Microsoft Windows Mobile: Although this mobile OS was discontinued a year ago, it remains in use at many companies running legacy applications. Windows Mobile 6.x supports all 29 EAS policies if you use an enterprise license for Microsoft System Center Mobile Device Manager, which is part of Exchange; otherwise, it supports 14 EAS policies. A variety of mobile management tools support Windows Mobile devices as well, and some Windows Mobile devices support the SecurID authentication device.
Microsoft Windows Phone 7: The new Microsoft mobile OS has fewer management and security capabilities as Windows Mobile, even though it uses the same Exchange or EAS-compatible servers as the management console. The biggest omissions are lack of support for on-device encryption and for requiring use of complex passwords, so will not work with many companies' ActiveSync policy requirements. (Microsoft says it will add such support later.) Windows Phone 7 supports fewer EAS policies than Windows Mobile and iOS, for example, though some of that is because some policies simply do not apply to the Windows Phone 7 environment. For example, there's no support for storage-card encryption because, like the iPhone, Windows Phone 7 devices don't support removable storage. Other examples of irrelevant EAS policies include allowing PC tethering, use of infrared, and installation of Windows CAB files. But Windows Phone 7 does not support several policies that may matter to some enterprises: disable camera and disallow application downloads.
Microsoft 7 Compact Embedded: It's unclear whether the forthcoming Windows 7 Compact Embedded OS for tablets will support the same EAS policies and have the same support for passwords and on-device encryption as Windows Mobile.
Google Android OS: Although one of the most popular smartphone OSes, Android is also among the least secure. It does not have on-device encryption nor does it support complex passwords, for example, and it supports just a small number of EAS policies. "Enterprises are generally quite uncomfortable with Android right now, partly because the enterprise security road map doesn’t seem to clear to them, and partly because the vast number of Android devices makes it hard to understand what will work for them and what won't," says Forrester's Jaquith. "The lack of OS filesystem encryption is often cited as a concern."
But just as rabid iPhone users forced many businesses to allow iPhones in before Apple stepped up iOS's security, enthusiastic Android users are doing the same today. "Many customers seem willing, essentially, to punt and use something like Good Technology's product to put a secure workspace on Android devices so that they can use them," Jaquith notes. IBM's Lotus Notes Traveler app adds such a secure workspace for Notes users, as does Nitrodesk's Touchdown app for Exchange users.
Over time, Android should get more secure. But it may not be Google that fills in that blank in the short term, says ABI Research analyst Dan Shey. "Currently the path to improved security appears to be via the device vendors rather than Google. For example, Android 2.2 includes a basic VPN; however, Motorola's recently released Droid Pro includes the more robust and beefed-up AuthenTec IPSec multiheaded VPN."
Hewlett-Packard WebOS: Although WebOS got a lot of buzz before it was released 18 months ago in the Palm Pre, it didn't win a significant audience. This summer, HP scooped it up and last week announced that WebOS 2.0 -- the first major update -- would be available in Europe this month and in the United States in November in the form of the Pre 2. But WebOS remains the least secure of the major mobile OSes. There's no on-device encryption, though it does support complex passwords. WebOS supports just five EAS policies: four for password management and one for remote wipe. And unlike Android, there aren't client apps that can create secure workspaces to fill in the security gaps. The forthcoming WebOS 2.0 adds VPN support, but no other security or management capabilities, HP confirms.
Nokia Symbian: Billed as the most popular smartphone OS in the world, Symbian is almost invisible in the United States. But StatCounter Web traffic analyses show that although Symbian's share of global Web traffic has declined steadily, it sill is tied with the iPhone for global mobile Web usage. The Symbian OS comes in many varieties, with most Nokia devices not supporting business-class security or management. But the Nokia E-series and N-series devices usually support the basics, including on-device encryption, complex passwords, and remote wipe. These devices support an unknown number of EAS policies -- Nokia wouldn't say how many -- but the total appears to be fewer than iOS. Disabling the built-in camera and preventing access to Wi-Fi networks are two examples of EAS policies that iOS and Windows Mobile handle (and that BES offers) that Symbian does not. Many mobile management tools support these Nokia devices.