Marco Nielsen at myITforum.com

WM 6.1/6.5 Device Patch for SCMDM Slow Down Issues

Some of the folks over at the SCMDM Forum have been discussing device issues after they are enrolled in SCMDM. Several customers opened Microsoft Support tickets on the issues and Microsoft has now a hotfix to hopefully get rid of the woes.  Some customers are already stating good success with the patch.

You can find the patch information here and download it:
http://support.microsoft.com/?kbid=979220

I would highly recommend testing it on specific models that are having the problem before deployment en-masse to all your enrolled devices.

BTW, There was also another hotfix rollup patch released for SCMDM 2008 RTM last month to fix 4 specific issues. You can find it here if you haven’t already upgraded to SCMDM 2008 SP1: http://support.microsoft.com/?kbid=976623.

|\\arco..

Office Mobile 2010 Beta for Windows phone – Whats new and exciting

Arguably one of the strongest features of the Windows Mobile (aka Windows phone, which I still can’t get used to) platform is it’s integration, support and feature matching of the Microsoft Office suite. This is a highly desired feature for most corporate enterprise customers and a good chunk of consumers. This still stands true today and it appears that Microsoft is taking steps to continue to build and improve on this with their Office Mobile 2010 plans.

This week on the Windows Marketplace for Mobile the beta version of the new Office Mobile 2010 was made available on devices running Windows Mobile 6.5. The same week that the full blown Office 2010 beta was made public as well in both x86 and x64 versions. 

The previous Office Mobile 6.1 (also available on the Marketplace for WM 5.0 w/MSFP and above), was released back in 2007 together with the Windows Mobile 6.1 launch. It supplied support for the new Office 2007 file formats. The Office Mobile 6.1 home page is here, and FAQ.

This Office Mobile 2010 beta copy will expire on April 5th, 2010, and it is unknown how the final release will be licensed. We can only hope that Microsoft makes it available to the broadest audience possible.

So what is new?

A quick marketing run-down is available in “The Top 10 benefits of Office Mobile 2010” is posted here.

Also interesting to note in the video presentation of “What’s New in Microsoft Office Mobile 2010” by Dev Balasybramanian is the mention of “Mobile Document Viewers” that can be used on almost any mobile device, including iPhone and Blackberry. I believe this is in reference to the general SharePoint 2010 mobile support as detailed here.

Installation from Marketplace

Details on the beta:

Was painless and easy:
 

After the reboot, nice new icons are available:

I will quickly go through each application and give some highlights. Of course this could all change as this is a beta public release. But usually the Microsoft public releases are feature complete and just bug fixes remain.

Word Mobile 2010 beta

Functional appears to be exactly the same as the 6.1 version from what I could tell:

Excel Mobile 2010 beta

I was unable to quickly see any new menu features in the product. So if Microsoft is stating that is some new supported formulas I would have to take their word on it. :-)

PowerPoint Mobile 2010 beta

The options appear to be the same as in the previous release, but the landscape right and left-handed have disappeared..

One of the first changes I noticed is the missing menu triangle which used to appear on screen, and when pressed displayed the application menu. There is now a nice clean look, and the same finger swipe gestures can be used. An automatic timeout removes the top and bottom lines of the screen so the slide is full-screen. If you press and hold down on the screen, a smaller menu appears to assist in the slide deck movement.

The rest of the functions appear to be same, with the exception of the new “Presentation Companion” option. This requires a bluetooth pairing to a computer running the same PowerPoint slide deck and lets you control the presentation from the phone!  Now, this is not something new for the Windows Mobile platform as back in 2008 the Windows SideShow for Windows Mobile was released and various information can be found on how that works.

If you select “Email steps” on the bottom left of the screen a nice feature lets you e-mail the on screen steps to yourself or others:

The 4-step instructions are as follows:

“Presentation Companion allows you to deliver a presentation on your computer from your Windows® phone. To use Presentation Companion, do the following:
1.If you haven't installed Presentation Companion on your computer, install it from http://go.microsoft.com/fwlink/?LinkId=165847.
2. On your computer, open the presentation, and, on the ribbon, click the Add-Ins tab, and then click Presentation Companion.
3. On your phone, open the presentation, tap Menu, and then tap Presentation Companion.
4. Use the wizard on your phone to connect to your computer.”

The 6.2Mb installation of Presentation Companion 1.0 Beta is painless and requires no reboot (love it when that is the case). It does install some additional Office and .Net Framework components in my case, running Office 2007. This proves a point that you don’t need Office 2010 beta to use this feature.

Once the pre-requisites are installed the actual installation of the tool can begin:

After installation I pulled up the deck I wanted to control in my PowerPoint 2007 and got this prompt for the new add-in:

And did see the new addition in Add-Ins ribbon:

I clicked Start and was prompted to setup Bluetooth:

My Toshiba notebook wasn’t too happy with the Bluetooth stack when I answered yes, so I decided to pair up the phone, from the phone instead. Clicked Next and then Add Computer (still in PowerPoint Mobile 2010). After searching and typing in the PIN on both sides it paired up successfully!  In the mean time I updated my Toshiba bluetooth stack from here, and it still failed to work. Then I found Steve “fyiguy” Hughes excellent idea to install and use the Microsoft IntelliPoint drivers and that finally worked like a charm:

Now with the same PowerPoint files open on both devices, I have a powerful companion for my presentations. The notes for each slide will be displayed on the Windows phone, and I can navigate and control the slides on the computer from my phone!

If you select “Clicker Slide Show” the slide notes are not shown, and instead the slide itself on the phone. Pretty slick. The only thing I felt was missing was a cursor or mouse arrow that I could highlight on the slides during a presentation.

Supposely the PowerPoint Mobile 2010 now has supported for rendering of SmartArt graphics. But in my test it appeared to fail to render it in the same way as on my computer. I hope fewer failures and missed graphics than I have seen on Office Mobile 6.1, where at times it has crashed and burned on me but more testing is of course needed.. So far it appears very stable, but I’m not sure which SmartArt graphics it supports..

OneNote Mobile

This client appears to to be the almost the same version as the one supplied in Office Mobile 6.1 back in 2007 (which had Build 12.0.4518.1055). It also doesn’t bear the “beta” word it’s in title, so I’m guessing it is fairly untouched compared to the others in the suite.

SharePoint Workspace Mobile 2010 beta

I don’t have a SharePoint 2010 Beta setup running, so I couldn’t fully test the SharePoint Workspace Mobile 2010 beta client. Perhaps others could comment on this and their findings?

Looks like it has some nice features to sync information back and forth from SharePoint. Together with the possibility to edit documents from SharePoint and save them back this indeed could appeal to many enterprise customers with employees on the go..

Outlook Mobile 2010

Although not in the Office Mobile 2010 beta installation. A new client is available together with the Exchange 2010 launch. It is already included on the Window Mobile 6.5 devices, and available for Windows Mobile 6.1 devices here.

Please see my previous posting on Exchange 2010 and mobility here for more details.

What’s Exciting

As a recap, the PowerPoint Mobile Presenter Companion is definitely something new for the Office Mobile suite. And the SharePoint Mobile client gives additional benefits to view, and modify your SharePoint document libraries when on the go. Outlook Mobile is near and dear to the heart of most Windows Mobile users and not surprising more tied to the Exchange server release cycle than Office Mobile.

Old staples such as Excel Mobile and Word Mobile appear to be felt alone and perhaps a good thing at this time. So I wouldn’t call this a major release of the Office Mobile suite, but maybe a update to keep it refreshed in the new Windows Mobile 6.5 and Marketplace world it now has.

Time will tell if and how a perhaps greater refresh of the Office Mobile suite will occur around the timeline of Windows Mobile 7.0..

Future Support

On my wish-list I would like to see:

LiveMeeting - Cisco WebEx is has already been available for the iPhone since January.. Why couldn’t a LiveMeeting Mobile client be created? I’m guessing that next Office Communication Server 2010 will bring more LiveMeeting features.. We can only hope that mobility is more a part of that as they have done successfully in the Office Communicator Mobile client.

Visio – Why not port the Visio 2010 Viewer over to Windows Mobile?

Project – With Project 2010 Server being installed on-top of SharePoint I wonder if any mobility features are being thought of there..

Nokia - With the Nokia partnership announced back in August, and the pending release of Office Mobile 2010 after the beta cycle, will this mean that the Nokia/Symbian release is next up?

|\\arco..

Windows Marketplace for Mobile for Windows Mobile 6.0 and 6.1

One of my colleagues, Don Sorcinelli, gave me a heads up that the Marketplace client for the down-level older Windows Mobile 6.0 and Windows Mobile 6.1 devices is now available.  The Marketplace client is embedded in all the Windows Mobile 6.5 devices.

Text message of the download link if you are in the United States:
http://www.microsoft.com/windowsmobile/en-us/downloads/get-marketplace.mspx 
Download link to be used on the mobile device:
http://mp.windowsphone.com

|\\arco..

Windows Marketplace for Mobile – Now accessible on the web, and the competition

As I blogged about previously in my Step-by-Step Introduction of Windows Marketplace for Mobile, all the features at that time where only available from your handset device.

Now, as previously announced by Microsoft, the online “desktop” web version of the service is now also available as noted in the media.  I will breifly go through the different features and also recap with a nice comparison to the other application store fronts available on the marketplace today..

Windows Marketplace for Mobile on the web

The main login page is here: http://marketplace.windowsphone.com. And looks like this once you have signed on with your Live account:

You can easily drill down into any application and see the details, reviews and screenshots.

Features

Perhaps the most interesting is if you click on the “Purchase History” label at the top you can visually see all of your previous purchases, freebie or otherwise:

You can drill down into each purchase and see the additional details:

The “Account Settings” tab brings up an easy to use place to change your payment preferences. You can have different ones either for the phone or the web site.

The “Community” link brings you over to the Windows phone Forums, where there is also one for the Marketplace.

Filtering

Without signing into your Live account, or if you have never setup Marketplace on your Windows Mobile device(s) you can still view all the applications available. You can filter the available application for the 2 device types, Professional (touch screen), or Standard (non-touch screen) in the top right hand corner of the screen:

Language Selection

One last perhaps interesting tidbit I noticed, is that if you don’t sign-in you can actual select which language filter you wish to display the available Marketplace applications. In the bottom right corner there is a “Select Catalog” drop down:

Perhaps interesting to see the differences in the amount of available applications in certain languages just like they have been reported on the portable devices..

Quick Comparison to 7 Competitors

In the world of mobile application store fronts the monetary success of Apple’s iTunes store simply can not be ignored. So not just the operating system vendors are jumping on this bandwagon. Many mobile operators, and now OEM’s are also getting onboard. More competition is usually healthy for the consumer or enterprise customer. So it is definitely interesting times we are in. :-)

Apple

The Apple iPhone folks actually have multiple avenues nicely packaged for them:

Web Apps: http://www.apple.com/webapps/ – Provides an overview of some of the 1700+ applications you don’t have to install on the iPhone, but uses a plain Internet URL to access them. Most are optimized for the specific iPhone screen size and Safari browser.

iTunes Store: http://www.apple.com/itunes/ – No native web interface to access the store. You must install the iTunes application, but can browse without a configured device. With it’s 100,000+ applications for the iPod Touch/iPhone the current defacto leader inthe mobile space. The newer Genius feature, where application picks based upon your current installation of application is very clever and surprising attractive..

For another interesting view of the iTunes App Store, be sure to check out the “App Store Wall”. Originally shown at the Apple WWDC (Worldwide Developers Conference) in the summer of 2009. It provides a live view of the top 20,000 applications and their live activity of purchases on twenty 30” monitors. Better screen shots here. It is now on display at Apple’s Cupertino, CA corporate office in the main lobby..

Blackberry

The RIM Blackberry folks have the launched their “Blackberry App World” earlier this year. It has a nice open web access to view it’s contents as well: http://appworld.blackberry.com/webstore/.

Several different filters and views to drill down into the applications you are interested in. A nice touch is the RSS feed on the featured applications.

Android

The Android Market web site appears not to be a full view into all the available applications. Just the featured, and top paid and free applications are highlighted. For the free applications, they can be filtered by 16 sub-categories.

Only screenshots and a brief description are made available. Hopefully some more development and feature will be added in the near future. Only a few months in life it clearly needs some more work..

Nokia

Nokia lunched it’s application store front back in May of 2009. It’s called “Ovi Store”, and was supposely launched with more than 20,000 applications in it’s back pocket to give it a boost from the get-go. Looking at the other platforms, probably not a bad decision for a mature platform to get it going.

However the web interface is not geared for desktop web viewing, even though it does pulls up in a fairly readable way: https://store.ovi.com/.

Ovi is already a cloud service for the Nokia platform, much like Apple’s MobileMe, or Microsoft’s MyPhone services. Nokia is also dabbling in the multimedia space with their own Nokia Music Store.

webOS

The Palm webOS application store is named “Palm App Catalog”. Tied to the public SDK releases for the operating system the App Catalog is coming up with a slow start it appears. Full support for paid apps appears to be coming up in December, where more developers and companies might have been waiting for to gain access into this well thought out platform.

No direct web accessible version of the Palm App Catalog so far, without using a webOS device itself. Although the application page on Palm’s web site gives a good glimpse of the top featured applications in 16 different categories.

The newly available Palm Pixi device running webOS does indeed look interesting and may push this platform into the application boom it probably deserves..

Samsung

Samsung is calling their own version simply “Application Store”. Limited to the United Kingdom, Italy and France at this time. Perhaps not a global or even regional play at this point in time, but shows their interest and willingness to have a full fledge “store” solution.

Samsung is borrowing heavily from the Apple playbook and created their own iTunes type application they are calling “Samsung Kies”.  Installed on your desktop you can sync applications and browse for applications. On the device side, it appears they are catering this mainly to the Omnia line of devices running Windows Mobile at this time. But Samsung is a multi-platform OEM company and has not been shy to announce future Android and Symbian handsets coming out soon.

Verizon

One of the first larger mobile operators (United States-wise) to go public this summer that they want to have their own branded store front on their devices is Verizon.  They are adding a new twist to this new frontier that only their own application store will be initially made available on the handsets sold by them to their customers. Customers can download and install the vendor store application (RIM, Microsoft, etc) but this is again a sign of the monetary gains at stake with mobile applications and stores.

The “VZAppZone” is already live and appears only Windows Mobile and RIM devices have been supported in the beginning.

BTW, for consumer LG devices sold by Verizon there is a whole other “Media Store” where ringtones, music, games, applications and wallpapers can be purchased and downloaded. Some with monthly usage fees. So a mobile operator driven store is nothing foreign to them and only natural to expand to more platforms and devices in their portfolio..

Impact to the Corporate Enterprise

It is clear with the success of the iPhone platform and it’s iTunes Store, that any major consumer contender will need to have similar features and ease of application access.

Solutions on how to bring this back to the enterprise still are in their infancy I believe. Many questions pop up and an area of “grey” and murkiness appears.  How does IT allow a corporate liable device access to the right application for their business? How can you streamline application activation, deployment and updates? I will try to address some of these questions in future blog postings!

|\\arco..

Windows Mobile 6.5 Upgrades – November 11, 2009

As I mentioned last month due to the public release of Windows Mobile 6.5, aka Windows Phone, I wanted to pick up where I left off with my previous popular postings on the public Windows Mobile 6.1 upgrades available for devices..

Many of these are not released yet, but due to the 6.5 marketing efforts some approximate release dates are being made public.  As they are released I will attempt to collect the links as I did previously with the Windows Mobile 6.1 upgrades. This time around Microsoft is also helping and providing their own official upgrade list here..

|\\arco..

Jailbroken iPhone worm on the loose down-under

I’m not surprised to see the news that one of the first worms has hit the jailbroken iPhone community. Granted it appears that this one does not do anything malicious, except for changing your wallpaper to an old 1980s picture of Rick Astley which the author apparently must have been a fan of. :-)

Please see more details here: http://www.sophos.com/blogs/gc/g/2009/11/08/iphone-worm-discovered-wallpaper-rick-astley-photo/

This again brings up some important aspects when dealing with the iPhone and especially jailbroken iPhone’s in your business environment.  You probably want to filter and block any jailbroken iPhone devices from accessing your corporate data. Or at the very least make it a user policy that jailbroken devices are not acceptable. I believe at least one Device Management solution can detect a jailbroken iPhone, please see the information on MobileIron.

As Jonathan Zdziarski brings up repeatedly there are specific security gaps that you should be aware of when support the iPhone. To a certain extent custom applications can be coded to provide some protection of these gaps. See a good presentation of this here..

|\\arco..

Celio REDFLY now supports Blackberry

After many rumors, videos, announcements and a period of time, the Blackberry support is now publically available. It appears a firmware upgrade is necessary (which requires a Windows Mobile device) and only select Blackberry devices are supported here in beginning. But I think it is great that you can now leverage it across platforms! And can see on the forums that Windows Mobile 6.5 and Android support is not far behind!  Although I’m questioning why the original C8 owners are left sorta out in the dark..

“The REDFLY Mobile Companion is now compatible with select BlackBerry smartphones. REDFLY-supported phones at the time of launch are the Blackberry Bold 9000, BlackBerry Curve 8900, and the BlackBerry Tour 9630. Celio plans to support additional BlackBerry smartphones in the future as new phones are released.

The BlackBerry driver is offered free of charge to both existing and new REDFLY Mobile Companion model C8N and C7 owners.

If you have a REDFLY that was purchased before Nov 1, 2009 and you want to connect it to a supported BlackBerry smartphone, you will first need to update the REDFLY's firmware using a Windows Mobile phone in order for it to become "BlackBerry aware." Once the REDFLY firmware has been updated, it will connect to either a supported BlackBerry or a Windows Mobile phone interchangeably. REDFLY Mobile Companion units purchased after Nov 1, 2009 ship with the latest firmware and can connect directly to a BlackBerry without needing a firmware update.”

Go here for more information..

|\\arco..

Step-by-Step Introduction to Microsoft® My Phone

Together with the many announcements this week on the new Windows phone (aka Windows Mobile 6.5) there was also an announcement about the updated public release for the My Phone cloud service for Windows Mobile devices.

I will take a quick step-by-step view on the product and it’s features. I will attempt to use lots of screen shots so you have a good feeling on how the product works and operates. At the end I will state some observations from the corporate and consumer sides on the product.

History and Background

First a little history. Codenamed “SkyBox”, it was first publically announced way back on February 16, 2009 together with Marketplace (codenamed “SkyMarket) and Windows Mobile 6.5 at Mobile World Congress 2009 in Barcelona Spain.

As described by Mary-Jo Foley on February 3, 2009, the current launch release does appear to be “SkyBox v1.5” she described way back then. So the vision and features she described behind “SkyBox v2.0” might indeed show the light of day with the next release of Windows phone (aka Windows Mobile 7.0).

Much of the technology behind My Phone is believed to be from the acquisition in June 2008 that Microsoft made of the Portuguese company called MobiComp. This can also be confirmed by viewing the location field in the product team’s blog. :-)

Also back in 2008, Microsoft Live Mesh, appeared to be the cross-platform synchronization solution that would take data from/to mobile devices. The direction with Microsoft My Phone today appears to make a distinct path away from Live Mesh, at least where the Windows Mobile devices are concerned..

What does it do?

Microsoft My Phone provides a free backup and restore mechanism for Windows phone/Mobile devices.

The default settings will synchronize your contacts, calendar appointments, tasks, photos, videos, text messages, songs, browser favorites and documents between your phone and your My Phone web account.

From the password-protected web site (Windows Live ID driven) you can organize contacts and appointments on your phone, and search through your old text messages. Changes appear on your phone the next time you sync.

Please go here for more details.

New Features

Since the first early limited beta access in February 2009 to the public beta in May 2009 much of the feature set remained the same. With the Windows phone launch announcement on October 6, 2009, several new features where announced (as quoted from the e-mail announcement):

Share photos on popular social networks

“With just a few clicks, you can post photos to Windows Live, Facebook, MySpace and Flickr from the My Phone online portal or directly from your phone.”

Find your missing phone

“My Phone can show you the last known location of your phone on a map.  To activate this feature, select "Send phone location" in your phone's My Phone settings.  Not available in all markets.”

Premium features

“My Phone can help you secure a lost phone using new Premium features.  You can lock or post a message on your phone from the web.  Or, if you know the phone is gone for good, you can use My Phone to erase all your personal information so it doesn't fall into the wrong hands.  For a limited time, you can try these features for free, so be sure to check them out.  Premium features are not available in all markets.”

Important to note from the launch announcement, that several features are currently available only in the United States at this time:

“The My Phone Premium package includes the ability to immediately locate the phone’s current location on a map (in the U.S. only)”

“Windows Mobile 6.0, 6.1 or 6.5 can access the premium package free of charge until Nov. 30, 2009. After that date, seven-day access to the premium package will be available for purchase for $4.99 in the U.S.”

Upgrade

The upgrade process from my previous version was fairly seamless and mandatory if I wished to continue the free service. A reboot of the device was necessary to complete the upgrade installation.

New Installation

If not already present on your device (from your OEM or Mobile Operator) a new application installation on a device can occur in several ways:

- Accessing http://myphone.microsoft.com directly on the device or desktop/notebook, can lead you to the Microsoft site where it can send you a text message with the download link.

- Accessing http://myphone.microsoft.com\install directly on the device, and download it directly onto the device.

- Accessing Windows Marketplace for Mobile and download the free application to your phone.

After the installation when you start up the application for the first time, you will see screens like these to setup and configure your device:

After you hit Finish, a manual synchronization process will take place with the selected data types.

Menu and About

The main menu options, and the version tested is 01.05.2128.0401.

If you hit the “Sync” option to the bottom left you will activate a manual synchronization.

Now some quick screen shots of each of the main menu options.

Sync Details

Show changes made and useful information such as total size and date/time of last synchronization.

Synchronization processes continue in the background (wonderful multitasking features Windows Mobile continues to have isn’t it?).

Sync Options

Please notice that if you have an ActiveSync configuration to an Exchange server or using Windows Live for e-mail the Contacts and Calendar options will not be available for selection.

Please notice the new “Current location” option that can be selected, compared to the previous My Phone release.

Sync Schedule

Share Photos

The new Share menu option lets you select a picture on the device and send it through the configured e-mail or Text messaging.

The Social Networks options supports 4 social services at this time:

The Flickr feature alone could make other 3rd party add-on applications obsolete depending on the features and be another value to using My Phone.

Account Options

Give you a basic fare of account options.

Microsoft My Phone Backend

But the real magic is now on the new backend. After you signing to your account using your Windows Live ID at http://microsoft.com/myphone and click on “Connected phones”, and out for the icon for your phone click on “Locate your phone”. This new screen appears:

Clicking the “Get started” link for the brings up a 2-step process to sign up for the new Premium Features:

After input of the phone number and a few brief seconds of magic (with no new text message announcements on the phone), it appears it was happy and announced i was confirmed:

Please note that the free trial of the Premium Features is available per device you are using with the free service. Going back to the previous page, I now see usage options for the new features. Take note of the limited number of free usages and the short 7 day trial period. Is there a reason why it couldn’t be a tad longer, like 14 days?

Locating your phone

Even in the free My Phone services, locating your phone can be performed. However this is using the last synchronization data, either automated or manual.

As part of the Premium Features you can poll the device location on-demand. It appears this is using text messages. Most likely OMA DM type messages.

Once you do have a GPS coordinate synchronized in My Phone with the back-end server(s) you will see a active link and last known location:

Location Issues

An ongoing problem with many devices today is the reliability of the public available GPS, especially in-doors where it was never designed to function. :-)  Many applications are now using hybrid solutions using Mobile Operator/Carrier tower triangulation, or the currently connected tower location. Battery consumption when having GPS enabled also continues to be a problem with the power usage and battery technology available in the devices on the market. Although that is starting to change with better A-GPS chipsets, LCD/LED screen and CPU designs.

It appears that My Phone is dependant on a good GPS signal at the time of the synchronization or the on-demand Premium functionality, so you may have some issues until that falls into place.

I would advise to seek help from the OEM or Mobile Operator where you received your device from if you have general GPS issues or questions.

Microsoft My Phone Limitations

The main basic limitation is the support for down-level Windows Mobile operating systems. So you will need Windows Mobile 6.0 or above to use the device application and cloud service.

For the free services, there is not much to point out limitation wise:

- There is a 200Mb limit of storage per account for all data of any kind (text, docs, pictures, storage card etc).

If you do select to backup the contents of the storage card, or have a large number of pictures, the 200Mb limit may be a bit tight understandably. There is also no flexibility at this time to specify certain folders or file filters.

I can only hope that Microsoft will work on increasing this 200Mb limit as the product matures. Think of Hotmail when it first started, and the high limits we have today. :-)

- As to the maximum number of devices you can “connect” to on your same My Phone account, I’m unsure.

I’m personally currently up to 5 different devices and no complaints. :-)

- Data transfer. No limitation from the application side, your Mobile Operator may think otherwise…

Since there currently is minimal flexibility of the selection of on-device content you wish to synchronize you should be aware of any data plan concerns on your device from the Mobile Operator/Carrier side.

May device/plans may have restrictions of the amount of data you can transfer monthly. And if you are roaming and/or travelling internationally you might to seriously consider to turn off automatic synchronization to save yourself from an enormous bill. 

Microsoft My Phone Paid Features

Apart from the free services currently being offered, the new paid Premium Features is the big news in this round.

Depending on the final pricing structure (USD $4.99/month?) the features currently available may appeal to certain consumers who don’t have corporate e-mail (like Exchange) and want to have similar remote-wipe capabilities. The phone location feature of course could appeal to any parent of children, family or small-sized companies. And the ring and lock features could pay for itself quite rapidly in my mind.

I would also hope that the paid services won’t have any of the advertisement banners that the freebie My Phone web site has after you sign-in.

Microsoft My Phone Paid Features – Ring your phone

I was impressed with this feature, since I validated it even if your ringer is off, once activated it will turn on the ringer!

On the device itself, a visual notification will also appear:

Microsoft My Phone Paid Features – Lock your phone

This Premium feature has some nice additional features to customize the activity with a PIN and custom message which will be used on the phone:

Please note that there is a 52 character limit.

On the phone itself this is what it looks like:

These are the screen shots if you enter in the wrong unlock PIN code:

For a deeper explanation of the custom “unlock screen” My Phone has now enforced on the device, please see Andreas Helland’s article here.

A confirmation on the Lock displays on your account screen:

Once the phone is unlocked with the right code, it appears a reboot was enforced on my test device. Possibly to undo the Unlock screen that was enforced..

Microsoft My Phone Paid Features – Erase your phone

This feature is pretty self explanatory, but one nice feature is that you can mandate a final My Phone synchronization before the remote wipe happens.

Once erased your device will also no longer show up in your “Connected phones” page on your My Phone login.

Enterprise Concerns & Solutions

The Microsoft My Phone service is very consumer oriented and driven towards features consumers would use and like. However many of these features could be very appealing for corporate users and IT administrators alike. 

With ActiveSync enabled on the device, the Contacts and Calendar options are not available for My Phone synchronization and assumed safely stored on the server side. Although the thought of corporate documents and text messages (or even links, if intranet access is available) placed on a 3rd party server with no corporate supervision or access will have most corporate security staff antsy and concerned. So the recommendation there is to have a Device Management solution in place and block the ability to run/install Microsoft My Phone on your corporate assets.

Even with the upcoming Exchange 2010 release and it’s promise of text messaging integration there are still some gaps at this point. Exchange does have the remote wipe feature through ActiveSync, and all the same limitations (device must be connected) apply to either solution (or any for that matter).

Other 3rd party Device Management solutions do have more of the backup features of Microsoft My Phone, of course for a price. However in a corporate setting this additional price could be justifiably due to security, legal and information loss concerns.  One slick new product in particular has many interesting device-backup features (off device AntiVirus and virtualization). Please check out MobileIron if you wish to know more. Sybase iAnywhere Afaria also supplies some enterprise solutions for mobile backup and file transfer.

Regarding location features on the enterprise side, many solutions are out there due to the LBS (Location Based Services) needed by the transportation industry. The Device Management solutions from MobileIron and SOTI MobiControl even have easy to use and powerful mapping features to visual see one or more of your manage devices from a corporate perspective.

The easy to use features of My Phone highlights the needs from the Enterprise side to have similar solutions in the corporate space.

Solutions that compare to My Phone

On the one off, consumer side, there are also some paid utilities with some of the same location and backup features My Phone offers as well.

Sprite Software’s Sprite Backup and Sprite Terminator come to mind. Sprite Terminator actually goes further and provides some additional very cool features. Such as, Remote Lock-Down, SIM Change Alert and Activity Retrieval. Sprite Backup has PC, FTP and SD card backup location features, but no Internet “cloud” storage like Microsoft My Phone..

Apple MobileMe

Of course the similarities to the Apple MobileMe service for the iPhone is there. It has a 60-day free trail and a USD $99/year cost. With that you 20Gb of storage, and a monthly 200Gb transfer limitation. Family Packs are USD $149/year with 4 additional e-mail address and 5Gb of storage each. Additional free for extra 40Gb of space.

The current Apple MobileMe features do appear slightly less flashy however. It covers mainly e-mail, contacts, calendar and pictures and the synchronization of them between the iPhone, Mac/PC and website(s).

Dashwire

The free Dashwire solution has been around since the CTIA conference in 2007 and offers some very mature synchronization features. But it is no longer accepting new users, and appears to shutdown at the end of the year. It provided a great web interface and synchronization of the various data content on your phone. But no location and remote wipe features. I was personally using this before Microsoft My Phone on my Windows Mobile devices.

As recently announce at the CTIA 2009 conference a branded Best Buy Mobile version of the Dashwire technology, now labeled Dashworks Platform was unveiled. It is called mIQ. Here is a promo screenshot:

It appears to provide a similar data content backup/restore functionality, and across several platforms (Windows Mobile, Symbian, Blackberry and soon Android in Q1/2010). But again, no additional features such as remote wipe at this time..

Reference links

Home page:
http://myphone.microsoft.com
Product Team Blog:
http://myphoneteam.spaces.live.com
Forum:
http://social.microsoft.com/Forums/en-US/MyPhone/threads
Twitter:
http://twitter.com/msmyphone

|\\arco..
Oct 11, 2009: Updated with Dashwire information.
Oct 12, 2009: Updated with My Phone map info, and Premium feature details.

Samsung and Enterprise Mobile

This week has the large CTIA Wireless IT show going on in San Diego this year, so of course there is a lot of new information coming out this week on products, services and partnerships. One of which is Samsung who is continuing to announce their commitment to support enterprise mobility in a big way. I believe they remain one of the few handset OEMs going to this extent to bring it all together on their devices and catering directly to the enterprise mobility market space..

• Samsung: Samsung Mobile Announces Comprehensive Commitment to Deliver Support, Innovation and Services to Enterprise Market
• Enterprise Mobile: Samsung Mobile Plans to Work with Enterprise Mobile to Deliver Advanced Mobility Solutions for Enterprise Customers
• Oracle: Samsung to Offer Mobile Access to Oracle, Other Software
• Sybase: Samsung Mobile and Sybase to Deliver Advanced Mobility Solutions for Enterprise Customers
• DiVitas: Samsung, DiVitas Partner to Bring Mobile UC to Windows Mobile Devices
• Agito: Samsung Mobile and Agito Networks Announce Availability of First Server-Based Mobile Unified Communications on Samsung Smart Phones

|\\arco..

Locking down SCMDM servers securely

Just a quick nod to J.C. Hornbeck and Clint Koenig at Microsoft on the great reminder to use the Security Configuration Wizard (SCW) for Windows 2003 templates available in the SCMDM 2008 SP1 Resource Kit – Server Tools download..

This way you can, if required in your production environment, minimize the attack surface of each server role. In particular this could be a good thing to do for the Gateway server sitting on your DMZ.  However, please be aware of any remote server management, backup, or other tools and services that might be required for your environment to function properly..

|\\arco..

Step-by-Step Introduction of Windows® Marketplace for Mobile

As announced way back on February 16, 2009 the new Windows® Marketplace for Mobile was made available to the public today on October 6, 2009 in conjunction with the public availability of Windows® Phone (aka Windows Mobile 6.5).

Likewise the supported devices will be Windows Mobile 6.5 during the launch and later in 2009, Windows Mobile 6.0 and 6.1. On a Windows Mobile 6.5 device (or Device Emulator) I took these screen shots of the upgrade process (due to a down-level 6.5 release I assume) which went quickly and only a relative small download of 686Kb.

With the huge success of the Apple App Store on the iPhone platform and all the other mobile platforms having a similar avenue for the end-user to find, purchase and download software on the device itself. It was all too painful not to have a similar solution on the Windows Mobile platform so I welcome the solution!

Upgrade Process

Upgrade from the http://client.marketplace.windowsmobile.com/ placeholder website:

The version I received was 1.0.2201, and I believe the second update so far:

Application Installation

Purchase and account information is all driven through your Windows Live ID:

A total of 14 different built-in main categories make it easy to find a group of applications you might be interested in. Several sub-categories in most of the main categories as well:

Selecting an application gives you a nice drill down of application information, reviews, and screenshots. Very similar to the Apple App Store.. :-)

Application purchase is easy and provides options for various payment options, either through carrier or credit cards. A Windows Live ID is mandatory:

However, it appears that any purchasing is still unavailable and not ready for prime time.

Choosing “My applications” gives an overview of your apps, and an opportunity to review and rate an application:

An important thing to note is that there is currently no “smarts” behind the application if you already have the application previously installed on your device. Thus currently you can not “manage” your existing applications with the Marketplace for Mobile tool..

Installations are done in the background:

Several installations can be selected and queued up for installation at the same time. However prompts from each application installation may appear as they complete:

However there is no options to select the storage location for each application installation. So by default all installations are taken to the Device memory at this time.

Just like on other mobile platforms Microsoft is granting installation of the purchaser (via their Windows Live ID) on up to 5 devices.

Security

On the developer side there has been some stir on the Anti-Piracy solution Microsoft has announced for developers using the Marketplace for Mobile. Please see the white paper here.  It appears the Advanced protection level will be rolled out in December 2009.

Corporate Impact

So far I’ve been unable to find any corporate angles on the usage of Marketplace for Mobile. To block it completely using your Device Management system of choice the file executable name appears to be" “WMMarketplaceFullClient.exe” in the \Windows directory. There also appears to be a “WMMarketplaceUpdater.exe” that you also might want to block if necessary.

There is also a ClientLog file in the \Windows\Marketplace directory that may be useful in some cases..

I do have some ideas on how the Marketplace for Mobile application could perhaps be made more useful for corporate usage on Windows Mobile devices:

For example:
- Extend Marketplace with a Corporate selection of applications through an .XML file with perhaps pointers to intranet locations of .CAB files. These could be licensed or public links to recommended applications..
- Limit Marketplace to only a Corporate selection as mentioned above.
- Extend functionality, so business applications could be pre-installed and managed with Marketplace ready for end-user usage and updating. Ie. SalesForce.com etc.

Of course I’m not sure how this all would tie into the new Anti-Piracy processes Microsoft has envisioned, but creativity shouldn’t hold us back right?  :-)

Reference Links

Developer Information and Marketplace signup:
http://developer.windowsphone.com/Marketplace.aspx 
FAQ:
http://developer.windowsphone.com/Help.aspx
Support Forum:
http://social.microsoft.com/Forums/en-US/marketplacewindowsmobile/threads 
Developer Forum:
http://social.msdn.microsoft.com/Forums/en/mktplace/threads

|\\arco..

Windows Mobile 6.5 Upgrades – October 6, 2009

On this, the eve of the public release of Windows Mobile 6.5, aka Windows Phone, I wanted to pick up where I left off with my previous popular postings on the public Windows Mobile 6.1 upgrades available for devices..

Many of these are not released yet, but due to the 6.5 marketing efforts some approximate release dates are being made public.  As they are released I will attempt to collect the links as I did previously with the Windows Mobile 6.1 upgrades. This time around Microsoft is also helping and providing their own official upgrade list here.

I welcome comments and feedback to make the list useful for as many as possible. This list is not for the various non-official and non-supported cooked ROMs being made for many devices. My intent is to give assistance to enterprise staff supporting their production environments.

But this could also turn out to be more of an watch list until a confirmed update from a OEM/Carrier. :-)  By no means should this list (until valid links are present) be an official stance of future availability. Most are unconfirmed rumors at this point I’m afraid.. The big CTIA show this week will probably have several announcements and availability statements.

Okay, off we go!

|\\arco..

iPhone 3.1 – Anti-Phishing Feature Non Functional?

I noticed several postings about the failure of the new anti-phishing features supplied in the recent iPhone 3.1 release. What now appears to be known is that it is working as designed, but there is little to no easy avenue for the end-user to confirm that it is working.

An interesting recap of information regarding this ill-understood security feature in OS 3.1 can be found here by Sarah Perez. Referencing the solution as told to Jim Dalrymple by Apple..

The solution is to:

It appears so far that even if you follow the quirky instructions, there is no easy way to confirm that the phishing updates are on the device.

However, after finding some suspected phishing sites over on http://www.phishtank.com, I tried one on my iPhone and I did get the “Warning: Suspected phishing site” warning message. So it would appear that I have mine syncing through iTunes and getting the necessary Safari updates at some point while charging..

As for 3rd party anti-phishing applications for the iPhone, I found one here that looks nifty:
http://quinagh.com/sitecheck/

But all of this begs the question on how you could better manage this in an enterprise environment. Right now this is one security feature that is hit and miss I feel so I hope it will be further updated in future updates..

|\\arco..

Windows Mobile 6.5 Training and Certification

A colleague of mine noticed that Microsoft has updated their public http://www.windowsmobiletraining.com site with new content to support the upcoming launch of Windows Mobile 6.5.

Good be a good resource for support staff to get ramped up before employees start to ask questions about their new Windows Mobile 6.5 devices from their favorite mobile operator or local mobile device store this fall.

Some of the training and certification material is geared towards the retail space for individuals working at mobile stores. Others are geared to Small Business owners. However the content can still be useful to understand many of the new features in Windows Mobile 6.5.

I should also mention that successful completion of each course gives you points that you can use to get various free gifts.

Also the Connection forums over at http://www.windowsmobiletraining.com/Connection/ can be very useful.. Moderator Bill Fisher has setup a dedicated forum for Windows Mobile 6.5 as well here: http://www.windowsmobiletraining.com/Connection/forums/89.aspx.

|\\arco..

Wi-Fi Access above 30,000 Feet

As most people travelling for business you have a desire be to connected as much as possible in this day and age. One place where many are disconnected from the world, and actually refreshing for some, is on aircraft above the skies. Having some down time from the busy schedule of conference calls has kinda been one of the benefits of the jet setting business person.

I just noticed this interesting article link over on John Gormly blog about the comparison of all the current in-flight Wi-Fi solutions on the airplane carriers based in the United States.

Kevin Hall also supplied a nice eye-chart with some of the details:

My interest in learning more was peaked, so I started to dig deeper into the world of in-flight internet connectivity..

Aircell Gogo Services

When I checked the actual Gogo site I noticed some additional new information. In addition to the airlines listed above GoGo also has signed recent contracts with:
United Airlines
Air Canada

The pricing also has a $5.95 for a 1.5 hour flight, $12.95 for a 24 hour pass, and a $49.95 for a 30 day pass.

On the Aircell website it states it has the Gogo service now available on over 500 aircraft.

Row 44

Southwest has 4 planes currently in a trial. It appears federal approval of the technology was just granted on August 6th, 2009. This will put the pressure on Aircell’s Gogo service in North America.

Due to this satellite based service letting the airline set their own pricing to consumers it will be up to the airlines to figure out if they are offer the services for free or a price structure for it.  Of course most would like to see free in-flight Wi-Fi service like we are seeing more and more of on the ground. Time will tell if competition in this area will increase the push for the airlines to make their connectivity services a new highlight to differentiate themselves. I think it will over time. :-)

VoIP and Cell Phones

Even though most airlines state currently no VoIP support (the vendors can support it, so it’s up to the airline carriers), they all state that most VPN connections are supported.  So that begs the test to see if you could use VoIP over VPN on the various airlines. Or perhaps use different TCP/IP ports to enable the VoIP usage depending on the solution being used.

On the Flightglobal site has recently several examples of folks using video conferencing and VoIP. Be sure to check out their “channel” devoted to IFE (In-Flight Entertainment) & Connectivity here. Mary Kirby’s Runway Girl blog also provides an interesting view into the industry.

Power

Now with all of these airlines installing the various vendor equipment to provide in-flight Internet connectivity, where do folks get power for their laptops, phones or other devices? Enabling Wi-Fi is currently not the most efficient way to save battery power on most devices today for your consumable batteries.

As I posted previously, the excellent site called SeatGuru can assist you to book and select the correct seats on any airline. You pick the airline and then the aircraft type. Seats with power outlets are marked with little black dots.  Also see the mobile site if you forgot to check beforehand and will try to barter and swap seats with someone on the plane. :-) For additional detail and other tips see their Ultimate Guide to In-Seat Laptop Power Ports.

Features for the Airlines

Another thing that I believe should be mentioned is that these in-flight systems also bring a list of various operational benefits to the airline carrier. Most bring online real-time weather forecasts, and LiveTV has for example Cabin Surveillance options.

International

In other parts of the world other firms have taken up the in-flight mobile connectivity wave as well. But instead of offering Wi-Fi its more about general mobility connectivity. AeroMobile serves Emirates Airline, Malaysian Airlines and australian Qantas and V Australia. AeroMobile provides GSM voice and text messaging in-flight together with GPRS data services.

OnAir provides a simular GSM based service to a list of more than 10 global and regional airlines. Including Air France, popular low cost european RyanAir, British Airways, British Midland, indian Kingfisher Airlines, brazilian TAM Airlines and TAP Portugal, Royal Jordanian, Qatar Airways and Oman Air. Most being deployed in 2009. OnAir is partly owned by european aircraft manufacturer Airbus. OnAir uses Inmarsat’s geo-stationary satellites to-and-from the networks on the ground, as does the AirCell’s Gogo service.

OnAir also provides a nifty interactive page explaining the equipment usage, location and weight used in their solution. For more such information you can also see some WESA (World Airline Entertainment Association) presentations Mary Kirby has gratuitously posted here.

German Lufthansa is supposedly close to re-signing a new deal using the Ku-band services that is previously used with Boeing’s failed Connexion service. Rumored to be in talks with Panasonic.

Boeing is the grandfather of international in-flight connections back in 2001, but failed to get it off the ground after 9/11 and shutdown their consumer services in 2006.

Does it Work?

Some other references to actual experiences with using Wi-Fi on US airplanes:
http://pogue.blogs.nytimes.com/2009/01/05/the-final-frontier-wi-fi-on-airplanes/ 
Video conferencing and VoIP working on American airlines Gogo equipt aircraft:
http://www.flightglobal.com/blogs/runway-girl/2009/08/video-conferencing-voip-alive.html

|\\arco..

Nokia and Microsoft Global Alliance announced

Very interesting events unfolding in the Microsoft landscape these days with the recent announcement of the Nokia and Microsoft Global Alliance. A bold move for both parties, but perhaps the first of many such agreements as the mobile landscape continues to be draw lines in the sand and partners for each platform so the strongest will survive. Of all the other mobile platforms, especially in North America, Nokia probably gives Microsoft the least heartache and your enemy’s enemy is your friend as they say. :-)

Details as posted on the Microsoft PressPass website and the LiveMeeting slides and teleconference:
“This announcement builds on the existing work Nokia is doing by optimizing access to e-mail and other personal information with Exchange ActiveSync. Next year, Nokia intends to start shipping Microsoft Office Communicator Mobile on its smartphones, followed by other Office applications and related software and services in the future. These will include:

• The ability to view, edit, create and share Office documents on more devices in more places with mobile-optimized versions of Microsoft Word, Microsoft PowerPoint, Microsoft Excel and Microsoft OneNote
• Enterprise instant messaging and presence, and optimized conferencing and collaboration experience with Microsoft Office Communicator Mobile
• Mobile access to intranet and extranet portals built on Microsoft SharePoint Server
• Enterprise device management with Microsoft System Center”

So looking at/hearing the details and making some personal comments:
- Renewal of the the Nokia license of Exchange ActiveSync in their products (perhaps in conjunction with Exchange 2010 on the horizon, or just a timing coincidence?).
- Office Communicator Mobile client in 2010 (the only one mentioned with a specific timeframe and perhaps the easiest to port?).
- Office Mobile on Nokia devices, starting with the E-series and then others. (Office Mobile 2010 was stated to be released after the release of Windows Mobile 6.5)
- With a new version of SCCM coming up soon and with the merger of SCMDM, perhaps Nokia/Symbian support will be embedded at RTM or shortly thereafter?

I can’t help to think what the Microsoft Windows Mobile teams think of this new alliance and how it will perhaps dilute their value prop they current have with integration with the other Microsoft product teams. Or I suppose it could make them stronger for the future Windows Mobile 7 release as they need to stand up to the mobile platform competition on their own merits..

Also as the new S60 platform replacement is released by the recently revamped Symbian Foundation, Symbian^2 and it’s follow-ups, Symbian^3 and Symbian^4. I wonder how this could perhaps tie in with Nokia’s new alliance with Microsoft and create the timing for Office Mobile on other devices after the E-series support..

Time will tell if this will benefit the two new alliance partners, but I think most Enterprise customers would only be delighted to see more market co-operation in these days of the all out mobile-platform wars and all the confusion it brings to continue to keep ROI and TCO numbers down..

|\\arco..

4 Real Benefits of iPhone in the Enterprise

Looks like the results of a fairly small survey, but kinda interesting non-the-less. Philippe Winthrop stresses that Apple still needs to make it possible to run a Mobile Device Management agent in the background on the devices. Also shows that companies are seeing more slightly more productivity gains on the iPhones. And that the struggle to develop mobility policies and strategy are the same across the board with or without iPhones. :-)

Please see more details here.

|\\arco..

InfoWorld Enterprise iPhone Report

InfoWorld Magazine has published an interesting “Deep Dive” 28 page report on various iPhone topics for the Enterprise. For some it may not really detail much new, but I think shows a fairly decent overview of the current status and aspects to take into consideration.

You can fill out the form here and get e-mailed a link to download the PDF here: http://www.infoworld.com/iphone-deep-dive

Sections include:
- How to Manage an iPhone
- iPhone OS 3.0 is Better, but..
- 8 Easy Steps to iPhone Security
- Development Tools
- Palm Pre versus iPhone
- BlackBerry versus iPhone 3.0

The report also references these older previously published slide decks that could be handy on their own:
Best iPhone apps: Office and personal productivity (Jan 5, 2009)
Best iPhone apps: SFA, CRM, and BI (Jan 5, 2009)
Best iPhone apps: Communication and collaboration (Jan 5, 2009)
InfoWorld's 10 commandments of iPhone etiquette (Oct 22, 2008)
21 apps Apple doesn't want on your iPhone (Apr 13, 2009)
Mobile deathmatch rematch: BlackBerry vs. iPhone 3.0, side by side (Jul 3, 2009)
Mobile deathmatch: Palm Pre vs. iPhone, side by side (Jul 6, 2009)

|\\arco..

New White Paper: Value of Outsourcing Mobility Initiatives during an Economic Downturn

Just to plug something that could be of value to others. My company, Enterprise Mobile, has a new white paper to share to help customers understand how mobility outsourcing can help them meet their organizations’ mobility requirements— despite budget and personnel cuts and other challenges they are facing. “The Value of Outsourcing during an Economic Downturn” describes how a services firm that specializes in mobility can help enterprises:

· Streamline their mobility initiatives
· Apply best practices to every phase of those projects
· Hold down mobility costs
· Achieve their mobility goals

The paper is available for download on our website, at http://www.enterprisemobile.com/resources/white-papers.htm.

It can also show how complex and demanding a mobile initiative can be and why companies would be wise to outsource to a services provider that can streamline mobility processes in a way that makes the most of valuable enterprise resources (time, money, and people).

|\\arco..

SCMDM Future Roadmap

Since the release of SCMDM SP1 back in December 2008 there has been very little information on the roadmap. One of my colleagues let me know that updated information on this topic was recently posted to the System Center Mobile Device Manager blog: http://blogs.technet.com/mdm/archive/2009/06/25/scmdm-roadmap.aspx

This confirms what was told to the audience at the recent MMS 2009 and Tech Ed North America 2009 conferences the last few months. It was similarly posted to the SCMDM Forum as an answer to a question about the future of the product.

I don’t think it will come as a big surprise and having a strong combined System Center Configuration Manager (SCCM) product should only be a good thing. Especially if you are a Microsoft shop that already is using SCCM.

It will be very interesting to see what features the SCCM team will unveil at the upcoming Tech Ed Europe 2009 in November 2009 on their vNext product that will be released in CY2010.

Some good links to get your feet wet with SCCM:
http://www.microsoft.com/systemcenter/configurationmanager
http://technet.microsoft.com/configmgr
http://blogs.technet.com/configmgrteam
http://myitforum.com/articles/42/section.asp

|\\arco..

MobileMonday – MoMo Chicago

For those local in the Chicago area I will be at the next Mobile Monday Chicago chapter meeting on Monday June 29th. I will give a brief overview of Enterprise Mobile and what we do in the mobile supply chain. Please see the details below.

Date: Monday, June 29, 2009
Time: 6:00 pm – 8:00 pm
Topic: Start-Up Showcase 
Location: Acquity Group, 500 W Madison St, Suite 2200, Chicago, IL 60661
Location Notes: Participants can sign-in at the reception desk on the 3rd floor (picture ID required)

Please see the press-release here:
http://www.pr.com/press-release/160634

Sign-up to attend here:
http://www.eventbrite.com/event/345245639

Look forward to meeting folks there!

|\\arco..

Apple iPhone OS 3.0 For The Enterprise

Due to the recent announcement on the new iPhone 3G S model and the updated 3.0 OS upgrade there has been a lot of buzz about the software and new hardware features. Some say that the iPhone with these upgrades is now ready for the corporate enterprise. That may be true, but I was still concerned about the lack of security features I knew from the previous release so I had to dig a little deeper into this after the release material is now available..

Hardware Encryption

One of the few new security features mentioned is the hardware encryption and instant wipe feature that appears to be included on the iPhone 3G S model and not the older models. This is highlighted on the more features page and also in the iPhone Security Overview on the Enterprise page:

“iPhone 3G S hardware encryption uses AES 256 bit encoding to protect all data on the device. Encryption is always enabled, and cannot be disabled by users.“.  The key phrase is: always enabled. So it is active out of the box!

I think this is probably the single most interesting new feature for iPhone in the Enterprise by a long shot. Mostly in due to the previous security risks that I have mentioned previously.

Anthony Vance has an excellent recap on current thoughts around this new feature and the previous gaps here. Also some interesting comments from the author of the iPhone Forensics book, Jonathan Zdziarski, at the bottom of the entry!

Security Updates

Any large enterprise customer will also want to know what specific security fixes are included in a major OS upgrade. Apple comes through at this point, and has posted a support article with the known CVE security issues patched in the iPhone OS 3.0 software update here.

Enterprise Support on iPhone 3G

Apple has a new Enterprise Deployment Guide updated for the OS 3.0 upgrade. But I was unable to find any mention of the new hardware encryption feature in it.

But if the hardware encryption is enabled out of the box on all the 3G S devices, what can be done for the older 3G devices? There is no mention of software based encryption in the OS 3.0 upgrade. So it could be tricky to authorize and permit e-mail/VPN access towards the users of the newer 3G S devices, and not the older 3G devices.

There are some 3rd party solutions that may fit this security void and also provide some device management features. I think this area will only grow but today I believe there are still some gaps that need to be weighed against your corporate requirements, security risks and TCO..

|\\arco..

SCMDM 2008 SP1 Support for Windows 2008 CA

Just noticed that Michael Jimenez recently blogged and announced official Microsoft support for Windows 2008 Enterprise Edition Certificate Authority with SCMDM 2008 SP1.

I have successfully used the KB951840 patch on down-level devices to remove the error message that otherwise will appear. On the device it will complain that the Root certificate is not installed, even though the certificate chain locally shows it is there. :-) This will also prohibit the IPSec VPN from coming up.

Also as a recap of the different Windows Mobile build numbers and AKUs as I posted previously, you should also be aware of the Password Reset Client on the down-level devices. The important difference being that you could deploy the Password Reset .CAB file out to the devices once enrolled in SCMDM, but the Windows 2008 CA patch you are unable to since the VPN won’t come up without it..

Windows 2008 CA Patch (KB951840) installable on:
Windows Mobile 6.1 devices, Build 19202.1.0.0 and higher. Un-necessary to install on Windows Mobile 6.1.4 devices (Build 20757.1.4.0) or higher.

Password Reset Client installable on:
Windows Mobile 6.1.1 devices, Build 19559.1.1.0 and higher. But stated supported for only for Windows Mobile 6.1.4 devices and higher. So I assume un-necessary to install on Windows Mobile 6.5 devices but I shall test on the newly released emulator. :-)

|\\arco..

Windows Mobile 6.5 Device Emulators and more 6.5 Information

With the Windows Mobile 6.5 device emulator images now finally released we can probably start to see much more information about Windows Mobile 6.5 being made available to the public.

Grab the 6.5 Professional or Standard emulators here:
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=20686a1d-97a8-4f80-bc6a-ae010e085a6e

I already had the Windows Mobile 6.1.4 Professional images and Device Emulator 3.0 installed and the 6.5 images appeared to work straight away:

Please click on any of the pictures below to enlarge them for better viewing. My main purpose for using the emulator is for additional device testing, and not so much on the development side..

Connectivity on Windows Mobile 6.5

To get network connectivity you can follow the same steps as with previous emulators. Please see this blog posting for additional information. 

The emulator network properties:

Walkthrough in a WM 6.5 emulator image: 

MyPhone on Windows Mobile 6.5

Another tip in using the emulator is using the built-in MyPhone client to get more “live” data easily into the emulator for testing and usage. I did get a upgrade prompt to install the latest and greatest MyPhone client in my emulator.  You can now install the open beta MyPhone client on any of your existing Windows Mobile 6.0 or 6.1 devices, back-up the data and then restore it within the emulator.

MyPhone walk-through on the WM 6.5 emulator:

Windows Mobile 6.5 Widgets

Jorge Peraza has posted some quick information on how to get your feet wet with widgets on Windows Mobile 6.5: http://blogs.msdn.com/windowsmobile/archive/2009/06/04/getting-started-with-widgets-on-windows-mobile-6-5.aspx.

What’s Hot about Windows Mobile 6.5

At the recent TechEd this TechTalk was recorded with Dale Coffing and Chris De Herrera to discuss the new user interface, MyPhone and Windows Marketplace for Mobile services:
http://www.msteched.com/online/view.aspx?tid=5471dd4c-9d1f-47c8-85df-c3bf5bfe678c

Network Utility on Windows Mobile 6.5

I did a quick test of the Enterprise Mobile IP Utility and it works under the Windows Mobile 6.5 emulator just fine and could be a very useful tool for troubleshooting:

System Center Mobile Device Manager (SCMDM) 2008 Support in WM 6.5

Of course testing out the SCMDM client embedded in Windows Mobile 6.5 is something I had to test out as well. :-) It didn’t disappoint and the VPN came up fine against a SCMDM 2008 SP1 instance over the Internet. I did notice a new option and error messages provided in the client:

|\\arco..

Exchange 2010 and Mobility

I’m an old Exchange administrator since the 5.0 days and a new version of Microsoft Exchange server is coming near you very soon. It brings a long list of new and enhanced features. This also carries over to mobility and is important for any enterprise Exchange administrator to understand in today’s very mobile world..

I will attempt to highlight some of the important mobile features I feel it brings to the enterprise table and reference places to find additional details and information. Please comment if you may have updated or additional interesting information!

Windows Mobile client Enhancements

Adam Glick has a great recap here:
http://edge.technet.com/Media/Exchange-2010-updates-for-Windows-Mobile/

Enterprise Mobile Security Interview

As I have blogged about previously, there was some interesting webcast  sessions on Windows Mobile, Security and Device Management on TechNet recently.

If you were unable to attend you can also catch a glimpse of one of the speakers I know, David Field here on TechNet Edge:
http://edge.technet.com/Media/Enterprise-Mobile-Security-Interview/

Dave Field spoke at TechEd on mobile security and gives us some insight into mobile phone security on topics such as:

• Areas where Windows Mobile security is strong against the competition
• Scenarios where companies will want to look to 3rd party solutions for mobile security
• Recommended ways to implement 2 factor authentication for phones

The Windows Mobile security whitepaper Dave mentions is something I also blogged about back in February, and available here: http://www.enterprisemobile.com/resources/white-papers.htm

|\\arco..

AT&T Samsung Epix (SGH-i907) ID1 Multipatch

For those of you who might have an AT&T branded Epix which is the Samsung SGH-i907 you probably will want to install this patch as soon as possible. It is now available from Samsung. It includes several patches, including a fix for the critical “Slog Dump” that has been dreaded by many users:

You can obtain it from here:
http://www.samsung.com/us/i907/multipatch

I think with the “Slog Dump” problem now fixed this will continue to be a great Windows Mobile 6.1 device for everyone!

|\\arco..

How to setup Proxy and Work Exceptions on Windows Mobile 6.1 with SCMDM 2008

There appears to be a lack of public information regarding the inner secrets of successfully navigating and configuring the proxy and work exceptions on the Windows Mobile platform. My fellow Enterprise Mobile colleague, Patrick Salmon, has broken through and made some very interesting observations and facts about how to get it all configured correctly. This article contains all of the material and information Patrick has researched.

Most of this boils down to how the Windows Mobile Connection Manager is handling the connections and the decisions it makes to route the traffic. The Connection Manager is well aware of the native L2TP and PPTP connection methods in Windows Mobile, but appears to lack direct support for the Windows Mobile 6.1 Mobile VPN that is used by SCMDM 2008. See more information here: http://msdn.microsoft.com/en-us/library/ms879581.aspx.

This article assumes you are already well familiar with the SCMDM network routing requirements and how to configure Group Policies.

Proxy Issues Today

1. If you set the proxy via the SCMDM 2008 Group Policy you may observe that the necessary connectivity to the SCMDM Device Management server and WSUS services break.

2. Trying to use the Work/Internet capabilities as currently documented breaks the SCMDM VPN.
Although http://technet.microsoft.com/en-us/library/dd261930.aspx does explain some of the necessary steps. Also on http://technet.microsoft.com/en-us/library/dd261921.aspx it also states to make sure that the SCMDM Gateway server is listed.

3. No visibility on the client of what is configured.
The Windows Mobile Connection Manager internally uses something called a URL Mapping Table to decide if a specific URL is destined for the Internet or the corporate network connection. It can use a URL pattern which we will go into in more detail below. Please see http://msdn.microsoft.com/en-us/library/aa455992.aspx.

Where to set the Proxy server setting in the SCMDM 2008 Group Policies:

The solution is to correctly configure the Internet proxy setting and also specify the routing of which URLs go to the “Internet” and through the configured proxy, and which are internal or go through “Work” back through the VPN connection.

Overall best practices

Keeping things as simply as possible will go a long way. The basics are:

1. “Internet” bound traffic = Route via proxy if defined, otherwise use Default Gateway on SCMDM Gateway Server.

2. “Work” bound traffic = Route traffic directly to internal network using local routing tables on SCMDM Gateway Server.

3. If the FQDN of the Proxy is part of an internal domain do not put the FQDN in the Proxy configuration!
This will not work, as it will be detected as an Internet domain, due to the dotted name and you won’t see it working as you think. The solution is to use the direct IP address. Example: instead of “proxy_host.company.com:8080” use “172.16.1.1:8080”.

Where to configure the specific Internet/Work routing is done through a “hidden” existing Group Policy setting:

The dialog window has two areas. One for the Internet domains (which will be routed to a proxy if configured so) and at the bottom for Work domains (not routed to the proxy if configured). This is what the default values are:

Next we will go into how to configure these entries in more detail.

Connection Manager URL Mapping Pattern

The Windows Mobile Connection Manager uses a general *://*.*/* URL type format. This can be further broken down into these examples:

• "*" & "?" can be used anywhere.:
  • “*” = Zero or more of any type of characters.
  • “?” = Can take the place for any single character.
• *:// = Any protocol (usually http or https).
• /*.*/ = Any FQDN namespace
• /*/ = Any NetBIOS/WINS name
• *://servername/* = specific NetBIOS server name
• *://*.company.com/* = Any host in a FQDN domain called company.com.
• *://host1.company.com/* = Only host1, any protocol, any website on target.
• *://host?.company.com/* = All traffic to host[a-z, 0-9], any website.
• https://host1.company.com/home = Only https requests to host1's "home' directory.

Some things to think about when defining you own URL Mapping table:

- Obey classic firewall rules – most granular is processed first
- Define your targets and know your internal name space
- Put in sequence (most specific first, least specific last)
- Decide whether traffic goes via the “internet” or “work” network routing from your SCMDM Gateway Server

Example and Outcome

Here is what a working example of URL Mapping Filter entries could look like:

Please note the above setting details:
- *://www.company.com/* - Externally hosted Internet site
- *://mdmvpn.company.com/* - Route SCMDM Gateway Server access through Internet
- *://*.company.com/* - Internal work namespace
- *://*.*/* - Catch all for all other Internet requests
- *://*/* - Catch all for all other internal NetBIOS/WINS requests – However, not found to work in testing, and removed so Internet requests are not caught by it!

Outcome with the above setting details:
- SCMDM VPN will connect correctly through the Carrier/MO/ISP on the device
- SCMDM Device Management and WSUS traffic will require no further invention.
- Internal Line-Of-Business application traffic will go direct.
- Internet bound traffic will go to the corporate proxy (if defined in separate Group Policy).

Internal namespace sans WINS

Since most companies are well on their way to totally get rid of WINS and have put in place DNS suffix search order standards. Another solution is to push a default DNS suffix to your Windows Mobile. Brian Puhl from Microsoft IT blogged about this last year here:

http://imav8n.wordpress.com/2008/08/21/getting-single-label-name-resolution-on-mdm-enrolled-phones/.

So this could ensure proper name resolution to a FQDN for internal names used on the Windows Mobile device. In the example above this could be routed to the “work” side of things by the *://*.company.com/* URL Mapping.

For more information on creating custom ADM templates for use in SCMDM 2008 please see: http://blog.enterprisemobile.com/2008/10/writing-custom-gpos-for-scmdm-2008/.

SCMDM 2008 SP1 Source-based Routing

Another feature that can be used to better assist with the complex nature of network routing, proxies and Internet access is the source-based routing feature present in SCMDM 2008 SP1. Some details can be found here: http://technet.microsoft.com/en-us/library/dd252779.aspx

The source-based routing option on the Gateway Wizard:

One example of how this could work is instead of having the default gateway on the External NIC of the Gateway Server, you place one on the Internal NIC. You can then configure the source-based routing option to an IP address of an external firewall that is accessible from the Internal NIC. Now Internet IPSec traffic will come in and terminate on the external NIC, but return back to the device through the Internal NIC and the IP address of the source-based routing, back to the Internet. Now any traffic from the Windows Mobile devices not configured to the proxy will default out to the Internal NIC gateway. This could be useful for applications that are not proxy aware, or if you won’t want to use any proxy but direct all traffic to the internal side and to be taken care of there for either internal or external Internet routing..

Split DNS

Another idea that could perhaps assist in some architectures is the use of split-DNS. In the Gateway Wizard you can specify the DNS server the Windows Mobile clients will use to resolve hostnames. Many simply use the existing DNS server present internally and make sure connectivity on TCP port 53 is open to it. Another idea could be to use a separate DNS server that contains hostname zone entries that could be similar but resolve to different IP addresses to better resolve network routing or DMZ issues at hand. DNS forwarding could still be used to forward remaining requests to the primary internal DNS servers.

Tethering Devices

Another Enterprise Mobile colleague, Dave Field, also points out:

“Please note that if you have a proxy setup on the device and you partner the device to a desktop that has “automatic” setup for the Connection setting, it will auto-configure the device proxy and overwrite whatever you have. It will configure it for port 80 automatically too.”.

At this of this writing I’m not sure if the Group Policies will automatically refresh the settings again down to the device. A work around may be to disable the tethering functionality all together if this is a big concern.

Wrap up

The final best advice is to have patience in troubleshooting and testing the proxy and network routing. It can be complex and quite difficult to get setup correctly in a large organization. Logic flow, re-verifying settings, and looking at logs could be your best friends.

Thanks again to Patrick Salmon for getting the answers together. Also a thanks to Wayne Phillips and David Creedy from Airloom for their feedback and corrections!

Please leave a comment or contact me directly if you have additional findings or feedback on how these settings work and act for you!

Reference links - for additional information:
Default URL Mapping values in Connection Manager:
http://msdn.microsoft.com/en-us/library/aa456095.aspx
How Connection Manager works:
http://blogs.msdn.com/fzandona/archive/2005/10/10/ConnectionManager02.aspx 
How the Mapping Index works and what are some of the high-end catch all values:
http://msdn.microsoft.com/en-us/library/aa455850.aspx
http://msdn.microsoft.com/en-us/library/aa456095.aspx
Using Connection Manager URL Mapping:
http://msdn.microsoft.com/en-us/library/aa455992.aspx
SCMDM Forum thread discussion on these settings:
http://social.technet.microsoft.com/Forums/en-US/SCMDM/thread/9a295dc0-55a6-4783-b43e-132748e8e7b5

|\\arco..

Updated on May 12, 2009 with some corrections.

Using Exchange Server Remote Connectivity Analyzer (ExRCA) for Windows Mobile ActiveSync testing

Don’t believe this is that recent news, but just learned about it and thought I would share as I think it could be quite useful for many enterprise scenarios..

This is a public website that can be used to troubleshoot Exchange server connectivity issues. Originally written by a Microsoft Escalation Engineer and continually updated.

You can test such things Exchange ActiveSync (EAS) issues, including Windows Mobile 5 and Windows Mobile 5 w/MSFP, Windows Mobile 6.1 clients with AutoDiscover, Outlook RPC over HTTP (Outlook Anywhere), Outlook 2007 and AutoDiscover and even inbound SMTP. The tool will give you a nice detailed report that you can drill down into and research where any failure might be.

It is accessed from here: https://www.TestExchangeConnectivity.com.

This could be very useful in testing your Exchange configuration and setup before you have Windows Mobile clients to access your environment. Validation of certificates and which Windows Mobile versions are supported is also included!

Main menu:

Apply test credentials:

Example report:

Reference Links:
Blog: http://msexchangeteam.com/archive/2009/03/25/450908.aspx
Video: http://edge.technet.com/Media/The-Remote-Connectivity-Analyzer-for-Exchange-Server/
Facebook Group: http://www.facebook.com/group.php?gid=58417140899
Twitter: http://twitter.com/ExRCA 

|\\arco..

The history of text messaging, the 160 character limit and Tweet messages

I love the History and Discovery channels on TV, and history in general. So as the rapid computer and telecommunications technology involves, things in the 1980s are now already historical and have shaped our everyday lives today. SMS text messaging is a good example of that.

The Los Angeles Times has a great little article about Friedhelm Hillebrand who in Germany in mid-1980s wrote up the SMS 160 character text message as a standard in the GSM implementation. Still in place today and now actively used on billions of phones:
http://latimesblogs.latimes.com/technology/2009/05/invented-text-messaging.html

Using a 7-bit character set instead of 8-bit, the 160 characters also only takes up 140 bytes of transmission data. I won’t dare to go into how much revenue this now common technology is making on the Mobile Operator side worldwide.. :-)

Today, Twitter, is also using the same 160 text message limitation. It has a 140 character limit per tweet with the remaining 20 characters reserved for the user name..

|\\arco..