I’ve elected to reduce my Â£35 monthly payment to Â£20 on a rolling 30-day contract, halving my minutes from 600 to 300 but keeping unlimited texts, data, and Wi-Fi.Â Alternatively I could have had a 12-month contract on the same terms for Â£15, or 600 minutes a month for Â£25 (900 for Â£30, etc.).Â There are some gotchas though (O2 did let me know about these): the account defaults to online billing (no problem); picture messages are 20p (not 4 texts from normal allowance); SMS from abroad is also chargable; and voicemail is now taken from the inclusive minutes.Â Even so, I should still be well within my limits.Â After the initial 30-day period I can switch to another O2 tariff at any time, or give 30-days notice if I decide to terminate the contract.
So, that should allow me to sit tight until either the next iPhone or a tasty Windows Mobile 7 device becomes available. And the Â£15/month saving will go some way towards the cost of my next partially-subsidised handset…
As well as struggling to understand what I do for a living (“Mark works in computers”), my mother-in-law struggles to understand the concept of working from home. In fact, many people above a certain age do – in the same way that they may struggle with the concept of not wearing a suit and tie, or with flexible working hours – but, to sum it up on one sentence, work is something that I do – not a place where I go.
Work is something that I do – not a place where I go.
I work from anywhere, with colleagues in the UK and Europe, but also with contacts in the US and Australia (i.e. in different timezones).
So the business challenges in this new world of work are about working together in real time, keeping people up to date, sharing information and working in any place, at any time. Whilst it’s important to amend business processes (and personal attitudes) to accommodate these requirements, technology plays its part too. I was recently freed from the shackles of our corporate infrastructure to use a skunkworks mobile working platform that gave me access to Exchange Server 2007’s Outlook Anywhere functionality (no need to VPN into the corporate network) and Office Communications Server (OCS) 2007 but I still have some challenges to overcome – like many people, I suffer from communications chaos – playing “telephone tag”, getting stuck in “voice mail jail” and suffering from “e-mail overload”. Then there’s RSS feeds to keep up to date with and I often find instant messaging to be a distraction. Finally, I have to turn something off and MAKE IT STOP!!!
What about my colleagues? Some of them have desk phones and mobiles – which should I call? I might be able to see their calendar and work out if they are at their desk but time of day could also be a consideration. If they are travelling then I might call the mobile. But sometimes I actually want to reach their voice mail (e.g. if I want to leave a message outside their normal working hours). If they only have one mobile phone (I have two so I can keep work and home life separate) then I don’t want to disturb them when they are on holiday – e-mail might be a better option. That’s why we need to unify the communications chaos.
Then there are meetings. As I consider whether my journey is really necessary (the picture here dates back to the second world war but these days the issue is rising fuel prices and a need to cut back on carbon emissions), I take part in an increasing number of conference calls and webcasts but I miss the interaction too… sometimes it’s useful to meet up face-to-face (where I work, my team has not met face-to-face for over 2 years, despite having been re-organised several times) but even if that’s not possible, video conferencing, and smart conference phones like the Microsoft Office RoundTable can really help.
So far, I’ve covered some of the reasons to unify communications but there’s another term that’s often banded about – unified messaging – what does that mean? Unified messaging is a form of unified communications and in order to understand the need for unified messaging, it helps to understand the concepts of synchronous and asynchronous communications.
The telephone is an example of synchronous communications – where we communicate in turn. We even have a three-way handshake at the beginning of a telephone call (phone rings, I answer, you reply). Other examples of synchronous communications are video conferencing and instant messaging.
But what if I don’t pick up the phone? It’s likely that the call will be diverted to voice mail and the caller’s brain struggles to switch to an asynchronous mode as they leave a message with all the pertinent points to be acted on later). Other examples of asynchronous communications are letters, faxes, and e-mail.
Unified messaging brings synchronous and asynchronous communications together – for example allowing fax and voice mail messages to be accessed together with e-mail in a single Inbox. Unified communications take this concept further and integrate unified messaging with instant messaging, presence awareness, video conferencing and desktop sharing.
To demonstrate the Microsoft view of unified communications, check out this short video based on the film “The Devil Wears Prada“:
In the video, a variety of Microsoft technologies are used to unify communications (all of which are available today):
Over the years, I’ve attended various presentations featuring mobile access to data but most of them have been along the lines of “look at all this cool stuff I can do”. Last week I was at the Microsoft IT Security Summit and saw a slightly different angle on things as Jason Langridge presented a session on securing Windows Mobile devices – something which is becoming ever more important as we increasingly use mobile devices to access data on the move.
It’s surprising just how few people make any effort to secure their device and, according to Microsoft, only 25% of mobile users set even a password/PIN. Even so, that’s just the tip of the iceberg – mobile data exists in a variety of locations (including paper!) and whilst many IT Managers are concerned about data on smartphones, PDAs and USB devices, paradoxically, many notebook PCs have an unencrypted hard disk containing many gigabytes of data. A mobile security policy is different to a laptop security policy – and it’s more than just a set of technology recommendations – it should involve assessing the risk and deciding what data can safely be lost and what can’t. Ultimately there is a fundamental trade-off between security, usability and cost.
Potential mobile device security threats can come from a number of sources, including malware from applications of unknown origin, viruses, loss/theft, unauthorised access via a personal area network, wireless LAN, wireless WAN, LAN or through synchronisation with a desktop/notebook PC. Each of these represents a subsequent risk to a corporate network.
The diagram below illustrates the various methods of provisioning and control for mobile devices, from direct application installation or desktop ActiveSync, through in-ROM configuration to over-the-air provisioning from Exchange Server, WAP or the Open Mobile Alliance (OMA) industry standard for mobile device management.
The most secure method of configuring a mobile device is via a custom in-ROM configuration – i.e. hard-coded XML in ROM, run during every cold boot. This method needs to be configured by the OEM or system integrator who creates the device image.
Secure system updates provide for after-market updates to device configuration, even when mobile. Image updates (a new feature for Windows Mobile 5.0) can update system files ranging from the full image to a single file including handling dependency and conflict resolution. Controlled by the OEM or the mobile operator, image update packages are secured using cryptographic signatures.
Probably the simplest way to provide some form of perimeter security is using a PIN code or strong password (depending on the device), incorporating an exponential delay with each incorrect password. Such arrangements can now be enforced using the tools provided in Exchange Server 2003 SP2 and/or the Systems Management Server device management feature pack. Taking a look at Exchange Server 2003 SP2, it not only delivers improved access to Outlook data when mobile with reduced bandwidth usage and latency, direct push e-mail, additional Outlook properties and global address list lookup; but it also provides security policy provisioning for devices with password restrictions, certificate authentication, S/MIME and the ability to locally or remotely reset a mobile device.
Windows Mobile does not encrypt data on devices due to the impact on performance; however it does include a cryptographic API and SQL CE/SQL Mobile access provides 128-bit encryption. If data encryption on the device is required (bearing in mind that the volume of data involved is small and the observation that many notebook PCs representing a far larger security risk are unsecured) then third party solutions are available.
Mobile applications can be secured for both installation and execution. For installation, the .CAB file containing the application can be signed and is validated against certificates in the device certificate store. Similarly, .EXE/.DLL files (and .CPL files, which are a special .DLL) need to be signed and validated for execution. Users are asked to consent to install or execute signed code, and if consent is given, a hash of each file is added to a prompt exclusion list to avoid repeated prompts. Copying executable files to the device is not the same as installing them and will result in an execution prompt.
Windows Mobile includes a two-tier application execution control with the 1-tier mode including either blocking execution completely or running as privileged/trusted. If 2-tier mode is in use, an application could be signed for one of two different trust levels – either privileged, with access to registries, APIs and hardware interfaces; or unprivileged, with applications restricted from certain operations. Smartphones support 1- or 2-tier operation; whereas PocketPC devices are limited to a single tier.
Whilst application installation security can provide good protection against viruses and other malware, there are also anti-virus APIs built in to Windows Mobile with solutions available from a variety of vendors.
As new wireless network technologies come onstream, it is important to consider wide area network security too. Windows Mobile supports NTLM v2 as well as SSL, WPA and 802.1x user authentication using passwords or certificates. VPN support is also provided. From a personal area network (Bluetooth/infrared) perspective, peer-to-peer connections require interaction in order to accept data and CSPs are available to block both Bluetooth and IrDA object exchange (OBEX). By default, Bluetooth is turned off on Windows Mobile 5.0 devices, giving out-of-the-box protection against bluesnarfing (gaining access to personal information data) and bluejacking (unauthorised sending of messages to a device).
Jason summarised his presentation by pointing out that security is often used as a convenient excuse not to deploy mobile technology when what is really required is to establish a mobile security policy and to educate users.
A risk assessment must be made of each security scenario and risk management should be based on that assessment. Solutions should be automatically enforced but must also be acceptable to users (e.g. complex passwords will not work well on a smartphone!). Security is a combination of both a policy and technology but the policy must come before the technology choice (only when it is known what is to be protected from whom in which situations can it be decided how to secure it).
As I commented on Keni’s blog, I tend to agree that if MSN Messenger were to be removed from smartphones then that would be a pretty dumb move (from one of the smartest marketing companies in the world), and without it the whole presence element of Microsoft’s mobility strategy starts to fall apart. Microsoft are claiming that 20% of all enterprise users make use of instant messaging (IM) services (either for business, or because their company allows it) and that this is expected to rise to 80% by the end of 2008 – not surprisingly, they want a piece of this market.
I’m reliably informed that the reason for public IM connectivity in Live Communications Server (LCS) 2005 being chargeable is because AOL, MSN, and Yahoo! require Microsoft Corporation (remember, MSN is a separate company) to subsidise them for lost advertising revenues where companies use the Windows Messenger and Office Communicator (ad-free) clients with LCS. Of course, as there are no ads in the mobile version of MSN Messenger, perhaps that is the justification for charging for that too?
Of course, charging for IM could be about opening up the mobile device market to other IM clients in an attempt to avoid landing themselves in court for allegedly behaving in an an anti-competitive manner. After all, it seems that the European Union (EU) is taking Microsoft’s dominant market position more seriously than the US Department of Justice (DoJ).
Keni Barwick has been blogging lots about Windows Mobile 5.0 (formerly codenamed Magneto) so now it’s my turn to chip in with my own view of why this update to the Windows mobile platform should not be ignored.
According to Microsoft (citing a December 2003 report from Gartner Dataquest) mobile device shipments are outstripping PC sales by a factor of 3:1 and quite simply, they want a piece of this market. The Windows CE platform has been with us now since 1996 and an IDC report (again cited by Microsoft) shows Pocket PC with a 57% share of the mobile device market in the first quarter of 2004. As momentum continues to grow Microsoft has recruited over 40 OEMs and 60 operators to back its Windows Mobile platform and on the mobile application front, Forrester have predicted that the mobile applications market will be worth $5.8bn to ISVs by 2006. Microsoft quote mobile operators reporting 25% average revenue per user (ARPU) increases with Windows mobile-based devices and are driving application growth through the Mobile2Market program.
Looking back at the history of Windows CE:
1996 – Handheld PC (codenamed Pegasus), Windows CE 1.0 (a cut down version of Windows 95), with monochrome display and 500,000 units sold.
1997 – Handheld PC (codenamed Mercury), Windows CE 2.0, colour (VGA) display, Microsoft Office applications.
2000 – Pocket PC 2000 (codenamed Rapier), Windows CE 3.0, simplified user interface.
2001 – Pocket PC 2002 (codenamed Merlin), Windows CE 3.0, new shell, Windows Media Player.
2002 – Pocket PC Phone Edition.
2002 – Windows Smartphone 2002 (codenamed Stinger).
2003 – Windows Mobile 2003 (codenamed Ozone), Windows CE 4.0 (re-branded as Windows Mobile), WiFi and Bluetooth connectivity, .NET Compact Framework, Windows Media Player 9.
With Windows Mobile 5.0, Microsoft wants to extend the enterprise onto mobile devices and to help ISVs develop rich mobile applications, no longer just porting existing functionality to mobile devices, but taking advantage of mobile hardware to add functionality and value (e.g. using GPS, or a camera). Furthermore, the plethora of devices that are available means that there is no longer a single “killer device” and Windows Mobile 5.0 is about providing a platform, with OEMs applying the operating system to their own form factor.
As Marcus Perryman (a Developer Evangelist at Microsoft) highlighted in his recent presentation at the Microsoft Technical Roadshow, it is increasingly difficult to differentiate between personal digital assistants (PDAs) and smartphones. Typically, devices considered “phone first” employ single-handed operation, with battery life being key and hence using a slower processor; but some phones now incorporate WiFi capabilities. “PDA first” devices typically require two hands, and feature a stylus and touchscreen, although some now feature slide-out keyboards.
The screen shots below show the Windows Mobile 5.0 interface in smartphone and PDA formats, but the platform is the same.
The main difference is the addition of the soft keys at the bottom of the screen, in a manner which will be familiar to most mobile phone users, but now appear on PDAs too.
According to Microsoft, Windows Mobile 5.0 was designed to meet the following customer requirements:
Differentiation and innovation.
Platform development capabilities and ease of use.
Mobile network operator:
Differentiation with rich services and experiences.
Drive ARPU, improve customer retention.
Security, reliability, manageability.
Compatibility with current and future IT assets.
Familiar, productive tools.
Familiar user interface.
Communications and services.
Seamless multimedia experiences.
The graphic below shows some of the improvements which Windows Mobile 5.0 provides.
These new features in Windows Mobile 5.0 allow for partner innovation; whether that partner is a device maker, an operator or a developer and provide a host of improvements and new features for users.
Now I’m not a developer by any stretch of the imagination, but even I could appreciate how easy it is to code for mobile devices with the forthcoming Visual Studio 2005 (codenamed Whidbey) and the .NET Compact Framework. As Marcus Perryman demonstrated, using Windows Mobile 5.0 APIs, writing code for mobile devices has been greatly simplified, explaining that developers have a choice of writing web-based applications or smart client applications:
Web-based applications use ASP.NET mobile controls served via mobile web pages to the mobile web browser (which support HTML 3.2 and WAP), allowing access to literally hundreds of devices; however they have a drawback in that they require a constant connection and are not full screen (due to the screen area used by the browser itself.
Smart client applications are written for a particular device (or subset of devices), run their code locally and call .NET Compact Framework APIs. The .NET Compact Framework is a portable subset of the .NET Framework, with v2.0 offering 64% of the functionality in 8% of the size (1.5Mb), targeting mobile and embedded devices, offering C# and Visual Basic .NET compiler support and leveraging the capabilities of Visual Studio .NET to run managed .EXEs and .DLLs directly, offer debug support and to peacefully co-exist with the host operating system.
Developers also have access to new Windows Mobile 5.0 Pocket PC and smartphone emulator images which use a virtual machine to run the full Pocket PC/smartphone software independent of the host operating system, effectively bringing mobile device development to mainstream developer community.
All in all, Windows Mobile 5.0 looks like a huge step forward for Microsoft in mobile device support.
I’ve been trying to get my PDA (an HP iPAQ 2210) to connect to the Internet via a Bluetooth connection to my business mobile phone (a Nokia 6310i). I was having problems with this until I found the details on the Vodafone website (Get More from Your Mobile | Internet on the Move | Set up your PDA); however the Vodafone details don’t include PDAs running Windows Mobile for Pocket PC 2003 or Bluetooth connectivity and so I’ve posted my own instructions here:
(these notes assume that that you are familiar with using the PocketPC and that you have already successfully paired the PDA with the mobile handset).
From the Start menu, select, Settings:
Move to the page and click the icon, then select .
Give the connection a name (e.g. Vodafone GPRS) and select a Bluetooth Dialup Modem, before clicking Next:
Enter the number as *99# and click Next:
Enter the username and password (both web). Leave the domain name empty and click Advanced…:
On the General page, set the Baud rate to 57600 and enter a modem command string of +cgdcont=1,"ip","Internet":
On the Port Settings page, set 8 data bits, no parity, 2 stop bits and hardware flow control:
All other advanced settings should be default (most notably the connection should use server-assigned [IP] addresses):
Click , and then .
Launch the Vodafone GPRS connection (e.g. by clicking the connectivity icon at the top of the screen and then clicking *99#):
The PDA will initiate the connection with the mobile handset (it may be necessary to confirm the connection on the handset):
Once connected, Internet services can be accessed as normal:
To disconnect, click the connectivity icon at the top of the screen and click Disconnect:
As part of the current drive to increase the security of its products, Microsoft plans to remove some of the current remote synchronisation functionality in ActiveSync 4.0.
The following text is taken from an e-mail yesterday from Microsoft’s Mobility Partner Advisory Council to Windows Mobile Partners:
“We are hard at work refining the next version of Windows Mobile in terms of features and security. One of the items that we are targeting for removal in ActiveSync 4.0 is remote sync with a PC. In future versions, we are planning to discontinue remote (network) incoming support to desktop ActiveSync. This means that if you are currently developing a mobile redirector solution that depends on remote (incoming) connection to desktop ActiveSync, this may impact you. We want ensure that partners who use this feature have plenty of time to formulate alternate approaches and also consider feedback if you feel strongly that this functionality should be preserved. We also want to hear from any partners that feel the removal of this feature would directly break their code or impact their product roadmap.”