It certainly isn't an ideal situation. Phone manufacturers and carriers want to sell phones and airtime, so security...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
is probably not among their top concerns. As you say, one must wait for the phone manufacturer or carrier to make any Microsoft updates available before downloading and installing them. The process for Windows Mobile updates is quite a contrast compared to the Microsoft automatic update service available for regular PCs.
For my own phone, I had to hunt for my provider's upgrade page and the instructions were less than clear: "Stay up to date by downloading the latest upgrade for your Windows Mobile device. Depending on your handset model, this upgrade may include new and important features…." There was no clear explanation as to how important the update was or what issues it fixed. Keeping secure should be made as easy as possible; this wasn't.
There are signs, based on recent job postings and Internet gossip, that Microsoft's Windows Mobile 7 operating system will be capable of updating itself over the air (OTA). Unfortunately, current indications are that version 7 won't be ready until 2010. Hopefully the planned Windows Marketplace for Mobile will be up and running sometime this year. It will be a central point of access for new software and updates across all the Windows Mobile handsets, so you will at least be able to get your updates directly from a Microsoft portal.
Mobile devices of any type are often a weakness within enterprise security. For some reason they tend to fall outside the scope of regular security assessments and audits, even though the security risks are very similar to those of laptop computers. As mobile phones become more like mini PCs, they will need similar add-on security tools and patch processes to keep them safe.
For administrators trying to lock down these devices, there are security tools for Windows Mobile which can provide additional security in much the same way as desktop security suites do for regular PCs. Products include the likes of Symantec Corp.'s Mobile Security Suite, Kaspersky Lab Inc.'s Mobile Security, Airscanner Corp.'s Mobile Supreme Security, PGP Corp.'s Mobile encryption and Bluefire Corp.'s Mobile Security Enterprise.
Related Q&A from Michael Cobb
Wearable technology is infiltrating the enterprise, much like BYOD has. Expert Michael Cobb discusses the security concerns of wearables and outlines...continue reading
Remote wipe isn't always an option when it comes to securing enterprise BYOD use. Learn how selective wipe and enterprise wipe technology can help ...continue reading
While a walled garden can help secure Web browsers, they are not seen as beneficial by all. Expert Michael Cobb explains why.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.