A couple of Gartner analysts recently offered the opinion in a research note that Microsoft's new Windows Mobile 5.0 platform and the e-mail solution built for it don't meet the security requirements of large enterprises.

Should a Windows Mobile 5.0 PDA or smartphone become lost or stolen, the operating system does not do enough to secure data. Although an administrator is capable of remotely erasing information in a PDA or smartphone's memory, files stored on memory cards are out of reach—leaving the lion’s share of personal and company data unprotected.

"Wiping the devices' memory is of limited use, since data on removable media is not erased and remains exposed. Because mobile devices have limited storage capacity, most users store data on media, such as memory cards, that can simply be removed from one device and read in another," according to Gartner analysts Dion Wiggins and Nick Ingelbrecht.

To the analysts chagrin, Windows Mobile 5.0 nor the e-mail system offer an encryption option for on-device or removable storage data. They think cryptography should have been a standard feature of the platform. And it could have been, as the OS builds in the necessary application programming interfaces (APIs) for this capability.

Instead, the software giant "continues to rely on third-party vendors to plug its mobile-security shortcomings," said Wiggins and Ingelbrecht.

One of these other company's is handheld security expert Bluefire Security Technologies, which announced full support for Windows Mobile 5.0 today.

The company asserts it fills the security void left by Microsoft and its much improved Pocket PC & Smartphone OS (e.g. better integration with Microsoft Office, improved Exchange Server support, the capability to store a lot more data, etc.).

Bluefire VP of engineering Jeff Kleiman asserts, "Bluefire's products can slam the door shut on security threats. Windows Mobile 5.0 users who add Bluefire's Mobile Security software will gain total protection through our data encryption, VPN and firewall which are offered in an integrated management and security framework."