Revealed: PDA security risks - and what to do about them (part one)

Following silicon.com's revelation in January that the BBC is clamping down on the use of PDAs among its employees to help secure its network (http://www.silicon.com/a50809 ), the industry has been trying to come up with best practice guidelines for such mobile devices.

ICL is the latest company to join the debate. It has identified some key security risks posed by PDA usage, and has recommended actions for companies to take to make their PDA use more secure.

The Risks

Being a fashion victim
More and more people are buying fashionable PDAs. Most companies do not know how many devices hold their sensitive data, or what levels of security those devices have, making it difficult to ensure that information is safe.

Data protection
Companies holding data about customers, suppliers and employees have certain responsibilities under the data protection act. If this data is held on insecure devices, companies may be liable for prosecution.

The dormant virus
PDAs can carry viruses that lie dormant on the PDA, but that will attack a PC or laptop. PDAs are often plugged into desktops or laptops, bypassing firewalls. Employees can unwittingly transfer a damaging virus or Trojan that can compromise not only the desktop, but also the corporate network.

Theft
PDAs are extremely easy to steal. As they become more powerful, people are synchronising them with office systems such as Microsoft Outlook or Lotus Notes. PDAs can contain information about customer contacts or emails relating to company confidential topics, which could be used to cause serious embarrassment and damage to that company if it fell into the wrong hands.

Click http://www.silicon.com/a51917 for ICL's advice on countering these risks...