News

Mobile Security Largely Based on Lack of Windows Monoculture

Without a doubt, the most influential factor driving the current state of IT security is the ubiquitous presence of Microsoft’s dominant Windows operating system on a vast majority of the world’s PCs.

By Dave Gradijan

Page 2

Jonathan Perret, IT remote connectivity analyst at Chevron PetroChemical, a joint venture between parent company Chevron and ConocoPhillipsSP, said his company has been actively banning its employees from using smart phones and PDAs—including the popular Research In Motion BlackBerry—for the past several years.

Despite many requests by individual users to bring their personal BlackBerry devices into the office, the firm waited until it could get in hand Windows Mobile devices that would allow for enforcement of the same types of policies it has created for securing its desktops.

"We knew we would only use Windows Mobile, and we waited for it because it’s the platform we felt we could secure most easily and at the lowest cost," Perret said. "This process of adopting smart phones is all about extending your network onto a new platform and addressing the challenges of that platform, and we felt Windows Mobile presented fewer challenges."

The reason why the company banned the use of BlackBerry handhelds was because its IT department wasn’t ready to invest in the back-end systems needed to secure the devices, while it felt that Windows Mobile would offer the opportunity to do so with existing infrastructure.

The company is also using a mobile device security package offered by software maker Mobile Armor and provided through carrier Verizon to help keep its smart phones locked down. So far the firm has 130 of the devices distributed to its executives and sales force representatives, with plans to hand out many more.

"Security slowed down previous adoption of PDAs and even our current smart phone deployment because we were waiting for new tools; we were limiting devices because of an inability to secure them," Perret said. "Windows Mobile may not have advanced security features, but we can augment that with third-party applications, and we felt that it presented the best alternative compared to the other [platforms], which would be a lot harder for us to support."

Microsoft officials agreed that one of the best selling points of Windows Mobile from a security perspective is the handheld product’s close ties to its other systems.

The software giant won’t try to keep up with every security feature on the smart-phone software market, but it believes its technologies can already provide the sort of baseline protection that enterprises are seeking.

"We’re not going to try to go tit-for-tat on every security feature. Some rivals might have more built in, but this process isn’t all about features; it’s how the technology can be implemented that makes the big difference," said Samir Kumar, mobile devices product manager at Redmond, Wash.-based Microsoft.