On Friday 30 November 2001 09:29, [EMAIL PROTECTED] wrote: > Can anyone recommend a way of securing these devices out in the field? Is > one make inherently more secure than another? Can anyone recommend software > or hardware add-ons which can help secure these devices? Is ther any way to > prevent the PDA user from making unauthorised changes (e.g. using > policies)?
There are many tools for keeping your data safe. First of all, you can lock your database, so it can't be beamed (until you unlock it within the program or with a tool such as beamcrack), some applications allow for internal protection of the database, there are many tools that will keep your data in an encrypted, password protected form (but don't think they're unbreakable, if there's an pro looking for your data that protection won't last long, but on the other hand if you're dealing with a professional tell me the platform that is 100% secure?), and tools that ask for the password when the PDA is turned on. I presume you're trying to secure the data from being viewed/modified by other party... if this is the case, I'd go for this (on PalmOS): For boot-up security either sign-on (http://www.shopcic.com/product_details/signonpalm_details.asp) which asks you to sign the PDA before you can use it (I'm happily using it, quite nice piece of software and you don't have to remember another password, ideal for marketing people, you'll agree with that ;-), or you can use some more convenient "enter your PIN" software. For application specific encryption, jaws Memo is quite a good example; this software replaces standard memo and uses 4096-bit encryption to protect your memos, or something like Quick ID personal organizer which uses blowfish . Of course, it might not be what you really want, but I hope it puts some light on the scene... To conclude: yes, you're right, PDAs just aren't secure enough. And can be stolen much easier than laptops. Indeed, you're right and marketing people will for sure make troubles with PDAs - leaving them lying around, forgetting them in the bus, etc. All you can do to help protect the data is to enforce authorization every time it is turned on (don't relay on built-in security!) and to have security applications that encrypt the data (don't think of built-in locking and private records as well!) and keep it in encrypted form. -- Radoslav Dejanovic Senior Associate to Mayor's Office City of Zagreb, Croatia
