Aug 21, 2005 11:31 PM
7195 Views
(Updated Aug 21, 2005 11:39 PM)
PDA's r a boon to the busy executive. But some care should be taken to prevent a dream gadget becoming a nightmare.:)
Disable unused connection methods – Many of the latest Pocket PCs include Wi-Fi and Bluetooth. Plus, some of the PDAs now include an integrated cell phone, such as the Samsung i600 Smartphone or the Treo 600 etc. While it's really convenient to be able to connect to any kind of network on the planet, having those connections enabled on your PDA provide tempting attack vectors for the unit. If your users are primarily using the cellular network then disable Wi-Fi and Bluetooth. If they generally just use Wi-Fi, then disable the other communications modes.IMP enable only when necessary.
Install a virus scanner– Since Pocket PC runs a version of the Windows operating system, you'd better install a virus scanner to help prevent infections from mobile viruses. There are a number of products available in this space, including the Airscanner product, Symantec Antivirus for Handhelds, and many more. To keep up with viruses that could attack your users' PDAs, take at look at this security search from Symantec.
Encrypt the data on the device – Just like a laptop, data on your PDA is easily accessible if it's stolen or lost. Whenever possible, encrypt the contents of the device so that the data is harder to access. you can get a product called Crippin that provides encryption(including decrypt passwords up to 255 characters in length) for all versions of Pocket PCs. It can even be used to compress files to save valuable memory. There is also a free version of Crippin that provides encryption capabilities, but only allows passwords of up to two characters. Crippin supports file encryption on files stored anywhere in the device, including on expansion cards. Airscanner is another solution that provides encryption, and it also offers antivirus software, which is a nice plus. There are lots of additional encryption solutions available for Pocket PCs. Like PDA Defense, which provides encryption software as well as the ability to completely erase your device, !
Regularly synchronize and backup– Obviously, if a user's PDA is damaged or lost and they store critical data on the device, you need to make sure everything is backed up on a regular basis. The user should regularly synchronization with a PC(at least once a day)
Require firewalls on PDAs– Particularly for PDAs that include mobile phone capability, consider installing firewall software on the PDA to protect it from unauthorized access. There are quite a few packages available that can help you lock down your users' mobile devices in this way.
Set a password for power-on and timeout – Suppose a user leaves his Pocket PC in a taxi and contains his contact list, sales leads, employee personal information, and company proprietary earnings information that has been e-mailed to him. This could be a major security problem. To protect against this, require the entry of a password each time the unit is turned on, and after a timeout periods. While it's not a very high tech solution to the problem, it does provide one more deterrent and, when used in conjunction with encryption and device wiping, can be pretty successful.
Wipe the device clean when hacking is detected– What do you do if your PDA has been stolen or lost and the individual that finds it is attempts to log into the unit to gain access to the confidential data? There's only one totally secure solution and that is to destroy the data. Software from PDA Defense can do that. Once it detects a certain number of failed login attempts, PDA Defense kicks off what they call their'bitwiping bomb' technology, which wipes all of the memory on the device without prompting the user. Of course, this is not for the casual Pocket PC user, but can be useful where very sensitive data landing in the wrong hands can be extremely damaging.
Don't store remote access passwords on the device – It's now quick and easy to log in to a network through a PDA using a saved password, but your users put their data and the corporate network at risk by doing so. Wherever possible, implement and enforce a policy disallowing saved passwords on these mobile devices.
Securely transport the device– Pants pockets, shirt pockets, flaps of purses and other easily accessible places can make PDAs easy to lose or damage. For example, try putting a PDA into a shirt pocket and then bend over to pick something up. It'll probably fall right out. Prevent damaged PDAs by using, at the very least, protective cases. Also, recommend are secure bags or briefcases, or on a belt clip.
