Microsoft’s new mobile operating system, Windows Phone 7, is here. Released amidst much fanfare, it has garnered praise for its innovative interface - but what about security? Microsoft obviously intends for the phone to appeal to the business market and easily integrate into corporate networks. Does it meet the stringent security requirements of enterprise networks?
Windows Phone 7 devices present the same security issues as most of today’s mobile devices. As smart phones become more ubiquitous, attackers are beginning to target them both as a means to access data stored on the phones themselves and as a vector for gaining access to the business network and/or introducing viruses and malware onto it. The phones must be protected from both over-the-network intrusion (which can include over the 3G/4G network, over wi-fi networks, and even over short range Bluetooth connections) and from direct access to data on the device if it is lost or stolen or otherwise falls into the wrong hands.
One problem that’s more unique to WP7 is that, while there are many third party security apps for the old Windows Mobile, iPhone, Android and Blackberry – smart phone operating systems that have been around for a while – WP7 is so new that there has not yet been time for the development of a third party security ecosystem for the platform. That means, for early adopters, the security that Microsoft has built into WP7 is even more important.