San Francisco - Gartner Symposium/ITxpo — When most people hear the name Nokia, the first things that come to mind are cell phones. Indeed, Nokia is one of the world's largest manufacturers of cell phones. The company makes devices that range from the very low end to the middle range (with features such as text messaging and built-in cameras) to high end smart phones with full QWERTY keyboards (see the Nokia 9300 series, pictured left). One thing however that doesn't come to mind is security. Not that the company's wireless handsets have a reputation for being insecure. But rather, the company isn't widely known as a provider of enterprise security solutions such as its battle-tested firewall appliances that are based on Check Point's VPN-1 software.
In an interview from the show floor at Gartner Symposium/ITxpo, Gary Singh, Nokia's director of marketing for secure and mobile connectivity, gave me an overview of why Nokia should be considered as an end-to-end platform provider for enterprises looking to mobilize applications. The interview is available as an MP3 that can be downloaded or, if you’re already subscribed to ZDNet’s IT Matters series of audio podcasts, it will show up on your system or MP3 player automatically (See ZDNet’s podcasts: How to tune in).
In the context of what Nokia offers, the "platform" has less to do with what operating system users are running or what development language (eg: .NET vs. Java) is powering the applications. But rather, Nokia's idea of mobile platform is one that guaranteesthat when when a mobile application needs access to the back office (typically behind a firewall), that:
- The mobile device is one that's been properly provisioned with the right credentials to make sure that it can get access to a secured network.
- At the time the mobile device, be it a smartphone, PDA, or notebook computer, requests access to the network that it gets authenticated as a device that should be permitted access to certain corporate resources.
- The person who's in posession of the handset is indeed the person who should have it.
- Once the device and the person in posession of it are fully authenticated, that the link is fully secured.
- Based on the identity of the inbound connection, certain policies are applied. For example, what resources the authenticated mobile "entity" is permitted to access.