On the mobile device, data is stored in SQL Mobile in an encrypted database which uses a 128-bit key. The SQL Mobile database is password protected for further safety from a lost or stolen device. Field workers must be authenticated with either an e-finity account established by the administrator or with a domain/active directory account.
For wireless connections to the server, network traffic can be further secured with SSL, encryption, and a variety of secure wireless transport schemes such as WEP, LEAP and other proprietary formats provided by the access point vendor.
Windows Integrated Authentication is used for the conversation between the device and IIS, from IIS to SQL Server, and from SQL Server to the management console and any report pages.