There has been some noise around Windows Mobile security, more specifically, analyst Jack Gold of J. Gold Associates said the way Microsoft Exchange and Windows Mobile 5 handle data transfer leaves sensitive corporate data inadequately protected. The software can only transfer unencrypted data to devices, and Windows Mobile doesn't provide any encryption options on the device, Gold said in the report, called "Microsoft's Direct Push Insecurity". You can read the full story in this article, Analyst blasts Windows Mobile security, from Computerworld.
Well, Jason Langridge from Microsoft doesn't think the same way, so he exposes his thoughts in his blog. If you're concerned about this issue, make sure you read DIRECT PUSH SECURITY FUD.