Physicians can transmit authorization for a prescription from the bedside of a patient. And detectives can report to head-quarters from the scene of the crime.
For on-the-go professionals having access to business applications and data literally in the palms of their hands provides obvious benefits. But these benefits aren't without risk. Information stored and transmitted from PDAs is vulnerable. The "built-in" security provided by these devices is easily compromised and wireless communications pass through networks in the clear. For these reasons, some IT departments have refused support for PDA devices.
As the demand for anytime, anywhere connectivity continues to grow and the number of available business applications multiplies, many organizations are finding these handheld devices far too useful to ignore. As organizations embrace PDAs, corporate IT departments must find cost-effective solutions that work within their established security policies and network infrastructure to enable anytime, anywhere connectivity without compromising user experience.
The Dilemma of PDA Security.
The primary attributes of the PDA, portability, ease of use, and wireless capabilities, are also what turn them into the proverbial "two-edged sword". Their strengths are what make them so easily susceptible to being lost or misplaced, and also make them targets for thieves, hackers, and industrial pirates. Studies have shown that PDA devices have a 30 percent loss rate.
The ramifications of a breach of PDA security on PDA users, their clients, patients, and employers can be extremely detrimental. To put the security situation in perspective, Tom Walsh of Enterprise Security says, "Robbers net about $85 per holdup and are caught 80 percent of the time. Information thefts average $800,000 in value and are caught two percent of the time." That's why it is crucial to be proactive and install redundant levels of security at all of the PDAs vulnerable points, as described more fully later on in the paper.
