Guest Samsonite Posted July 29, 2008 Report Posted July 29, 2008 People i've had WM stuff for a few years of my own and have finally been given a Touch Dual as the work phone. The current setup is for syncing Outlook via a VPN thru to the MD's home ADSL router which then has an IPSec tunnel thru to the work's server. Works like a charm! If you're in GPRS coverage only, the VPN doesn't cope will with the latency and the password needs to be entered again... but i digress... Now that we've got 6 of these deployed amongst our sales and tech staff, the IT Manager is taking them under his wing and looking at integrating them more into the overall security policies for the wider IT network. He's pretty good. Bit of a BOFH type when its come to 'users' but competent nonetheless. He's got something sticking in his neck about the virus or malicious software issue these new devices pose. He's googled and Expert Exchanged himself to death and turned up a story on Chinese iPaqs succumbing to a genuine outbreak. Whilst contained and the website responsible has been shut, the proof of concept has given him a platform to seriously consider imposing AV software on the Duals. What i'm after is some balanced articles and opinions from learned types (you MVP's out there) that will balance things up. He brushed me aside as a WinMo fanboy who doesnt really appreciate the wider implications. He may have a point... I do liike my new Touch Dual. (gets hot when HSDPA'ing quite hard tho. Is that normal?) I reckon the AV market for WM is still at the snake oil stage but what's the latest latest thinking? i know this is a subject that's always raised but i haven't had to care till now! So if anyone knows of some articles, genuine papers etc, i'd be most obliged to hear of 'em. thanks!
Guest chucky.egg Posted July 29, 2008 Report Posted July 29, 2008 The current setup is for syncing Outlook via a VPN thru to the MD's home ADSL router which then has an IPSec tunnel thru to the work's server. Cripes! Doesn't like it simple then I guess. If he has good AV on the email server (Exchange?) then the risk is probably very small, no? You could email an infected file to somebody, but it would get trapped. You could move (using ActiveSync) an infected file, but again it would get trapped. When I was a BOFH we worked on the "I'm alright, Jack" principle. If our protection was good enough our data was safe, and we weren't spreading stuff that would cause others a problem. The greatest risk is to the device itself, and I don't know of any genuine infections of WM devices. Ever. What was this Chinese thing? I have never seen a good "Manager Speak" article on the issue, which I put down to not being able to disprove a negative.
Guest Confucious Posted July 30, 2008 Report Posted July 30, 2008 There are NO virii on WM devices apart from POCs The worst problem on WinMo devices is AV software which slows them down, I would strongly advise against installing any AV s/ware on winmo devices, but that's just my opinion....
Guest jimbouk Posted July 30, 2008 Report Posted July 30, 2008 Having a vpn via the MD's home to the company is the most bizarre setup I have ever heard of... and one that smacks of security risks if the MD has kids who download rubbish and open their emails via the same network. BUT all AV software will do is use a little of the memory on your device - so it isnt the end of the world.
Guest Confucious Posted July 30, 2008 Report Posted July 30, 2008 The setup is 'unusual' to say the least. But AV software doesn't just use a little bit of memory, it scans files and slows devices down - sometimes very significantly. I wouldn't let it near any of my WM devices.
Guest Samsonite Posted July 30, 2008 Report Posted July 30, 2008 The Chinese thing is mentioned here as well asa a few other places running the story as a footnote. http://www.downloadsquad.com/2008/02/27/wi...s-on-the-loose/ The VPN thru to the MD's home router is mainly due to the IT guy not having the inclination to get familiar with the equipment in the first place. I had battled for years for him to adopt my personal WM stuff (E200, S100, E650) as i used it for mobile calendar management, all to no avail. The MD was a little more flexible and also had a couple of Dell Axim's he used to use for e-mail etc... So he set the convoluted path back to the Exchange server for his own use... When we rolled out more devices, it was the quickest way of getting the functionality. Ultimataly, the IT guy wants to have the Duals connect thru his WatchGuard Firebox but like i say, he is being quite obstinate about the threat they pose. Isnt there any Microsoft generated info that explores the potential threat? We run Sophos at work as AV and anti-spam and this article doesnt help things... http://www.theregister.co.uk/2007/02/09/sophos_mobile_av/ i agree that the net effect of running AV on the device is a slower phone but it aint me thats need convincing... thanks for the help so far... anyone else?
Guest WearTheFoxHat Posted July 30, 2008 Report Posted July 30, 2008 Id suggest pointing the IT Manager in the direction of AntiGen, since that has like 7 different AV engines in it. That will block anything hitting the exchange box, then don't need to worry about the clients.
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now