PDA Security

Personal digital assistants (PDAs) and smartphones have become more powerful computers and merge with wireless technology. A PDA is so small that it can (and should) always be carried around with its owner. However, this makes it more susceptible to loss and theft.

Besides the loss of the hardware, imagine what could happen if the calendar and meeting notes of a high-level manager falls into the wrong hands. The damage could range from just being embarrassing to substantial financial loss if the information is made public.

The threats that need to be addressed in the mobile world are quite similar to those of the "traditional" computing systems, although the means to address them may differ for PDAs and similar devices. Security issues include:

• Authenticating the rightful user of the device
• Protecting data on a PDA’s memory
• Securing data not only on the device itself but also while transferring it to other computers via e-mail or other network connections
• Managing security settings from a central location

In addition, all four main PDA platforms (Windows Mobile, Symbian, Palm, and BlackBerry) are basically not compatible with each other, which means a further challenge for the security administration.

In general, the built-in security functionality of PDAs is very poor. Although they offer some sort of password authentication to the operating system and usually an SSL function for the Internet browser, they are no where near having an implemented basic security model like Windows XP. No file system access control or application restrictions are implemented by default on PDAs.

With SafeGuard PDA and SafeGuard PushMail, Utimaco offers a complete product portfolio to implement IT security in a consistent way for all types of PDA operating systems.