In a blog post Rick Engle, Principal Windows Technology Specialist at Microsoft confirmed that the latest version has all the features needed for productive and secure government use.
He notes that Windows Phone 8.1 is a security-enhanced OS and an architecture designed to help prevent malware attacks, and in a dig at iOS and Android, notes that it even prevent rooting and jail breaking.
He gave five examples of how Windows Phone 8.1 brings enterprise-grade security to public-sector workers:
- S/MIME for Encrypted and Secure enhanced Email—Windows Phone 8.1 brings an industry-standard implementation of S/MIME to enable secure email capabilities including the ability to encrypt and sign secure email, providing robust email capabilities without compromising security. Managed through a Mobile Device Management (MDM) solution or Exchange Server, employees can sign in and encrypt email messages directly from the Mail client on their phone.
- Enterprise VPN—This is one of my favorite new capabilities. Native VPN empowers users to easily access private, intranet-based corporate resources behind the firewall. Connections can be provisioned by an MDM and provide Single-Sign-On (SSO) security-hardened access through certificate authentication, and also reconnect automatically, providing a flexible and reliable connection. Microsoft is working with all the leading VPN solution providers to deliver SSL-based plug-ins that integrate with native VPN clients, making it easier for customers to connect Windows Phone 8.1 devices to internal networks, utilizing their preferred VPN infrastructure.
- Mobile Device Management—Windows Phone 8.1 has a built-in MDM client that allows IT organizations to manage devices with their management system of choice. Device enrollment has been dramatically simplified, lowering support costs and helping ease enrollment in both a Bring Your Own Device and a Corporate Liable scenario.
- PKI and Certificate Management—Now full certificate lifecycle management and support for Public Key Infrastructure (PKI) is possible, enabling many new certificate authentication scenarios. Certificates can be used for device authentication onto a network based on MDM enrollment. They can also be used for authentication to help secure Wi-Fi and VPN connections. One of the biggest breakthroughs is support for two-factor authentication. Windows Phone 8.1 devices all include an onboard Trusted Platform Module (TPM). That encrypted hardware container can be used to store and help protect certificates, including PIN-protected certificates stored within a Virtual Smartcard container.
- Rich MDM Control Policies—Agencies that need to carefully protect their networks and sensitive information can rely on deep MDM policies with Windows Phone 8.1. These policies provide full control of onboard hardware capabilities such as camera, Bluetooth, GPS, and NFC. They can also lock down applications with a sophisticated whitelisting and blacklisting capability to carefully control the applications users are allowed. For specialized environments, we even provide an Assigned Access capability, which employs a kiosk mode that can provide a tightly controlled, curated experience where only the applications and settings an organization wants exposed are shown to the user.
For more, read the post at Microsoft here.