Re: Securing iPAQ h3950 using Windows Mobile 2003

From: Eric Maiwald (emaiwald_at_fred.net)
Date: 10/14/03

  • Next message: David Gillett: "RE: Another basic PKI question" 
    Date: Tue, 14 Oct 2003 14:11:24 -0400 (EDT)
To: Roy sgan-cohen <Roys@xor-t.com>

    On Sun, 12 Oct 2003, Roy sgan-cohen wrote:
    > 1. Is there a way to limit the sync only to a specific computer and to
    disable the sync to any other computer ? Is there a utility that does that
    simply (aside HP's Security Enhancements) ? Is it possible to write this c
    heck alone for the iPAQ (based on certificates for example) ?

    Not that I am aware of. If you take a device and hook it up to a computer
    with active sync on it, it will try to establish an association.

    > 2. Is it possible to enforce all the PDAs to a certain security policy ?

    Yes, but you need to add third party software. [disclaimer - I work for a
    company that makes such software] With the third party software you can
    set a policy for passwords, file encryption, network traffic, etc. The
    exact functionality depends on which product you purchase.

    > 3. Is it possible to disable the IR for instance, or the use of an
    application or bluetooth etc. ? (If it involves changing registry keys,
    please tell me which keys should I change)

    My understanding is that the answer is yes to IR. I am unaware of the
    capability to turn off Bluetooth. I do know that there are projects at
    several vendors and in the US Government to turn off the communications
    and recording capabilities of the devices.

    > 4. Is it possible to use encrypting methods based on PKI for iPAQ running
    Mobile 2003 ? (sending encrypted mail, encrypting the file-system, etc.) all
    based on the existing PKI infrustructure in the organization and using
    (if possible) the smart cards already available for the users.

    Yes. There are third party products that do this (Certicom for example).
    You can also purchase a sleeve (called Blue Jacket) that will accept a
    smart card - I know if works for the DoD CAC smart card.

    Eric

    Eric Maiwald, CISSP
    Director, Product Management and Support
    Bluefire Security Technologies, Inc.

    ---------------------------------------------------------------------------
    ----------------------------------------------------------------------------

  • Next message: David Gillett: "RE: Another basic PKI question"

    Relevant Pages

    • Re: Oh.... Im just wondering whos seen this stumper...
      ... Hopefully the encryption is configurable so you can get the actual LDAP ... Co-author of "The .NET Developer's Guide to Directory Services Programming" ... .....I'm thinkin' the full sync thing is doing something for which they ...
      (microsoft.public.windows.server.active_directory)
    • AS 4.x WM 5.0 and ports in general
      ... I selected to just sync via USB but when the device was searched via ... sync via COM1, IrDa and DMA or none of those. ... On the PDA side: I've had two different PDAs with WM 5.0 where you ... Why hasn't encryption been added for WM 5.0 based devices in the ...
      (microsoft.public.pocketpc.activesync)
    • Re: Blackberry compatibility
      ... User Report: We've been testing BlackBerry compatibility with Entourage and have had complete success using the PocketMac product - with the single exception of encryption, ... We've been able to sync email, ...
      (microsoft.public.mac.office.entourage)
    • Activesync and Business Contact Manager
      ... Why is it that the crappy software for my NEC cell phone can sync with ... Business Contact Manager and yet ActiveSync can't? ... Has anyone found a third party software that will sync BCM with ...
      (microsoft.public.pocketpc.activesync)
    Loading