IT Staff Convention 2007:Supporting Handheld Devices

From Provider Notes

Supporting Handheld Devices

IT Staff Convention, April 27, 2007

Moderator: Joe Shannon, Division of Finance

Notes: Steve Strawser, ISC

Relevant links:

• Mobile Device Security Evaluation Team Site (includes link to Wiki): http://www.upenn.edu/computing/eval/2006/mobilesecurity/
• Cellular Discount Web Site: http://www.upenn.edu/computing/voice/cellular/
• Mobile-SIG List Information:
  • http://www.upenn.edu/computing/group/signup
  • mobile-sig@lists.upenn.edu
• SPIA – Security and Privacy Impact Assessment (SPIA) http://www.upenn.edu/computing/security/spia/

Tips:

• Must mention Penn discount when getting new service; use linked web page above (required PennKey)
• Treo 700p’s – patch coming “soon” for random freezes (late May)
• SPIA – tools available to scan for sensitive data
  • Cornell confidential data scanning tool – http://www.cit.cornell.edu/computer/security/tools/
  • Info about the tool – http://www.cit.cornell.edu/computer/security/tools/spider-cap.html
• Backups
  • Palm has a good built-in utility configurable in HotSync
  • Backup Buddy – multiple products (http://www.bluenomad.com/) including remote backup to www.backupbuddy.net
• Insurance – Verizon and Sprint allow you to add device insurance (covers cracks, scrapes, and I believe if lost or stolen) for ~$5/month; insurance currently not available if on Cingular although it was suggested that one could try an add-on rider to a department’s existing insurance plan

Challenges/Concerns:

• Treos
  • people don’t know how to use email with them (many users are on POP email clients)
  • confusion over mix of email programs available
• Clients don’t want to be away from their devices for too long
• Often receive benign error messages
• Random hardware issues including power, sound, and sync issues
• Cingular – email connectivity seems to be more sensitive to network blips (they are upgrading their towers to AT&T this year – may have an impact)

Pitfalls:

• Old Mellon Bank Building has bad cellular signal (due to building materials)
• Hard to hear well on Blackberry
• Multiple people stating Blackberry dimming at random times (no dimming adjustment) – this could be caused by the fact that the Blackberry case has something that dims the display
• Syncing Blackberry email when using Parallels is problematic
• An active Blackberry with a BES does require a 1-time physical sync

Strategies and Best Practices:

• What do you do when a device is lost?
  • In good shape if device password is active (however, no one wants to bother with device passwords)
  • Blackberry – built-in ability to send a “kill pill” to completely wipe it if it’s network access hasn’t been turned off by someone
  • Different handheld managed programs allow the same functionality for Palm OS and Windows Mobile devices (see Mobile Device Security page for options)
  • Can set Blackberrys to auto-wipe on specified number of incorrect passwords
• One school mentioned it tries to support students as best as possible
• One provider suggested lowering clients’ expectations from the very start
  • “These devices aren’t perfect”
  • “You may need to pull the battery at times”
• One provider suggested LSPs could mention that the Critical Host Policy could be applied to handhelds to try to get them to be willing accept stricter security on their devices
• If possible, buy/support one product
• If you’ve got a BES, Blackberry is the way to go
• Blackberrys with Exchange work well
• “Direct push” Exchange syncing with Palm OS
  • Built-in to Treo 680
  • Treo 700p requires an update – http://www.palm.com/us/support/downloads/treo/easupdate.html
  • Treo 650 will work (if on Exchange 2003 or higher) but for a fee which varies depending on version of VersaMail already on the device – http://mytreo.net/archives/2007/03/microsoft-exchange-activesync-update-now-available-on-treo-650.html; http://software.palm.com/us/html/display_palm_product.jsp?navCategoryId=&id=prod4761800
  • Syncing with Exchange on Treos has long been available – this update to the 650 just allows it to receive Direct Push communication from the Exchange Server

Questions posed:

• Anyone running any mobile web browers? – Engineering School is running mobile IMP(?)
• Pobox offering Exchange – what will be the impact in your area? – not much response
• Interest in iPhone?
  • Some people interested/intrigued
  • Exercise caution because very little information has been published from Apple

Miscellaneous Notes:

• Battery power – Blackberrys are great (1 wk avg); Treo 680, 700p not as good (about 2.5 days – less if doing wireless Exchange ActiveSync)
• MeetingMaker
  • 8.5.3 – syncing Blackberry requires Intellisync; 8.6 will work with NotifyLink
  • PocketMac for Blackberry (with a Mac) will sync MeetingMaker
• Now that cellular providers are providing their own BIS (a BES offered by an cellular provider), people can get a Blackberry and forward mail to the cellular provider’s BIS

Devices Supported, only a few were named, but here they are:

• Blackberry 7100 7290
• Pearl
• Motorola Q
• Treo 650 (many), 680, 700p
• Older Palm devices
• Wharton recommends the following devices to it’s students – Blackjack, Motorola Q, and Treo 700wx