Page 1 of 2 12 LastLast
Results 1 to 20 of 23
  1.    #1  
    I've been waiting patiently for a new phone, hoping it would be supported by my IT folks. Since we're in a medical environment, security is tight. This was a comment by one of the IT guys. Does anyone know this amount of detail at this time?

    "Since the Pre was announced I have been following the news about it. The only information I have seen so far has been in the marketing pages and they say it supports ActiveSync. But the question is how much of ActiveSync does it support. If it just syncs the email, contacts and calendar that is not enough. We also need for it to support ActiveSync's options to send security policies to the phone. These are the policies that enforce the locking, encrypting and wireless wiping of the phone. I am hoping that a user manual or "how-to" set of instructions appears online before the phone ships.

    Once I get further information that will answer our questions I will let you know if we will be supporting the Pre."
  2. #2  
    Why would you want any information that sensitive on any mobile phone?
    My Phone & My Wife's Phone Two Unlocked GSM Treo Pro's

  3. #3  
    It's all really an unknown at this time. ActiveSync uses ActiveSync Exchange, which is a proprietary protocol from Microsoft, which requires licensing fees. There was some "push" against this in the wireless world (there are lots of folks that hate having MS "own" everything), but ActiveSync has pretty much become the defacto standard now. I suspect that it will become more the standard rather than less.

    The plus side is that it appears that MS not using the protocol as leverage to try to "force" others into using WinMobile as their OS. They seem to be allowing anyone willing to pay the fees to license the protocol.

    I don't know for sure how much of the ActiveSync system Palm is using. I've seen reports that you can wipe the Pre, and I doubt seriously that they would license ActiveSync, then come up with a proprietary system to wipe the device.

    I suspect your IT guys are going to be able to do what they need with the Pre; if not immediately, then shortly after the release as new functionality comes into play. However, it's really just a semi-educated guess. Hopefully, we'll all know in a few more days.
    Last edited by hparsons; 05/05/2009 at 09:54 AM.
  4. dtokarz's Avatar
    Posts
    371 Posts
    Global Posts
    379 Global Posts
    #4  
    Quote Originally Posted by palandri View Post
    Why would you want any information that sensitive on any mobile phone?
    That is one of the benefits of a BB. And I think they have sold more than just a couple of phones.

    If the Pre plans on trying to get any type of corporate business, this should be seriously considered. Or maybe a third party app?
  5. #5  
    Quote Originally Posted by palandri View Post
    Why would you want any information that sensitive on any mobile phone?
    In medical fields, there are government mandated requirements. For instance, if one doctor emails another about a particular patient, if identifying information about the patient is in the email, that's considered confidential patient information, and falls under HIPAA guidelines. Such an email that ends up on a PDA device would also fall under the HIPAA gidelines.

    Because HIPAA requires that a facility establish and enforce their policies (and the fact that there are civil and criminal repurcussions), most medical facilities try to err on the side of caution.
  6.    #6  
    Yep, caution would be the right word. The fact is that I never keep personal health information on my phone, but that's where I work so that's what criteria I need to meet. They do currently support Windows Mobile, the iPhone and BB...so I'm hoping the Pre will offer them the same security.....
  7. #7  
    Quote Originally Posted by hparsons View Post
    In medical fields, there are government mandated requirements. For instance, if one doctor emails another about a particular patient, if identifying information about the patient is in the email, that's considered confidential patient information, and falls under HIPAA guidelines. Such an email that ends up on a PDA device would also fall under the HIPAA gidelines.

    Because HIPAA requires that a facility establish and enforce their policies (and the fact that there are civil and criminal repurcussions), most medical facilities try to err on the side of caution.
    That makes sense, but why would they want to do that off their phone rather than their desktop computer? Especially if they are large files
    My Phone & My Wife's Phone Two Unlocked GSM Treo Pro's

  8. #8  
    Quote Originally Posted by davidra View Post
    Yep, caution would be the right word. The fact is that I never keep personal health information on my phone, but that's where I work so that's what criteria I need to meet. They do currently support Windows Mobile, the iPhone and BB...so I'm hoping the Pre will offer them the same security.....
    If they want the Pre to be attractive to people in the Medical field, they better come up with something then.
    My Phone & My Wife's Phone Two Unlocked GSM Treo Pro's

  9. #9  
    Quote Originally Posted by palandri View Post
    That makes sense, but why would they want to do that off their phone rather than their desktop computer? Especially if they are large files
    I guess I didn't make the example clear enough. If a Dr has a device that receives email, and another Dr sends him an email about a patient (with HIPAA covered information, which could be as little as the patient name and his diagnosis), and the information goes to the PDA, then it's covered under HIPAA guidelines.

    Not only that, the people responsible for enforcement have to show that they enforce their policies not only in situations where that actually happens, but in situations where it could happen.
  10. #10  
    Quote Originally Posted by hparsons View Post
    I guess I didn't make the example clear enough. If a Dr has a device that receives email, and another Dr sends him an email about a patient (with HIPAA covered information, which could be as little as the patient name and his diagnosis), and the information goes to the PDA, then it's covered under HIPAA guidelines.

    Not only that, the people responsible for enforcement have to show that they enforce their policies not only in situations where that actually happens, but in situations where it could happen.
    Thanks!
    My Phone & My Wife's Phone Two Unlocked GSM Treo Pro's

  11.    #11  
    Quote Originally Posted by hparsons View Post
    I guess I didn't make the example clear enough. If a Dr has a device that receives email, and another Dr sends him an email about a patient (with HIPAA covered information, which could be as little as the patient name and his diagnosis), and the information goes to the PDA, then it's covered under HIPAA guidelines.

    Not only that, the people responsible for enforcement have to show that they enforce their policies not only in situations where that actually happens, but in situations where it could happen.
    Exactly. If you use a Windows OS in our system, you have to enter a numeric password to use the phone. If you use a BB, you have to enter a password to get to email (although not to use the phone).
  12. akula34's Avatar
    Posts
    655 Posts
    Global Posts
    689 Global Posts
    #12  
    Web standards allow for SSL or encryption... welcome to the wonders of webOS!!

    Providers won't have to worry about the security of the OS itself (to an extent, they'll have to secure offline data itself) but rather build the application to fit their individual security needs. It's brilliant!
    "Only the dead have seen the end of war" - Plato
  13. #13  
    Quote Originally Posted by palandri View Post
    Why would you want any information that sensitive on any mobile phone?
    Disbelieve if you like, but smartphones are used for enterprise communication by people on the go. They're not just platforms for little girls to SMS back and forth
  14. #14  
    Its up to enterprises and app developers to come up with vpn solutions for secure communication into enterprise IT infrastructure from the internet. Solutions already exist for the more common business-oriented smartphones, I'm sure others will exist for Pre as well.

    edit - added the underlined content.
  15. #15  
    Quote Originally Posted by akula34 View Post
    Web standards allow for SSL or encryption... welcome to the wonders of webOS!!

    Providers won't have to worry about the security of the OS itself (to an extent, they'll have to secure offline data itself) but rather build the application to fit their individual security needs. It's brilliant!
    So you are looking forward to typing in your exchange password each time you connect? Otherwise the PDA itself will have saved credentials to access the server and thus must be secure so that only the owner can use the device. ActiveSync allows administrators to enforce that devices connecting to their exchange servers have these security settings turned on, it is important to them to be sure that the phone respects the security settings on the servers.
  16. #16  
    Quote Originally Posted by jcunwired View Post
    Disbelieve if you like, but smartphones are used for enterprise communication by people on the go. They're not just platforms for little girls to SMS back and forth
    I understand

    One of the things mentioned was email from doctor to doctor with private medical information. How private can that possibly be when all ISP are required to keep a copy of all emails sent for a period of one year now? If that storage gets hacked, the information gets out, and we all know anything can get hacked.

    As an Electrician I use my PDA in the following ways, none of them requiring a secure environment:

    *My timecard in on an excel file that I fill out and email in.
    *Estimates are on an excel file, that I can open and look at hours for each phase of a job.
    *I use the PDF reader for specification papers
    *I use the camera for taking pictures of code compliance, damage, completed work.
    *I can use the internet to get manufactures information and part numbers.
    *I use the note and calendar function for project meetings.
    *I use the calculator for adding parts or hours up.
    *I use GPS with TeleNav to get to different jobs.
    My Phone & My Wife's Phone Two Unlocked GSM Treo Pro's

  17. #17  
    Quote Originally Posted by palandri View Post
    I understand

    One of the things mentioned was email from doctor to doctor with private medical information. How private can that possibly be when all ISP are required to keep a copy of all emails sent for a period of one year now? If that storage gets hacked, the information gets out, and we all know anything can get hacked.
    Enterprise email isn't stored or handled by an ISP.
    Sprint Treo 755p
  18. #18  
    Quote Originally Posted by pilot1000 View Post
    Enterprise email isn't stored or handled by an ISP.
    Who provides email service between a doctor at St. Judes hospital in California, to a doctor at Holy Family Hospital in New York? Somebody has to provide the service, whether it's AT&T or Sprint or Covad, somebody has to be the internet service provider.
    My Phone & My Wife's Phone Two Unlocked GSM Treo Pro's

  19. #19  
    Enterprises run their own mail servers. The ISPs simply provide the wires to send them on. It's not like your home email address where the the same company who provides you with your connection also provides you with an email address.
  20.    #20  
    Quote Originally Posted by asforme View Post
    So you are looking forward to typing in your exchange password each time you connect? Otherwise the PDA itself will have saved credentials to access the server and thus must be secure so that only the owner can use the device. ActiveSync allows administrators to enforce that devices connecting to their exchange servers have these security settings turned on, it is important to them to be sure that the phone respects the security settings on the servers.
    Actually, no. I hate the idea. But on the other hand I don't pay for the phone or for the service, so I won't quibble with entering four digits. I guess.
Page 1 of 2 12 LastLast

Posting Permissions