PDA Dangers
PDA's are now more rapidly becoming another source of infection and time
consuming support.
In some companies, PDA's are not even considered IT devices, just personal
equipment.
This is despite the fact that synchronization and also work with office files
takes place.
A set of simple rules apply:
1. For both the individual work station and for corporate users, PDA AV
measures are a must.
2. As is careful usage (i.e. not downloading anything other than official
updates) Hint: ENFORCE THIS!
The reason is this: Since these devices are so cheap, perform so relatively
simple tasks, it is just not
feasible to spend a lot of time performing all
kinds of efforts supporting a security infrastructure for them.
Simple rules + necessary countermeasures will have to do the job.
A very competent site regarding the issues of PDA security (along with very
good reasoning why confidential
information should NOT be stored on these
devices) is
Yale
University School of Medicine.
Since this is a university site the advice is bona fide
independent and is very thoroughly researched.
Tele-surveillance via advanced cell phones - a double edged sword:
(www.flexispy.com)
One example of a commercially available remote surveillance solution. It is not
cheap and it is not
legal to use in countries with strict personal data legislation; ie. in certain
states in the US, and in
several European countries, especially Scandinavia. Some might be
tempted, however, and this
is why this product is mentioned here. It is a real risk for large
corporations where access to
board-level information from unauthorized third parties could be a detrimental.
When formulating corporate policies re. handheld devices, factors as the one
above should be considered.
A few examples (for mobile phone/PDAs):
Owners/users of "converging devices" (phones with PDA functionality) have to
realize the added
functionality brings with it added exposure/risk.
The top vendors in this segment are:
1. F-secure (the most technologically advanced, and with a sufficiently broad business base)
2. PDA defense
3. Symantec
4. McAfee
(back)