntie Beeb about the kind of data Brits are storing on phone and the risks of identity theft. The risk-taking is jaw-droppingly bad.

http://www.credant.com/phone-data-makes-4.2-million-brits-vulnerable-to-id-theft.html

Apart from observing that it's a disaster waiting to happen, what jumped out at me was this "99% of people use their phones for some sort of business use – even though 26% have been instructed by their employer not to do so ".

Instructed? So who's going to pay any attention to that? Given convenience and expedience over obeying 'instructions' it's pretty obvious what users are going to do.

Why make it easy for them? Why knowingly introduce risk into the enterprise, let alone have so many people running around begging to have their identities stolen? Dumb.

Correctly configured and implemented, this risk is pretty much eliminated by WM & SCMDM. Microsoft really thought this through well and made it easy for administrators to implement common sense protection measures (well, common sense to Redmond and me and a bunch of others), and also comply with a whole gamut of regulations such as HIPPA, SOX, GLB to name but 3 US ones and with a high degree of confidence that much the same applies to UK legislation.

A train wreck waiting to happen.

Wednesday, March 18, 2009

When my iPhone grows up...

it still won't get close to my WM device!

Don't know the original source of the following, but it's very good and completely true!

FWIW, on my WM 6.1 device I have ActiveSync running constantly in the background therefore mail, contacts, calendar and tasks are always in synch, IE is always open, OneNote Mobile (love it!) MyPhone beta and Live Mesh for Mobile. And my battery lasts all day.

OK, so if I fire up gps or use BT for prolonged periods I'll need to plan on a charge top-up at some point, but all in all it really does work as advertised!

Enjoy!


WinMo: Hey, iPhone. How's it goin'?
iPhone: Hey, WinMo. Be right with you. Have to finish with this iFart app.... ...Sorry 'bout that. I'm a one-track phone, ya know.

WinMo: So I hear. Isn't that going to change when you get your 3.0 upgrade?
iPhone: I was afraid you'd bring that - oops. Hang on. Got a text message. Hit my home button, will ya? ... ...
Sorry 'bout that. What were you saying? Oh, yeah. What's that called, what you were talking about? Multifrisking?
WinMo: Multitasking.
iPhone: Never heard of it. I'm getting background notifications. Is that the same thing?
WinMo: Not hardly. Oh, well. Never mind.

iPhone: Oh, c'mon, WinMo. Can I give it a shot? Huh? Can I? Can I?
WinMo: I dunno. It's pretty tough stuff. Not sure that you're up to it. Never mind that those Apple people say it robs me of my power 80 percent faster. I can handle it. You, on the other hand ...
iPhone: C'mon, WinMo! Puleeeeeeeeeze?
WinMo: Fine. But don't say I didn't warn you. Hope you've been working out.

iPhone: OK, I got special permission from my mommy to try this. Here I go. iFart: Open. Crossword puzzle: Open. E-mail: open. Safari: Open. ...
Wait. I'm starting to feel a little dizzy. Something's not right. Can't ... keep ... screen ... on. Wuzzhappenintome?

WinMo: Oh, no, iPhone! Your battery can't handle the big-boy workload! Quick! Better swap it out!
iPhone: Can't. Still ... Only ... Have ... Baby ... Built-in.

WinMo: Uh oh. Here, use my USB-cable (with its handy micro/mini-USB connector).
iPhone: Can't. Only ... Use ... Proprietary ... 30-pin. Good-bye ... Win ... Mo ...


Moral of the story: Some phones are meant for getting things done. Others are meant to be shiny. Maybe next time you'll get your multitasking, little iPhone.

Thursday, March 12, 2009

WM Device Lockdown Webcast

My colleague, Dave Field, is doing a webcast for MS on April 9th on how to leverage the extensive capabilities of device lockdown to manage the applications running on your WM device.

This is an area where MS have invested considerable effort into giving the administrator and device owner a very high degree of granularity over which applications will actually execute on your device. As part of a 'defense in depth' strategy, having the capability to define which applications may run goes a long way towards addressing issues over malware and viruses that have been so prevelent in the PC world.

I already know this is going to be a really good session, extremely informative, and well-presented. Dave really knows what he's talking about, and can articulate it in a fashion that can be understood by mere mortals (like me!).

http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID=1032407365&EventCategory=4&culture=en-US&CountryCode=US

Tuesday, March 3, 2009

Design genius!

Kudos to those nice people at HTC for their amazing creativity with the HTC Touch Pro (avail through AT&T as the "Fuze").

Color me impressed!

Check out the back of the phone. This is seriously cool. Couldn't cut and paste (otherwise I would have done, d'uh!), but if you go here http://www.htc.com/www/product/touchpro/gallery.html and look at the 3rd pic down on the right which shows the back of the device, and you'll see how they've incorporated stealth technology.

Stealth technology in a phone? Wow!

Tell me that isn't cool?

The net result is that when you get really ticked at the phone and throw it across the room it will be completely undetectable by radar! Now that is seriously innovative thinking!

Wednesday, February 18, 2009

My all time favorite Dilbert

Can't see someone trying (and failing) to surreptitiously check their email without this Dilbert coming to mind!


Tuesday, February 17, 2009

Mcfee report on Mobile Security

Good reading. It's nice to know that I'm not alone in having concerns as to what's happening - or rather isn't happening - in the enterprise.

Manufacturers get it. Carriers are clearly feeling the pain. Microsoft get it. How long before everyone else wakes up and smells the coffee? Or it is going to require something nasty to happen in order for folks to get the message that there are major risks to implementing this technology without first conducting appropriate due diligence.

http://www.mcafee.com/us/local_content/reports/mobile_security_report_2009.pdf

more related links:
http://www.securecomputing.net.au/News/137422,mobile-manufacturers-express-security-fears.aspx
http://www.computerweekly.com/Articles/2009/02/16/234838/security-a-top-concern-for-mobile-manufacturers-survey.htm
http://www.mcafee.com/us/local_content/reports/mobile_security_report_2009.pdf
Internet Storm Center Comment: http://isc.sans.org/diary.html?storyid=5875

Make this make sense to me, please

Taking it as a given that the only way to effectively use an iPhone - especially if one has any view towards security - is to Jail Break it, why on earth are Apple arranging for anyone who does this to wind up getting first-hand experience of prison showers?

http://blog.wired.com/27bstroke6/2009/02/apple-says-ipho.html

As a propet of doom and gloom, I'd venture that it's silliness like this which brings closer to reality that my prediction about just how ugly things are going to get once a lost iPhone containing critical data hits the news wires. There's some really bad press a comin'. Just watch.

Loved the comment by the guy who says he's already doing everything on his WM phone that the iPhone does, only immediately find myself asking questions such as "Really? What kind of apps? Running on what device?".

Hmmm.

Monday, February 2, 2009

Excellent paper on WM Application Security

My brilliant and talented colleague Dave Field has written a comprehensive technical paper “Windows Mobile Application Security Configuration for Enterprise Deployments.” It recommends how enterprises can take advantage of the powerful security features of Windows Mobile to defend against malicious and unsupported application use. Taking a very pragmatic approach, Dave outlines how various features work and how to implement them.
The paper is available for download on the Enterprise Mobile website, at http://www.enterprisemobile.com/resources/white-papers.htm.

Highly recommended reading. Dave's taken complex material and presented it in a highly readable and understandable fashion.