We begin our smartphone security Rolling Review with a look at Trend Micro Mobile Security 5.0, a software suite that offers user-to-device authentication, antivirus (malware) protection, firewalling, spam protection for SMS messages, and intrusion detection. The Advanced package, which we tested, adds smartphone encryption to the list of controls for protecting local data and files.
Our tests showed TMMS can do a lot to help secure smartphones, but there are some caveats. Since the smartphones handle malware detection and leverage the TrendOffice antivirus engine, you need to buy into Trend Micro's antivirus system. This may steer away customers of other antivirus products. Also, as with any suite of this type, those who decide on TMMS should look closely at the list of supported phones before implementing.
TMMS's tabbed management console gave us strong control of our secured devices. The Summary tab summarized the devices being managed, key alerts, and device update status.
The Update tab let us schedule updates of the code repository on the server. Virus definition files, scan engine versions, mobile client updates, and installer packages are all checked against the latest information available from Trend Micro. Sending updates to our managed smartphones was a snap.
The Administration tab includes settings to assist with both SMS and manual phone provisioning, as well as license management. One of the neater features is the remote assist for password resets. When a user selects the "Remote Unlock" option on the phone, he or she is presented with a challenge code that lets the help desk unlock the appropriate response code.
The Client Management tab simplifies creation, sorting, and management of smartphone policies, which can then be enforced on participating devices. We created Mobile Security domains (a.k.a. device/policy groupings) that contained distinct policy information. This let us control different phones in different ways depending on the group in which they're placed.
TMMS puts security controls into General, Encryption, and Firewall settings. General settings manage antivirus issues (quarantining versus deleting malware), how updates are handled, log settings, and whether users are allowed to modify their security settings. The granularity provided here is decent without having too many options to cause confusion.
Our minor gripes had to do with the sometimes-kludgy UI and documentation that, while voluminous at times, never quite seemed to fully answer our questions.
A bigger annoyance is the password interface. When a character is typed into the password field, it shows up only as an asterisk, so a user has no idea what character was actually entered. Asterisk-only password cloaking isn't unique to TMMS, but it's frustrating for users trying to comply with a strong password policy.
These issues aren't deal-breakers, and organizations looking for comprehensive smartphone security should kick TMMS's tires.
Price varies depending on volume, discounts, and other considerations. A ballpark estimate for a 200-unit deployment would be around $45 per device for the Advanced suite or $25 per device for the Standard TMMS 5.0 package, with software maintenance costing extra.
Richard Dreger and Grant Moerschel are co-founders of WaveGard, a vendor-neutral security consulting firm. Contact them at email@example.com.