TARM - Terminal Administration Rights Model

I thought I’d write about some of the new security features currently available in E Series phones - Terminal Administration Rights Model or TARM for short. I did a search on the internet and it didn’t really yield many useful results so I hope this post will help raise awareness - because for enterprise security administrators, these features are great.

Let’s take a typical scenario. You are responsible for security in your organisation and this includes a 5,000 mobile device fleet. Your mobile carrier offers Intellisync Device Manager (or maybe you even have a DM server in-house?) If the phones your employees are carrying are E Series devices then you have a host of great advanced security features at your fingertips.

You can for example enforce client application settings, such as removing the ability for an end user to disable their anti virus settings or removing the ability to uninstall applications.

In the UK, a mobile phone is lost or stolen every three minutes. For businesses, this is a growing concern we are storing more and more corporate data on our phones, and individuals typically posses one phone for both their business and personal life. My two personal favourites are Device Lock and Device Wipe. In the event a device is lost, borrow the nearest phone, call your operator or helpdesk and request your device be locked or if you are absolutely sure, wiped. And thats it. The result? You lost a $500 phone instead of your phone and the corporate roadmaps for the next 6 months or details on an unannounced product. Other interesting controls include Settings Enforcement and Corporate Policy Deployment. These features restrict the users ability to install applications, perform functions or modify the terminal settings in a way which could alter the terminal configuration in a way that might make it noncompliant with your security policy.

For more information on TARM and Device Management, follow this link