Trust Digital shares the latest technological developments in mobile security and provides valuable links and resources.
It depends on what you mean by onboard memory. We have the ability to encrypt all of the addressable portions of the onboard flash memory. We don't encrypt the read-only portions of the flash (like the operating system) because that portion is fixed and therefore does not present a significant security risk. We encrypt all other portions of the memory, including the swap/scratch spaces in memory that are used for manipulating files, etc.
Also, we secure erase/wipe devices when they are being decommissioned, making sure that no sensitive data can be recovered.
The ISA server is used to enforce security compliance for mobile devices connecting to Exchange when syncing email. It basically ensures that only security compliant mobile devices are allowed to establish Exchange ActiveSync sessions with the front end servers. As an alternative you can install an ISAPI filter on your Exchange front-end to perform compliance enforcement.
If you take away the ISA or ISAPI component, all of the other smartphone security features will still work - including all the over-the-air provisioning, updates, etc. So you'd still have all the authentication, encryption, resource controls, reporting, centralized management, image control, etc. The only thing you won't be able to do is block non-compliant devices from hitting the Exchange front-ends.
Our software will secure your mobile devices no matter what email sync protocol you use. All of the sensitive email on the devices will be safely encrypted, and we'll enforce things like strong auth, firewall, resource control, and other things to keep the device secure. However, from a perimeter security perspective, opening POP and IMAP to the outside world is a definite vulnerability for you. We solve this problem for customers that use Exchange ActiveSync by placing a perimeter security solution at the edge of the network that only lets secure and compliant mobile devices connect. Right now, we don't support POP and IMAP but it's on our roadmap.
Do you use Exchange at all? If so, our current v7 product would work perfectly for all of your non RIM devices. If not, check back with us later in the year to see if we've added additional sync protocols to our compliance gateway.
We support AES 256, 128, and triple DES - all FIPS 140-2 validated and all policy controlled.
Thanks for your question. Yes, we are able to disable cameras on mobile devices, but we only support smartphones like PalmOS and Windows Mobile devices, not feature phones or flip phones like the razr. We're focused on the enterprise mobile devices because they pose the greatest risk from a security perspective.
Yes, the Bluetooth controls can allow pairing with a smartcard reader and nothing else.
Yes, we have worked with many healthcare applications, such as PocketMD, and in all cases we have been 100% compatible. Many of our customers are healthcare organizations so we're very familiar with your environment as well as the regulatory pressures you're under.
We can encrypt the entire SD card, meaning all file types get encrypted, or we can encrypt based on file "types". If the policy specifies encryption via file "type", then you can choose between .doc, .xls, etc to be encrypted. We can make you any policy you want to specify that are most important in your organization.
