EnterpriseMobileToday PDAStreet

Home | News | Reviews | Features | Tips | Mobile Product Watch | Forums



Visit EnterpriseMobileToday.com

Internet.com's premiere site for mobile managers and IT professionals is where wireless meets business. Our expert analysis and tips will guide you in buying, deploying, securing and managing mobile technology in the enterprise. You'll find strategic analysis, best practices, news, buyer.s guides and practical advice on how to evaluate and support a wide range of devices in the workforce.


PDAStreet.com > Features > Better Mobility with Exchange Server 2003 Service Pack 2

Better Mobility with Exchange Server 2003 Service Pack 2

By Brien M. Posey
August 8, 2005

Microsoft Exchange Server 2003 has always supported mobile devices with features like Outlook Mobile Access. The forthcoming Service Pack 2 will expand on Exchange Server's existing wireless capabilities, however.

Traditionally, service packs for Microsoft products have been little more than collections of bug fixes and security patches. When Microsoft released Service Pack 2 for Windows XP though, they began a tradition of introducing new product features with the service pack.

Service Pack 2 for Exchange Server 2003 will contain its share of bug fixes and security patches, but it will also offer many new features. And most of those new features are targeted toward administrators who have to support mobile devices.

Direct Push Technology
Perhaps the biggest improvement in regards to mobility is Direct Push. Currently, if a user wants to get their E-mail delivered to a mobile device (without using OMA), the Exchange Server must transmit a notification to the device using the Short Message Service (SMS) whenever a new message arrives.

Once the device receives the SMS notification, it downloads the message from the server. Although this technique works, it is terribly inefficient.

Exchange Server 2003 Service Pack 2 does away with SMS dependencies. Instead, the mobile device will maintain an HTTP connection with the Exchange Server.

Whenever a new message arrives, it is automatically transmitted over this connection to the device.

Exchange is not limited to pushing only messages to clients though. The Exchange Server will be able to deliver e-mail, contacts, calendar items, and task notifications.

Synchronization
There are a few additional ways in which synchronization with mobile devices has been improved in Exchange.

First, the ability to synchronize is now independent of the underlying network—as long as some form of TCP/IP based connectivity exists. The connection itself can be cellular, Wi-Fi, or just about anything else.

Microsoft has also done some work to make the synchronization process more efficient. They have rewritten the compression algorithm used to compress synchronization related traffic so that data is compressed more tightly than before. This means that synchronizations will be quicker.

More New Capabilities
Service Pack 2 will also offer a few other features for mobile users. Perhaps the most useful of these is the ability for users to now access the Global Address List (GAL) over the air.

Other new features include the capability to synchronize tasks and the ability to include photographs in the user's contacts.

Mobile Security Woes
Although Service Pack 2 offers a slew of new features that will improve the end user experience, there are many aimed at Administrators as well. These new features give administrators much greater control over the security of mobile devices.

Mobile devices have always been a special challenge for administrators. To put it bluntly, mobile devices have traditionally been a security nightmare for several reasons.

  • First, they routinely employ mobile devices to connect to networks that are outside of the company's control. These networks might be cellular networks, or public Wi-Fi networks.

  • Second, mobile devices are small and easy to lose.

  • Third, group policies do not work with mobile devices.

    Think about that for a minute.

    You work hard to keep your network secure, but an employee can easily copy sensitive data to a mobile device. Since your group policies do not apply to mobile devices, you basically have to trust the user to employ good security practices.

    As we all know though, end users traditionally aren't very security conscious. Many users do not even bother to password protect their mobile device.

    That means, if the user accidentally leaves the device in the back of a cab, there's nothing to prevent whoever finds the device from accessing the data contained within it.

    The Help Exchange
    The new service pack won't cure all of your mobile security woes, but it will go a long way toward reducing the risks associated with mobile devices.

    For example, the it will allow Exchange to support certificate-based authentication for mobile devices. This means that there will no longer be a need for storing corporate credentials on mobile devices.

    There is also added support for Secure Multipurpose Internet Mail Extensions (S/MIME). Mobile users will be able to use S/MIME to encrypt messages being sent to and from mobile devices.

    LOST
    In addition, there are a number of new options designed to protect the organization against lost or stolen devices.

    For example, Service Pack 2 contains a policy setting that lets administrators mandate device lock passwords. You set the device password policy directly through the Exchange System Manager. There are also a number of self-destruct policies.

    For example, administrators can establish a policy that performs a hard device reset once the password has been entered incorrectly a specific number of times.

    That way, if the device is lost or stolen, you don't have to worry about who ever has the device now performing a brute force crack against the device. Once the password has been entered incorrectly X number of times, the device is reset to factory default settings and all data is erased.

    Although the Microsoft Web site does not mention it, a speaker at its TechEd conference mentioned that software giant is also working on a time bomb policy setting.

    The idea is that if the user doesn't log into the device for a specific number of days, then the device resets itself. So if a device is lost, then a set policy can blank the handheld or smartphone before it can be compromised.

    Service Pack 2 will also include a remote self-destruct option. So if a user realizes that he has lost his mobile device, he can call the system Administrator who can blank the device by remote.

    That way, the handheld is erased immediately. There is no need to wait for a time bomb or for a number of bad password attempts.

    Conclusion
    As you can see, Service Pack 2 for Exchange Server 2003 is going to include some dramatic changes from a mobility standpoint. Administrators will sleep better at night knowing that mobile devices are more secure than ever before, while end users enjoy better performance and new features.

    If you'd like to learn more about Exchange Server 2003 Service Pack 2, visit Microsoft's Web site here.



    • Related Links:

  • Handheld Security Too Expensive For Enterprise?
  • Handheld Security: Part V – Enforce Policies, Keep Network Safe
  • Lost Handheld Puts Your Data in Danger
  • With Wireless, Who Can You Trust? No One
  • Top 10 Items You Shouldn't Allow on Employee Unprotected PDAs (and what do about it)

     
     Printable Version
     Email this Story to a Friend