Posts Tagged ‘Palm’

HP’s Windows 7 Slate Tablet lives on

Sunday, July 25th, 2010

hp-slateThis is interesting, according to Engadget HP’s much publicised Windows 7 based state tablet isn’t in fact dead as has been reported.

Personally I think this is great news.  I’m a long term fan of the slate having had one of HP’s old slates the TC1100 for years.  It’s a great bit of kit but Win7 really challenges its 2004 specs.

According to Engadget HP are planning to launch the new tablet later this year targeted at the enterprise market.  This makes a lot of sense to me. The iPad has the consumer world all wrapped up but in business (currently) it’s more of a novelty to anyone that needs to do more than email.  A Win7 based tablet that has a pen as well as touch and can run apps like OneNote would be very welcome. 

What’s more it gives HP a good product on which to take some market share from Motion Computing, who have been doing quite well selling Windows based slate tablets into industries like healthcare and engineering. 

Of course there have also been rumours of a HP tablet based on Palms WebOS, which of course HP now owns.  While that would definitely be an option in the consumer world I’m not sure businesses would find it all that attractive.  The reason I say this is that currently WebOS has next to no security built into the OS, at least none that is compatible with the Exchange ActiveSync (EAS) security policies used by Microsoft and Google (see this article for more info).  So in that sense a twin platform might make good sense for HP.

Tags: , , , , , , ,
Posted in Tech | No Comments »

Android and iPhone Exchange Activesync Policies

Monday, July 19th, 2010

Over the past couple of weeks I’ve been doing some work on how best to secure data on the myriad of mobile devices that are used these days to access email and calendar information.

It’s a hot topic at the moment, and so it should be.  Recently here in the UK the information commissioner brought in a £500,000 fine for each instance of information data loss.  Of course it would depend on the information lost, but hands up anyone who understands everything that’s on their companies smartphones and PDA’s… with info creeping out in email attachments or iPhone apps that cache your work username and passwords, it’s a real risk.

If you use MS Exchange, one of simplest ways to apply a level of security to mobile devices is to use the Exchange Activesync Policies that are included out the box.  These allow you to apply – and more importantly enforce – a range of configuration options on devices and block access to devices that don’t meet a minimum standard you decide on.

At the bottom of this post I’ve attached a spreadsheet which I’ve put together which details the policies available and the devices they are compatible with.  To get the information I spoke to MS, Google and Apple (thanks Jason) directly, so it should be accurate.  But I don’t have any contacts at Nokia or Palm so that info was taken from their deployment guides.

Part of the reason I thought I’d post this up is that I noticed a very similar doc was added to Wikipedia, but it doesn’t include some important information about the level of Exchange Client Access Licence (CAL) need to use some of the policies, nor does it talk about the differences between hardware versions of iPhone.  If I can bring myself to dive into the wiki mark-up language I’ll amend the article to include the info but for now I hope this spreadsheet helps some of you.

If you’re not currently implementing any policies in Exchange there are a few things to consider before you do. 

First think about the types of device currently connecting.  If you’ve been using Exchange EAS for a while the chances are you’ll have a range of kit from Windows Mobile 5 onwards.  This older equipment may not support many of the available policies, so if they’re company owned devices you may want to look at upgrading them rather than cut the users off entirely.  Unfortunately it’s not just older devices that don’t support all EAS policies correctly.  Modern OS’s such as Google’s Android and Palms WebOS don’t either. 

There are some simple reports that an be run using PowerShell that will list out all the device that connect in, including device type, versions and usernames.  Unfortunately the iPhone doesn’t report back its hardware version until iOS4 however.  I’ll try to follow up this post with the query details.

Remember that neither Google’s Android, Applies iPhone or iPhone 3G support any level of device encryption, which from a business perspective is a little scary considering their popularity.  What’s worse, early versions of the iOS3 firmware apparently mislead the Exchange server into thinking early iPhone were encrypted.  If you have a lot of these things out there but still want to apply a level of security you can buy yourself some time using the ‘Allow non-provisional devices’ policy. 

One option would be to create a basic security policy with all the PIN settings you want to apply and enforce that by un-checking the ‘allow non-provisional devices’ policy.  This will ensure that if a device doesn’t support the policy it can’t connect.  You could then create a seperate policy with the encryption settings and the ‘allow non-provisional devices’ enabled.  In that case the policy should apply only to those phones that support it.

As always, communication out to your end users is going to be key, especially if you have personal devices connecting to Exchange in addition to your company ones.  Whilst having a PIN etc is probably a fair exchange for the Exchange functionality they’ll receive, suddenly finding that your personal phone has had a PIN enforced and that your SD of music and photos has been encrypted is likely to annoy…  Something to keep in mind!

Anyway, here’s spreadsheet: Exchange ActiveSync Policies (June2010)

Tags: , , , , , , , , , , ,
Posted in Tech | No Comments »