Find Article by Date
Mon, 06 Oct 2003

JP/How to avoid prying eyes and secure data on PDAs

How to avoid prying eyes and secure data on PDAs

Vishnu K. Mahmud, Contributor, Jakarta, vmahmud@yahoo.com

My Sony Clie Personal Digital Assistant (PDA) was stolen a while back. It was sitting inside an unlocked office drawer over the weekend; on my first day of work I suddenly realized it was missing.

Usually, the PDA would have had a wealth of personal data such as bank account numbers, e-mails, personal phone numbers and some Internet passwords.

Luckily, I had already wiped out the data on it since I had just purchased a Palm Tungsten T. The Clie was actually on its way to the second-hand Internet market before it was pilfered.

But this incident prompted a question. What kind of data do you have on your PDA now? Or on your handphone, most of which have telephone books and calendar programs. Do you sometimes insert your ATM PIN numbers or company network passwords there? Or perhaps the highly confidential telephone numbers of important clients?

Like its predecessor the Filofax, PDA's are now a centralized hub of information for their users. All your secret contacts, appointments and tasks can be revealed to whoever handles your digital device.

And as PDAs get more powerful, other files like word processing documents, music and multimedia presentations can also be stored and used on these miniature computers.

What have you done to protect them from prying eyes?

Although corporate espionage is usually far from the minds of businesses, it must not be ruled out. Most road warriors today carry PDAs or laptops that are chock-full of corporate data and secrets.

What would happen if the equipment got lost? Who would suddenly have access to the company's networks and accounts?

Each PDA and computer operating system has a built-in security protocol that can be activated if necessary. They can prompt the user to enter a password (the longer the better) whenever the device is turned on. However, this may encumber users who only want to quickly look up a phone number or memo.

Security-conscious people can download programs like visualKey (www.visKey.com), a unique defense application, to secure their PDAs or computers. This multiplatform software (supporting both Palm and Pocket PC operating systems) powers up whenever the computer is turned on or comes out of sleep mode, depending on the user settings.

But instead of writing a password, users simply tap precise sections of a picture in a specific sequence.

For example, if you were to have a picture of a dog, you would first tap his tail, head then left paw. The order and number of taps is determined by the user, as is the picture. Star Trek geeks would love the Federation L-Cars interface, similar to what they use onboard the Enterprise!

There are of course other programs available to lock down your handheld computer. For further protection, you may want to consider encrypting your data, which scrambles the contents of selected files so even if your computer falls into the wrong hands, they won't be able to access the data.

Programs like PDA Defense (www.pdadefense.com) not only lock down your Palm OS, Pocket PC or notebook computer but can also encrypt the information inside it.

Granted, these solutions may not stop the truly motivated hacker from finding exploits in your PDA with a view to harvesting the information. But at the very least, it would prompt the thieves or pickpockets who have your digital filofax to reformat (read: reset) the device clean so it can be illicitly sold.

Some PDA owners should beware that if their operating systems crash, it may reset the settings of the security software, making the device insecure. Luckily, Palm OS users don't have to worry about that too much!

Always make sure that a duplicate of your data is safely stored on your computer so you can move on to a new portable device if necessary. Make sure you synchronize your Palm or Pocket PC data regularly.

For mobile phones, it's a bit tricky. In general, handphones do not have as many security measures as computers or PDAs, as they are considered to be more of a consumer item then a business computer.

It would be a good idea to refrain from entering sensitive information on your mobile phone, unless you have the latest, state-of-the-art, phone-cum-PDA from Nokia or Sony Ericsson.

As with PDAs above, always have a backup of the data and ask the vendor for some extra security software, if available. Considering how valuable information is nowadays, your safety and security may depend on it.