Tighter Security For PDAs - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Hardware & Infrastructure
03:55 PM

Tighter Security For PDAs

The portability of handhelds makes them attractive to business users, but it also makes them more likely to be lost or stolen or for data to be corrupted.

Many PDA users want E-mail access to business networks, but IT security administrators don't want the PDA security risks. Without help from third-party vendors, BlackBerrys and Palms would remain nifty calendars and address books for many users, rather than the laptop substitutes they're meant to be.

"PDA users roam a lot more than laptop users, so their systems are twice as likely to be corrupted, lost, or stolen," says Nick Magliato, CEO at Trust Digital, a provider of PDA security products. "That's why there's a higher need for security on PDAs than there is for laptops and PCs."

The Department of Veterans Affairs' National Cardiovascular Care Improvement Program recognized this risk last year when it moved nurses at its 44 cardiac centers from laptops to Palm PDAs. Before, during, and after surgeries, nurses use the PDAs to gather about 200 pieces of information on each patient's medical history and current medical condition.

The move to PDAs wasn't a huge change since the devices could use the same software as the agency's desktops and laptops. Nurses work at desktop systems when they're not in the operating room and synchronize data between the two systems.

The Health Insurance Portability and Accountability Act and other regulations had forced the cardiovascular care unit to pay attention to security even before the PDAs were deployed. IT managers determined that they needed to block Wi-Fi and Bluetooth access and encrypt 17 data types in order to comply with privacy and security requirements. It went with security software from Trust Digital, which "has features I didn't even know I wanted but found out I needed," says Tamara Box, an independent contractor working as the Internet development manager at the VA's Cardiovascular Outcomes Research unit.

Data can be encrypted on an application basis using Trust Digital and requires app-level passwords, which is useful since multiple nurses may share the same PDA but don't need access to the same information, Box says. Policy-based administration lets Box choose different standards for different apps.

Not every PDA-using organization is securing its handhelds as effectively. In a recent survey conducted by security vendor nCipher Inc., 54% of 237 IT managers and security administrators say they don't know when they'll deploy or have no plans to deploy the 802.1x PDA security standard.

Companies should deploy authentication and encrypt data at the device level, says Ray Wagner, an analyst at Gartner. "Information on the PDA is no different than what's on a laptop," he says. "And people are carrying them around and losing them all the time."

Besides Trust Digital, Credant Technologies and Pointsec provide security products specifically for PDAs. Trust Digital focuses on securing data while it resides on the PDA. It doesn't try to protect PCs and laptops like bigger vendors.

Pointsec provides user-transparent encryption that ensures enforceable, automatic mobile security practices so all data is protected without requiring user intervention. Pointsec supports every major operating system for PCs, PDAs, and smart phones, and secures all information stored on the mobile devices and on removable memory media with full-disk encryption.

Credant provides a comprehensive mobile security platform to secure notebooks, tablet PCs, PDAs, and smart phones from one management interface, while integrating with enterprise directories for centralized management of security. Administrators work from a Web-based console that lets them control all devices. An automated detection and control feature protects all devices accessing a network.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
State of the Cloud
State of the Cloud
Cloud has drastically changed how IT organizations consume and deploy services in the digital age. This research report will delve into public, private and hybrid cloud adoption trends, with a special focus on infrastructure as a service and its role in the enterprise. Find out the challenges organizations are experiencing, and the technologies and strategies they are using to manage and mitigate those challenges today.
COVID-19: Using Data to Map Infections, Hospital Beds, and More
Jessica Davis, Senior Editor, Enterprise Apps,  3/25/2020
Enterprise Guide to Robotic Process Automation
Cathleen Gagne, Managing Editor, InformationWeek,  3/23/2020
How Startup Innovation Can Help Enterprises Face COVID-19
Joao-Pierre S. Ruth, Senior Writer,  3/24/2020
Register for InformationWeek Newsletters
Current Issue
IT Careers: Tech Drives Constant Change
Advances in information technology and management concepts mean that IT professionals must update their skill sets, even their career goals on an almost yearly basis. In this IT Trend Report, experts share advice on how IT pros can keep up with this every-changing job market. Read it today!
White Papers
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll