GUARDIANEDGE SMARTPHONE PROTECTION

Data Protection and Device Security for Apple iPhones, Palm OS and Windows Mobile

  • Single-console management of Apple iPhone, Windows Mobile and Palm OS smartphones
  • Microsoft Exchange access controls that require compliance with security policies before allowing connection to email
  • Strong encryption to protect against risks associated with loss of a device or connected SD cards
  • Additional security features, including firewall, on phone device access, application controls and more

With 75% of the US workforce expected to go mobile by the end of 2011, workers are increasingly dependent on smartphones such as the Apple iPhone™, Palm Treo™ and Windows Mobile devices. However, the benefits of this increased mobility come with growing risks. Full-time connections via email, VPN and enterprise applications combined with local storage of data on smartphones increase the potential for exposure of sensitive, confidential and legally protected data.

GuardianEdge Smartphone Protection safeguards organizations from the risks of exposure of legally protected data, loss of critical intellectual property and non-compliance with business critical regulations with an enterprise solution to both data protection and device security.


contact

By deploying GuardianEdge Smartphone Protection, organizations can:

  • Use a single console to manage smartphone protection across platforms – iPhone, Palm OS and Windows Mobile
  • Manage and support smartphone security and connections with a complete over-the-air (OTA) environment (with no connection to PCs or local networks required) for enrollment, provisioning, reporting, policy control, self-service user portals, help desk, recovery from lost passwords and more
  • Incent users to comply with security policies by requiring compliance before connection to email is allowed
  • Securely identify devices downloading email via Exchange ActiveSync
  • Allow users and administrators to remotely wipe lost or stolen devices
  • Encrypt data on phones and SD cards in accordance with policy
 
  • Ensure the safety of data on phones with remote security management and wipe capability
  • Apply application controls and firewall settings to provide device security
  • Use encryption on smartphones and connected SD cards to eliminate the risks associated with loss of sensitive and legally protected data, trade secrets and intellectual property or regulator non-compliance
  • Enforce policy by allowing only authorized local connections to the phone with controls for on-device ports - USB, IR, WiFi, Bluetooth, SD
  • Speed deployment and control operational costs by leveraging existing Microsoft Active Directory® users and groups
 

Encryption

  • FIPS 140-2 validated encryption (AES 128/196/256 and Triple DES)
  • Administrator configured and policy controlled
  • Encryption by data types: Outlook (email, contacts, tasks, calendar), Word, Excel, PDF, Docs To Go, etc.
  • Encryption by data location: On device and attached SD card, by file path
  • Shared key encryption option for groups available

Authentication

  • Controlled by policy – password or PIN
  • Port and access control
  • Port control: USB, serial, SD card, Bluetooth (exception allowed for hands free), WiFi enable/disable, infrared
  • Resource access control: IR, camera, voice recording.

Device security

  • Trusted application architecture prohibits unauthorized applications from accessing encrypted data
  • Application blacklist prohibits execution of specific applications
  • Firewall control: IP address(es) and ports for both incoming and outgoing communications.
  • Lock application profile on device
  • Data wipe: Time since last check-in exceeded, password failure threshold exceeded OTA from self-service or administrative consoles

User self-service portal

  • Self-service password recovery
  • Self-provisioning for new devices
  • Remote device wipe
  • Recovery of encrypted data from SD cards

Exchange ActiveSync (EAS) access server

  • Ensures that only compliant devices with current security software and policies are allowed to connect to the email server
  • Supports Exchange 2003 and Exchange 2007

Device management gateway over the air (OTA) features

  • Policy update, deployment and reporting
  • Software deployments and updates

Apple iPhone support

  • iPhone management integrated with Windows Mobile and Palm OS devices in a common console
  • Active Directory user/group integration
  • Exchange ActiveSync access control
  • Password strength control
  • Remote wipe from console or user portal
  • Device wipe on exceeded password attempts
  • Reporting - asset and inventory management report integration

Enterprise management console

  • Help desk assisted password recovery
  • Policy management
  • Remote wipe, unlock and device decommission
  • Recovery of encrypted data from SD cards
  • Extended reporting for device security compliance, activity, client versions, auditing
  • Systems management and administration
  • 80+ policy customizations
  • Customizable best practice profiles
  • Assign device security policies to specific Active Directory groups

Supported smartphone OS versions

  • Windows Mobile® 5 / 6 / 6.1
  • Palm OS® 5.x
  • Apple iPhone 2.0 and higher

Server requirements:

  • Enterprise Console, Compliance Service, Self Service Portal, Device Management Gateway, and Hub Service
  • All five components may be installed on one server
  • Microsoft Windows 2003 Server standard (or enterprise), SP1 or higher, .NET Framework 2.0 AND .NET Framework 3.5 SP1, IIS
  • Device Management Gateway may be installed on a separate server
  • Dual CPU, 2.8GHz or greater, 2GB RAM, 10GB free disk space, Ethernet adapter

Database

  • Microsoft SQL server 2000, SP4 and SQL Server 2005

EAS access manager server requirements

  • Microsoft ISA server 2004 Enterprise / 2006 Enterprise
  • Microsoft Windows Server 2003 Standard, SP1 and SP2, .NET Framework version 2.0 and .NET Framework 3.5
  • Dual CPU, 2.8GHz or greater, 2GB RAM, 250MB free disk space
  • Two network adaptors: Corporate LAN and Carrier Data Network (via Internet)
 

Carriers

* See FAQ for support details







 

Apple iPhone

  1. Will I be able to manage iPhones with my other smartphones?
    Yes. A single console is used to manage iPhones as well as Windows Mobile smartphones and Palm OS devices
  2. What functionality is available with iPhones?

    GuardianEdge Smartphone Protection supports the following functionality for iPhones:

    • Active Directory user and group support
    • Exchange ActiveSync access control
    • Password strength control
    • Remote wipe from the management console or user portal
    • Wipe on exceeded password attempts
    • Reporting – common asset and inventory management reports with other devices
Email Page Print Page Bookmark and Share top of page