Executive Summary:

As smartphones make life easier for mobile business users, they’re also adding management and security challenges to IT’s plate. Mobile device–management and security tools can help IT take control of these challenges.

today’s smartphones—multifunction mobile phones that run some type of mobile OS—are crammed with capabilities that are making them must-have business devices. Research firm In-Stat predicts that smartphone adoption rates will grow more than 30 percent over the next five years, with that growth largely occurring at the expense of traditional mobile phones. Although that dramatic growth means that more employees will have access to smartphones, it also adds another item to IT’s already overcrowded tech support docket. (For a look at how smartphones have evolved into enterprise-class mobile devices, see the Web-exclusive sidebar “Smartphones in the Enterprise,”, InstantDoc ID 98898.) Smartphones present some unique challenges for IT administrators who have to choose, deploy, and manage them. Let’s look more closely at the deployment challenges smartphones pose in regard to security, systems management, and overall corporate policy.

Unique Security Challenges
Smartphones are more powerful than ever before, but all that capability also opens the door to a host of new security issues. Depending on your environment, you might need to protect smartphones from viruses and malware or employ encryption to ensure that sensitive corporate data isn’t stolen when phones are lost or misplaced. According to Michael Argast, a security analyst with mobile security software vendor Sophos, your mobile security priorities might differ from those for your desktop environment. “Malware \[for smartphones\] isn’t a huge issue at this point,” says Argast. “Defending against malware is still important, but maintaining data confidentiality and integrity, using encryption, and having remote wipe options are just as important from an overall security perspective. The risk of malware on mobile phones just isn’t as high as some vendors would lead you to believe.”

As mobile devices begin to make more inroads into the enterprise, mobile security is rapidly becoming a top concern for IT pros. Here’s a sampling of products that can help you get a handle on your mobile security environment:

• Trend Micro Mobile Security 5.0 (www.trendmicro.com)—provides data encryption and authentication capabilities to devices in your mobile network. Data on lost or stolen devices is password encrypted, and anti-malware features protect your mobile devices from test-message spam, viruses, worms, and other security threats.
• Symantec Mobile Security Suite 5.1 (www.symantec.com)—protects mobile devices from snoopware, malware, viruses, and other hostile software threats by removing Short Message Service (SMS) spam, encrypting/decrypting device data, and logging device access in real time. The product encrypts and decrypts data on mobile devices and creates logs detailing device access.
• McAfee Mobile Security for Enterprise (www.mcafee.com)—protects mobile devices from viruses, malware, Trojan horses, worms, and other malicious applications. The product also monitors email, Internet downloads, Wi-Fi, Bluetooth transfers, and other transmission methods for network threats.
• Sophos Mobile Security (www.sophos.com)—detects and deletes spyware and viruses and also screens Multimedia Messaging Service (MMS), SMS, email, IM attachments, Wi-Fi, Internet downloads, and Bluetooth transmissions for hostile applications.

Smartphone Management
As more people use smartphones in a corporate setting, the task of managing the proliferation of mobile devices can quickly become a significant challenge for IT. A number of products and resources are available to help IT pros with mobile device management. Products such as Microsoft System Center Mobile Device Manager 2008 (System Center MDM) provide extensive control options via a central console and streamline device patching, mobile device security, and integration of those devices with an existing infrastructure.

For small business owners, though, a comprehensive (and prohibitively expensive) mobile device–management solution like System Center MDM might be overkill. For those customers, some vendors have stepped in to provide hosted solutions— particularly for Microsoft Exchange—that streamline management of smartphones in your environment. “Our focus is entirely on mobility,” says Patrick Gilbert, CEO and founder of 4smartphone.net, a provider of hosted email services for mobile device users. “We provide support, \[mobile device\] email configuration, hosted Exchange, and over-the-air backup of mobile phones.”

System Center MDM and Windows Mobile 6.1. Microsoft intended System Center MDM to complement Windows Mobile 6.1 as part of the company’s quest to strengthen its enterprise mobile product offerings. Each product takes advantage of features found in the other, and together they offer IT pros a compelling reason to use them both.

Windows Mobile 6.1 offers a modest number of improvements over 6.0: The main interface has been tweaked and improved, a new Getting Started center streamlines phone setup, and integration with System Center MDM helps provide better security administration—including the ability to access data via mobile device from behind a network firewall. Version 6.1 also supports the new advanced mobile policies introduced in Exchange Server 2007 SP1.

System Center MDM is Microsoft’s latest addition to its System Center product group, and it provides a number of mobile device– management features. Mobile device security has been improved, and a wireless policy enforcement feature lets administrators monitor, change, and enforce mobile group policies remotely. The ability to domain-join Windows Mobile devices and apply group policies to them is also an important feature. Microsoft says that System Center MDM streamlines the management of mobile devices, by providing the ability to scale from small installations with a few dozen devices to large enterprises with thousands of smartphones to manage.

Although System Center MDM and Windows Mobile 6.1 improve support for wireless devices in the enterprise, Microsoft isn’t about to rest on its laurels. Redmond has made little attempt to hide the fact that Windows Mobile 7.0 should hit the market in late 2008 or early 2009.

Smartphone solutions. 4smartphone .net’s Gilbert credits Apple’s iPhone for generating additional interest in the smartphone market and sees the device as a catalyst for increasing sales of competitive and complementary products. “With companies like Apple and Microsoft now putting lots of marketing dollars into promoting their mobile efforts, we’re starting to see more people get interested in smartphone solutions,” says Gilbert. “The iPhone may have dragged customers into the store, but they might have purchased a lowercost alternative.” (See the sidebar “The iPhone and the Enterprise” to learn how Apple is making the iPhone friendlier for business use.)

Here’s a sampling of mobile device– management products (excluding System Center MDM) covering the spectrum of product types:

• Azaleos OneServer with MobileXChange (www.azaleos.com)—lets administrators manage and provision mobile devices, including the Research In Motion (RIM) BlackBerry, Windows Mobile phones, and the iPhone.
• Zenprise for BlackBerry (www.zenprise.com)—troubleshoots your BlackBerry mobile infrastructure and identifies and resolves problems with both Exchange and your BlackBerry network.
• 4smartphone.net (4smartphone.net)— provides hosted Exchange email services, mobile device configuration, and technical support for mobile devices.
• Check Point Software Technologies’ Pointsec Mobile (www.checkpoint.com)—secures data stored on mobile devices running Windows Mobile, Palm, and Symbian OSes. This product also encrypts memory card data transparently, minimizing the impact of mobile security policies on end users.

Corporate Policy
It isn’t enough to provide endpoint security for mobile devices that access your network, or keep a handle on mobile device deployment and management. Equally important is establishing sound corporate IT policies that govern how those mobile devices are deployed and managed.

“It’s very important for mobile devices to be managed with a consistent set of company policies and standards,” says Sophos’s Argast. “People can start plugging these devices into the network, but the admin then has no control. Can devices be secured? Do users know the proper steps to take when they lose a device?” Argast says that you can answer these questions by setting up consistent usage policies. Doing so can also ensure that the mobile device strategy at larger enterprises is compatible with current auditing and compliance regulations.

It’s clear that smartphones are becoming a more integral part of most enterprises. Today’s technology workers are more tech-savvy than ever, and having access to enabling technologies such as Ford Motor Company’s Sync and feature-laden mobile devices can make organizations even more nimble and efficient. (For more information about Sync, see the sidebar “Ford Sync Makes Mobile Phones More Mobile,” page 65.) The influx of smartphones also creates a host of challenges for any IT pro seeking to manage that rapidly growing portion of the enterprise. But armed with the right information and tools, you can make sure that the true potential of a highly mobile workforce is realized.

See Associated Figure