The handheld devices used in enterprises traditionally have been like an executive's company car, leased and maintained by the employee, though paid for by the boss. But in some cases they're evolving into a corporate asset tightly controlled by the IT department, for security as well as productivity reasons.
Mobile e-mail software vendor Good Technology Inc. on Monday is set to expand its product line to help IT maintain that grip even as employees travel. Good Mobile Defense, an optional add-on coming in January for the company's GoodLink wireless messaging software, lets administrators control five key aspects of security policy over the air, said Dan Rudolph, director of product management at Good, in Santa Clara, California. The product is based on SureWave Mobile Defense, which Good acquired earlier this year through its purchase of JP Mobile Inc. It uses the GoodLink messaging mechanism to reach and modify devices in the field, Rudolph said.
There are already tools on the market that let administrators control mobile devices, such as software that disables the digital cameras built into phones. But today, the IT department has to get the device into its hands or rely on the user to carry out changes, according to Rudolph.
"One of the shortcomings in the past has been IT's inability to enforce the policies once the device is in users' hands," he said. "It's been incumbent on the user to actually comply with and download the policies that IT sets."
Good Mobile Defense lets administrators manage five types of policies:
-- advanced password management, including setting and resetting passwords for devices and applications, as well as forcing employees to use strong passwords;
-- device use control, such as blocking access to Bluetooth, Wi-Fi, camera or synchronization software;
-- application lockdown, in which IT can create and modify a "whitelist" of programs users are allowed to download and run;
-- encryption management, application-specific rules about which types of data on the device have to be encrypted;
-- data erasing, for setting policies on what actions -- such as three failed password attempts -- should trigger the erasure of all data on the device.
Industrial Bank, in Washington, D.C., earlier this year chose GoodLink to give executives, loan officers and some other employees mobile access to their Microsoft Corp. Exchange e-mail. It has issued Palm Inc. Treo 650 handhelds from Cingular Wireless LLC to 25 employees so far. GoodLink had security capabilities that Research In Motion Ltd.'s (RIM) BlackBerry products didn't have, including compliance with FIPS (Federal Information Processing Standards), said Michael Johnson, the bank's director of information services. These helped the deployment plan pass a rigorous review by management, he said.
Johnson welcomed the coming Good Mobile Defense mechanisms for maintaining central control of the remote devices. In particular, he wants the ability to lock out features of the Treos, enforce password policies and delegate specific capabilities to employees based on their roles, he said. The bank already maintains a tight ship: It delivered the Treos to users without the synchronization cable for uploading content and applications from a PC, and in any case, employees don't have the administrative rights to load the Palm Desktop synchronization software on their PCs.