SOME SPECIFIC AREAS TO FOCUS ON
I will touch on each of the major Security Applications types later. For now, let’s talk about the basic concepts of security and how they apply to PocketPCs.
Physical Access: This process is all about limiting the physical access to your device. When you are not actively using the device, please remember to locate the device in a secure location. For example,
- Placing the device in a pocket in your jacket or pants (it’s called a PocketPC for a reason!), or a belt clip case are perfectly acceptable as long as you are aware when it is there and when it’s not.
- Some great clothing lines have been manufactured around the ability to carry all of your gadgets, such as Scott-E-Vest. I personally own several pairs of their “Hidden Cargo” slacks and shorts, as well as a SportTec Jacket.
-If you won’t be storing the device on your immediate person, please consider storing it away in a key-locked cabinet, or securely locked-away in a desk drawer.
-Please do not forget your external data storage: CF (Compact Flash) and SD (Secure Digital) cards can also be stolen, even more readily so than your PocketPC or Laptop. They represent just as serious a security breach for your data, because it might actually be a while before you notice your card’s absence. Therefore, when not in use, they should be removed from your PocketPC and placed in a storage container and pocketed.
Application/Data Access: This rule is all about limiting the access of your device’s data and applications to only those you authorize.
- At a bare minimum, you should enable default password protection on your device, preferably with a six character or greater password length.
- Install or enable any biometric protection available on your device (h5500 and hx2700 series, for example). This should limit a thief’s ability to extract your personal data.
- If using fingerprint biometrics, consider using a trusted co-worker/supervisor’s fingerprint as a backup access key if your device is work related, or a spouse or offspring’s fingerprint as a backup access key if the device is your personal device.
- Install or enable encryption of your more sensitive data. Encrypt your SD/CF card data as well. This should also successfully limit a thief’s ability to extract your personal data from the cards should they be stolen.
- Install or enable a reliable Application/Data Backup program. In the even your existing data/application installation is compromised or corrupted, you can restore to a previous version.
Theft/Loss Mitigation: Limiting the impact of losing your device, as well as the data it contains. If your device is loaded with the appropriate software package, it can be programmed to delete your personal data after going so many days without Synchronizing with the assigned Host PC.
- Set your PocketPC to only allow x-number of failed log-ins before performing a Hard Reset on your PocketPC.
Wireless Encryption: This limits the exposure of your wireless data, but is only useful at private networks where encryption is a viable security solution. Public Hotspots will not use encryption to secure your transmissions.
- Enable the highest Encryption type (WEP, TKIP, AES) available on your device that is supported by your network Router or AP.
- Choose the maximum cipher length (e.g. 64bit, 128bit, 256bit, and 511bit) supported by your device and Router/AP.
- Use a subscription service that provides you with an IPSec/VPN Tunnel that you can use from any hotspot.
Follow us on Twitter!