Search /
Docfinder:
Advanced search  |  Help  |  Site map
RESEARCH CENTERS
SITE RESOURCES
Click for Layer 8! No, really, click NOW!
Networking for Small Business
TODAY'S NEWS
Wireless/Mobile /

Protecting your PDA assets

Related linksToday's breaking news
Send to a friendFeedback
Related linksToday's breaking news
Send to a friendFeedback

By Paul Ferrill
Network World, 05/13/02

Personal Digital Assistants are an enigma for most corporate IT departments. As their use becomes more prevalent, it will require a rethinking of many corporate policies covering everything from the handling of personal information to writing down passwords. The stakes get even higher when you consider what the consequences might be of a lost or stolen executive PDA.

Trust Digital's PDASecure is one of several products that offer a solution to the PDA security problem (others include PDA Defense and PDAlok. PDASecure uses encryption algorithms and password protection to protect all vulnerabilities associated with a PDA. PDASecure costs around $39.95 per protected PDA. A version with centralized management costs about $79.95 per protected PDA, plus $5,000 for the server piece.

We tested PDASecure on a Compaq iPaq 3835 PDA running PocketPC 2002. We installed the software on a PC and then connected through the PDA's docking cradle. Installation time was a few minutes.

We were concerned about the requirement to enter a password every time the PDA is turned on. While this can be annoying if you're using the PDA to take notes in a meeting and you frequently turn it on and off to save the battery, we also realize that it can be just the ticket for a PDA used in a high-security environment. The Palm version of PDASecure lets you turn the logon password on and off, and requires a password for specific applications such as contacts or notes. The enterprise version of the Palm software lets you define a sequence of touches on the screen as a password. You could touch the middle, lower left, lower right and top middle areas of the screen, and the device would unlock. This could even be done while the device is in a pocket, purse, or briefcase, so others can't watch your motions.

Performance of the encryption algorithms depends on the level of protection you choose. PDASecure supports six different algorithms with up to 128-bit encryption. The most secure level could take up to 90 seconds to decrypt an address book. That alone could cause most users to shy away from using strong encryption. The PDASecure documentation gives a strong warning that if you forget your password there is no way to recover your encrypted information. At the administrator level PDASecure makes it possible to enable or disable ActiveSync and beaming. After turning this feature on, a password is required to sync the device - and beaming is disabled. You can also lock the device after a specified number of failed password attempts, and also erase the device if the number of attempts is exceeded.

The enterprise version includes a policy editor that lets you establish a networkwide policy for all PDAs. The Policy Editor supports user groups, which lets you set policies for groups based on their needs. Specific policies include setting the password length, time-of-day usage and application lockouts. You can also enable the logging of actions such as application usage, invalid logons, application deletion and number of beams sent or received. Getting end users to put up with the inconvenience of entering a password and the delays associated with encryption may be difficult. The Palm version seems to have a slight edge over the PocketPC version because you can choose to protect specific applications. That way you can put your sensitive information one place and not be bothered with a password every time you turn the device on. From our perspective the PocketPC version was more trouble than it was worth. Having to type in a password every time the device is turned on is enough of a disincentive to avoid using it. We wound up uninstalling the product after using it for a few days. The Palm version is much more usable and less intrusive. According to Trust Digital, future PocketPC versions will include the same level of features as the Palm currently has. However, we realize that other people have security requirements that make what we see as an annoyance a major plus for them.

PDASecure 1.2
2.7
Rating		 Company: Trust Digital, LLC, (703) 246-9198, www.trustdigital.com Cost: $74 per client for 100 clients. Pros: Maximum security protection for all major handheld PDA models; Palm version allows you to protect individual applications/files. Cons: No way to protect individual apps with the PocketPC version. 
PDASecure
Administration 30% 3  
Ease of use 25% 2  
Features 25% 3  
Installation 10% 3  
Documentation 10% 2.5  
TOTAL SCORE 2.7  
Individual category scores are based on a scale of 1 to 5. Percentages are the weight given each category in determining the total score. Scoring Key: 5: Exceptional showing in this category. Defines the standard of excellence; 4: Very good showing. Although there may be room for improvement, this product was much better than the average; 3: Average showing in this category. Product was neither especially good nor exceptionally bad; 2: Below average. Lacked some features or lower performance than other products or than expected; 1: Consistently subpar, or lacking features being reviewed.

RELATED LINKS

Ferrill is a freelance writer in Lancaster, Calif. He can be reached at paul.ferrill@verizon.net.

Trust Digital

Archive of Network World reviews


NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
Click here to sign up!
New Event - WANs: Optimizing Your Network Now.
Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
Attend FREE
Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.
* HOME    * RESEARCH CENTERS     * NEWS     * EVENTS

Contact us | Terms of Service/Privacy | How to Advertise
Reprints and links | Partnerships | Subscribe to NW
About Network World, Inc.

Copyright, 1994-2006 Network World, Inc. All rights reserved.