Devices based on Microsoft Windows Mobile 5 and the Messaging and Security Feature Pack support security policies that can be pushed from Microsoft Exchange Server 2007 servers.

These policies control how the device behaves and what data is available on the device. For example, devices can be forced to time out after a specified period of inactivity, at which point the user must enter a PIN to use the device. The administrator can specify the nature of the PIN, and has the option of remotely erasing a lost or stolen device the next time it connects to the wireless network.

Third-party providers also offer enhanced features for device security. For more information, see the Windows Mobile Device Management and Security section in the Windows Mobile for Business Knowledge Center.