McAfee Endpoint Encryption for Mobile
Strengths: Very nice encryption solution that would be a good addition to a product lacking that functionality
Weaknesses: Lack of other security features
Verdict: This is a complement to any solution that does not provide device encryption and theft protection
With McAfee Endpoint Encryption for Mobile (EEMO) version 2.4.1, you can create encrypted space on both internal and removable storage on portable devices such as smartphones or PDAs running Windows Mobile OS.
We loaded the Endpoint Encryption Manager on our Windows 2003 server. Using the supplied documentation we walked through the set up process. The first step was to create an administrator user. We had options to set up simple password authentication or choices for multiple two- and three-factor authentication options. Next we created an Endpoint Encryption PDA Server. Once created we noticed we had support for Active Directory connector to find remote devices. We created device policies and install packages for those policy sets. We were then able to install software and manage devices.
With EEMO, encryption and decryption of data is transparent to the end-user and is performed according to the central policies. EEMO was installed using a setup program over ActiveSync running on the PC to which the device was connected. We were able to choose what files, folders, memory or applications, such as Outlook, we wanted to encrypt. EEMO uses a password to generate the encryption key used for encryption/decryption together with a strong FIPS 140-2 certified implementation of the AES algorithm and a 256-bit key length. As long as the password is not cracked, files and applications are safe even if the phone is lost or stolen.
There is also a recovery feature available through the client. The recovery data is generated at the time of installation and synchronised with the central McAfee Endpoint Encryption Manager server.
Policy updates happen each time the portable device synchronises with its PC via any TCP/IP connection. There is an over the air option for updates as well.
When you are using a Windows Mobile Device, EEMO can allow you to make phone calls while data is encrypted on the device and the user is not logged on.
Basic support is included for one year with the licence purchase. Support upgrades available for a fee.
This is a very good encryption solution for mobiles.