OK, I'm pathetic. I couldn't help but keep thinking about this quote below. While having RIM control what can or cannot be installed on your device will limit the number of applications that you have available (compared to a device which doesn't have such rules), I admit this is a great way to be secure. However I'm not sure that is very different from any other device that requires digital signatures from reliable sources.
Quote:
Using code signing to limit access to BlackBerry device application data RIM does not inspect or verify third-party Java applications that run on BlackBerry devices; however, RIM controls the use of BlackBerry device APIs that include sensitive packages, classes, or methods to prevent unauthorized applications from accessing data on the BlackBerry device. Each third-party Java application requires authorization to run on the BlackBerry device. MIDlets cannot access the memory of other application or access the persistent data of other MIDlets unless they are digitally signed by the RIM signing authority system.
Before you or a BlackBerry device user can run a third-party Java application that uses the RIM controlled APIs on the BlackBerry device, the RIM signing authority system must use public key cryptography to authorize and authenticate the application code. The third-party Java application developer must visit BlackBerry to register with the RIM signing authority system for access to the controlled APIs and use the BlackBerry Signature Tool, which is a component of the BlackBerry JD to request, receive, and verify a digital code signature from RIM for the application. Third-party Java application developers who create controlled access third-party APIs can act as a signing authority for those APIs. The application developer can download and install the BlackBerry Signing Authority Tool to allow other developers to register for access to the application developer’s controlled APIs. Registered developers can use their BlackBerry Signature Tool to request, receive, and verify digital code signatures from the application developer’s BlackBerry Signing Authority Tool for their applications. See the BlackBerry Signing Authority Tool Administrator Guide for more information about code signing and third-party Java applications.
|
On the other hand, MDM for WM appears to allow a company to totally limit what can be installed on a device, much the same way a company can do the same with something like a laptop. So if the goal is to protect the device and prevent the user from installing a virus I would think this an impressive protection option availble for WM. Of course a company has to choose to USE that feature.
Quote:
|
Mobile Device Manager gives IT enterprise control over what software can be installed and run on Windows Mobile 6.1 devices within a company’s mobile network. This helps the devices run faster and also keeps malware from getting onto a device or into the network. IT can also easily lock down communications and camera functionality, helping to ensure that a company maintains compliance.
|
From what I've read the MDM provides a lot of similar if not identical security methods that the BES provides. It's just a matter if a company uses those methods.
A vulnerability gap may exist between the two but I'm not so sure it's as extreme as perceived.
No really. I'll let it go this time. I think.
