148    Chapter 3 • Communication Security: Remote Access and Messaging

             Mobile devices that utilize the Internet connect via ISP designated frequency to
             the WAP gateways, thereby sending and retrieving secure (encoded) content.
                 A device, however secure a connection it communicates over, can still be com-
             promised via theft and loss.To this end, mobile devices now have the ability to
             receive a “forced wipe” (sometimes referred to as issuing a “kill pill”). Certain man-
             ufacturers of enterprise mobility solutions and ISPs will provide this functionality
             so that a device setup with Windows Mobile, for example, can be wiped of all of its
             personal data and documents when the device is reported missing.
                 In addition, most devices have the ability to require password access and the
             equivalent of “screensaver” locks that require the user to authenticate themselves
             either by pin or domain credentials.This extra step, though certainly a nuisance to
             users, does protect documents and communications stored on the device.
                 E-mail server access is typically a major feature of any mobile device. OSes like
             the Palm Treo OS and Windows Mobile come ready to accept the addresses and
             names of e-mail servers and will utilize the PDA’s Internet access to facilitate com-
             munication to these servers. For this reason, it is recommended to require that
             client certificates be presented to the e-mail servers by the mobile clients for con-
             nectivity.This means limiting traffic not only to SSL, but to users who can provide
             the same certification issued by the company that distributed the device.The pro-
             cess of importing of digital certificates to mobile messaging devices varies by OS.


                Mobility and Presence Aware Applications
           Head of the Class...  provides client software for Windows Mobile devices, allowing for a full
                The use of digital certificates also protects IM traffic that is now available
                on these devices. Microsoft’s Live Communication Server, for example,

                range of “presence” aware technologies. Via this client, Global Address
                List (GAL) information and electronic communication is enabled at the
                device. This software can also be required to present a digital certificate
                to the LCS authentication servers, and the recommendation is always to
                choose this path.





             E-mail and Viruses

             Viruses are often spread as e-mail attachments.Attachments might be compressed
             files (such as ZIP files), programs (such as .exe files), or documents. Once the file is
             executed, the virus is released. Executing the file can be done by opening or





          www.syngress.com