Since PDAs are meant to be mobile, they suffer from all of the vulnerabilities that laptops do. You need to protect them from theft, sniffing and password theft, data theft, data corruption, and to a lesser extent, from viruses.
Theft is probably the most common threat, and the one you can most easily prevent with vigilance. To protect against theft we recommend that you turn on the password security feature on your PDA.
Both the Palm and PocketPC have security utilities that let you set a password in order to get access to the data on the device. Figure below shows this utility from a Palm V device.
A password will protect your data from people with average computer skills; they will be forced to reset the device in order to eliminate the password, thus sending the device back to its default state.
However, a password alone won’t help you get your PDA back to you. For that, you need to have a method of identifying the device as yours.
The single best thing to do is to have your name, address, and phone number engraved on the device.
Although some utilities allow you to set a screen that shows this information, software is software and can be defeated or lost when the device is reset. More robust security applications are available that you can employ on PDAs.
Some of these applications encrypt your data, password-protecting not only the device but individual applications and files, and passwords. Among this class of utilities are Applian’s Pocket Lock and Virtual Wallet, Illium Software’s eWallet, PDA Defense, PDASecure, TealLock, and others.
Although PDA viruses weren’t particularly well known in the past, the inclusion of more Java and ActiveX applets and code on PDAs, particularly in browsing the Web, makes them much more vulnerable than they once were.
It’s worth mentioning that your chances of picking up a virus are probably greater when you are synchronizing your PDA than through a wireless connection. The following vendors offer anti-virus software for PDAs:
- Airscanner for the PocketPC.
- Anti-Virus and FileCrypto from F-Secure.
- Avast! 4 for Palm and WinCE.
- InoculateIT for Palm OS, Computer Associates.
- Karpersky Security for PDA.
- PC-cillin for Wireless from Trend Micro.
- Symantec Antivirus for Handhelds.
As with any wireless networking situation, you can take steps on your own network to limit what outsiders can see. You can suppress SSID broadcasts and encrypt data using WEP, or better yet, WPA.
However, you don’t have those options when you are on the road connecting at a hotspot. You may want to consider installing a VPN client such as Mergic VPN for Palm to protect your wireless communication on the road.
A VPN will slow your transmission somewhat, but it will protect your data. Depending on who you are communicating with, a VPN may be a requirement for the connection. For home and small networks it typically isn’t required.
Most users of this type will find VPNs to be a little bit of overkill for PDAs, and for some underpowered devices the performance drag is too significant to be worth bothering with this feature.
One nice feature of VPN client software is that it often comes with personal firewalls, something that isn’t normally put onto the current generation of PDAs. Strange as it seems, you may want to consider a physical device that shields your PDA from outside probing.
Because PDAs are always on (even in a low-powered state), wireless transmissions can wake a device and provide access to it. You can protect your PDA by enclosing it in a shielded electrostatic bag (or better yet, a case) when you are traveling. One company, mobileCloak, sells an electrostatic PDA case that you can use for this purpose.
Don’t forget that if your PDA has a flash storage card or device in it that stores the data you use, that card is just as much of a security concern as the handheld itself. You’ll want to take measures to limit access to data on these cards, encrypt their data, or use a device with a personal identification method like biometrics.