Mobile Device Encryption and Access Control

GuardianEdge Smartphone Security from GuardianEdge is the most effective and efficient way to protect valuable corporate data on smartphones and other handheld computing devices.

GuardianEdge provides a security and management solution that delivers a standardized smartphone environment for enterprises: policy-based security that enforces 7x24x365 data protection across all major device platforms (Palm®, Pocket PC, Windows Mobile®, and Symbian) including the most extensive list of supported devices from leading manufacturers such as Motorola, Palm, Samsung, Audiovox/Siemens, Dell, HP, and more.

GuardianEdge's easy-to-use, web-based console centralizes management and automates enforcement of on-device security and network access. In combination with Microsoft Exchange ActiveSync®, GuardianEdge offers a secure email solution that reduces total cost of ownership (TCO), delivers greater overall value, and provides a superior user experience.

With GuardianEdge Smartphone Security, organizations can:

• Automate the application of mobile security policies at the point of access for all handheld devices, with complete control over all synchronization conduits.
• Enforce "always-on" data protection across all Palm and PocketPC devices, as well as mobile phones and other handheld devices from leading manufacturers such as Motorola, Samsung, Siemens, Dell and HP.
• Prevent the enterprise from exposure to risk due to theft or loss of handheld devices to achieve regulatory compliance with data privacy and security laws
• Block viruses and other malicious software from entering the network through input and synchronization ports

Key Benefits

GuardianEdge Smartphone Security helps companies secure and manage mobile data using a "discover, decide, and secure" cycle to address the dynamic security threats associated with handheld computing devices.

Enterprise Discovery & Vulnerability Analysis

GuardianEdge Smartphone Security provides a historical view of handheld devices that have accessed your corporate network as well as a watch list of potential mobile data vulnerabilities for PCs, PDAs, and smartphones. This product can be used to optimize the effectiveness of your mobile security implementation or as a tool to provide budgetary cost justification when planning mobile security initiatives.

End-to-End Data Protection

Eliminate the risk of data exposure due to lost or stolen devices and ensure compliance with corporate security standards using FIPS 140-2 validated encryption algorithms. With GuardianEdge Smartphone Security, customers can create a "trusted access environment" in which selected file types and databases are automatically encrypted, ensuring that only "trusted" applications can access protected data.

Smartphone Endpoint Security

Centrally manage and secure Palm®, Pocket PC and MS smartphone devices. Secure and predictable mobile device use is guaranteed through standardization of device access policies, software usage, and resource capabilities across mobile platforms. Wireless firewall capabilities for Pocket PC devices are also included.

Built for the Enterprise

Leverage your organization's IT investments and security Best Practices to all mobile devices across the enterprise. The GuardianEdge Smartphone Security solution is easy to deploy using existing software distribution tools, and IT managers can enforce security policies through existing LDAP and Active Directory memberships based on user credentials at the point of connection.

Specifications

Enterprise Management Console

•  A single server can support  2000 smartphones.
•  Microsoft Windows 2003 Server Standard, SP1, .NET Framework Version 2.0
•  IIS
•  Dual CPU, at least 2.8GHZ, 4GB RAM, 10GB free disk space
•  One Ethernet Network Adaptor

Database

• Microsoft SQL Server 2000, SP4

EAS Access Manager

• Installed as a Plug-in on existing ISA Server.
• Microsoft ISA Server 2004 Enterprise / 2006 Enterprise
• Microsoft Windows Server 2003 Standard, SP1, .NET Framework Version 2.0
• Dual CPU, at least 2.8GHZ, 2GB RAM, 250MB free disk space
• Two Network Adaptors: Corporate LAN & Carrier Data Network (via Internet)

Smartphone Security Client

• Provisioning, Remediation, and EAS Synchronization over Cellular Carrier Data Network for many popular smartphones.
• Palm OS® 5.x
• Pocket PC 2003
• Windows Mobile® 5
• Windows Mobile 5 Smartphone

Features

• Real-time enforcement of device/configuration settings and user authentication
• Real-time, on-the-fly data encryption of policy-specified files, databases, and removable media (e.g., SD cards)
• Transparent 7x24x365 data protection designed to minimize intrusiveness on end-user, reduce application and device latency, and optimize device battery life
• FIPS 140-2 certified encryption (AES128/196/256 and Triple DES)

• Self-service, over-the-air (OTA) device registration and provisioning, as well as configuration and application access
• Device data deletion (data wipe) policies based on extended device inactivity, password failure thresholds, and OTA administrative actions
• Device software image locking prevents applications from being installed or uninstalled - thereby improving compliance and reducing Help Desk headaches
• Application blacklisting that can block specific applications from being used (e.g., web browsers)
• Patent-pending "Trusted Application" architecture prevents viruses, Trojan horses, etc., from accessing protected data
• Application-specific passwords
• Self-service portal for resetting forgotten passwords

• Microsoft Exchange synchronization with only registered, approved, and compliant devices
• Silent, OTA remediation of devices that do not meet current security policy requirements

• Restrict use of multi-media resources, including camera and voice recording
• Prevent use of and/or encrypt SD cards and other removable media
• Control communications services including WiFi, Bluetooth®, and IR

• Policy, systems, and administrative management
• Help Desk for decommissioning, remote unlock, and remote wipe
• Reporting of device compliance status and EAS sync activity