September 2008 - Posts
A good FAQ has been posted over at the SCMDM Team Blog here:
Covers several good topics in these sections:
- AD Group Policy
- Software Distribution
- MDM Client/Mobile VPN
Good article that I think rounds it up nicely:
1. Securing and managing every device
2. Managing every connection
3. Protecting every piece of data
4. Educating every user
Kudos and shout outs go to: Patrick Salmon and Alphons Evers! :-)
Palm has announced the availability of the Palm Treo Pro in the United States. Highlights:
- Unlocked GSM device - Can be used on several US and international carriers.
- 2 year warranty
- Microsoft® Windows Mobile® 6.1 Professional Edition - SCMDM Ready
- Qualcomm® MSM7201 400MHz
- 320x320 transflective color TFT flush touchscreen
- HSDPA/UMTS/EDGE/GPRS/GSM radio
Tri-band UMTS – 850MHz, 1900MHz, 2100MHz
Quad-band GSM – 850MHz, 900MHz, 1800MHz, 1900MHz
- 802.11b/g with WPA, WPA2, and 801.1x authentication
- Built-in GPS
- Bluetooth® 2.0 + Enhanced Data Rate; Infrared (IR)
- 256MB (100MB user available), 128MB RAM
- 2.0 megapixels with up to 8x digital zoom and video capture
- Removable, rechargeable 1500mAh lithium-ion; Up to 5.0 hours talk time and up to 250 hours standby
- microSDHC cards (up to 32GB supported)
- 3.5mm stereo headset jack
More information here:
"Celio has found that a REDFLY device in the hands of media, developers or mobile enthusiasts has tremendous viral marketing benefit. Therefore, they have budgeted a limited amount* of REDFLY devices for placement at $199 until October 31, 2008.
*Offer subject to limited quantity. Celio reserves the right to end the program at any time."
My company, Enterprise Mobile, is giving an additional reduction of $4 (as supply lasts):
The Common Criteria is an internationally recognized ISO standard (ISO/IEC15408) used by governments and other organizations to assess the security and assurance of technology products. Common Criteria provides assurance that the process of specification, implementation and evaluation of a computer security product has been conducted in a rigorous and standard manner. In the United States, federal agencies mandate that all IT products purchased by the U.S. Government for national security systems, which handle classified and some non-classified information, are required to be Common Criteria certified. Security-conscious customers such as government agencies utilize Common Criteria certification as a determining factor when making purchasing decisions.
More information on the Common Criteria can be found here:
http://www.commoncriteriaportal.org/ or here:
Microsoft Windows Mobile 6.1 completed evaluation to Common Criteria EAL 2 augmented with Flaw Remediation (ALC_FLR.1) in the AISEP on 7 August 2008.
The Windows Mobile 6.1 evaluation builds on and extends the core security features of the Microsoft Windows Mobile 6 evaluation at EAL 2+.
Windows Mobile 6.1 has now been awarded the Common Criteria Evaluation Assurance
Level 2+ (EAL2+), so the last three operating system levels are now certified:
Windows Mobile 5.0 with MSFP:
Windows Mobile 6:
Windows Mobile 6.1:
This should only further assist companies, government agencies and their suppliers to approve the use of Windows Mobile v6.1 as a mobility solution for their production environments.
Update 10/2/2008: Good article with more details is here: (Thanks to Chris De Herrera!)
The open beta of the Skyfire browser has finally been made available. I have been testing it in the closed beta and did like it's speed and features. Appears to work fine on Windows Mobile 6.1 devices as well. Although not yet designed for VGA type screens.
However in a corporate setting, it is architected in a similar manner as the Opera mobile browser. It retrieves the pages through a central server, and sends a compressed version to the phone. So for an enterprise using SCMDM or another VPN solution on their Windows Mobile devices, they still would need to expose their web applications to the Internet. :-(
I'm still looking forward to the standalone updated IE browser for Windows Mobile..
Links to additional information:
I noticed some press releases this last week for a particular product. For those enterprises that still have systems running that require terminal emulators I believe a possible solution could be available from BlueZone software:
They appear to support:
- IBM mainframes (TN3270 & TN3270E)
- IBM iSeries (TN5250)
- DEC/UNIX (VT)
- Unisys (T27, UTS)
- Secure File Transfer Protocol (FTPS)
Looks like they support all of these telnet connections through a 3-tier architecture where the mobile client traffic is transported over HTTP/HTTPS to a BlueZone Access Server. Of course using the SCMDM VPN, this could be even be more protected. :-)
Example screenshots on Windows Mobile can be found here: http://www.bluezonesoftware.com/products/bzmobile/screenshots2
I think depending on one your legacy screen designs, your usability may vary. If anyone has tried this solution, please leave a comment!
I know this doesn't much to do with Windows Mobile devices, but I think it could show a peek of the business future to come and what devices we might see in the enterprise.
This yet to be named device I think has promise and shows how the technology is continuing to push the limit on size and form factor.. Not to mention battery time or the "green" factor instead of paper print!
It is only a black and white display device but think of the instances where you didn't need to bring along your Tablet PC or laptop, where this could work.. The Amazon book-reader device looks fairly ugly, and the Sony reader is also on the market.. But I think this takes it to a new level of non-LCD silicon technology and form factor.
For many international companies having large numbers of employees in EMEA, the fact that Nokia is the current worldwide leader in handsets can make it difficult to come up with a true global solution.
Looks like this may change rather rapidly with the announcement of the updated Nokia Mail for Exchange being made available:
Direct link to the Nokia Mail for Exchange client is here: Mail for Exchange
Appears to have plenty of excellent ActiveSync features known primarily on the Windows Mobile platform. Looking in the technical specifications section it appears (I could be wrong!) it supports these ActiveSync policy settings without the need to use the Nokia Intellisync Device Management tool (which is not free):
- Support for SSL encryption
- Mail for Exchange utilizes Microsoft Exchange Server 2003 SP1 and Microsoft Exchange server 2007 SP1 security policies, providing the administrator with the option to:
- require the use of passwords and manage passwords policies
- restrict ability to download or limit size of the attachment download
- allow or not allow the user to use Mail for Exchange while roaming
Lock and wipe functions
- An administrator can remotely wipe a supported device that has been lost or stolen
- Device is wiped if the password is entered incorrectly a predefined number of times
- Multiple configurations include: manual, scheduled (or periodic), and always-on synchronization using Microsoft Exchange Server 2003 SP2 or later
- Synchronization according to individually configurable parameters
Not too shabby, if you don't have policies requiring encryption as well on the device with corporate e-mail.
Would be interesting to hear from anyone that gives this a try and configures Exchange policies towards different Nokia devices!
Dave Madison from the product team has publicly posted details on the upcoming SP1 for SCMDM that will be available in time for Christmas this year:
- Multiple-instance: The ability to have more than one SCMDM installation in a single forest. This way in a large multiple domain forest, you could have separate installations with different admin security permissions, etc..
- PIN Reset: Closes the gap with Exchange 2007, so the similar functionality found there can also be brought to the SCMDM Self-Service Portal.. Interesting to note that this will require a small .CAB update to the Windows Mobile 6.1 devices. Of course deployable to the devices with SCMDM itself.. :-)
- Windows Server 2008 AD Support: Domain and Functional mode. yeah!
- Windows Hyper-V support for MDM components running on Windows Server 2003 for testing.
- Increased Performance and Scalability: Goal to raise the maximum users from 30K to 40K in a single instance..