Technology Roundup: Is Your PDA Secure?

We hear a lot of talk—and see a lot of products—designed to protect laptops, desktops, and networks from theft and security breaches. But what about personal digital assistants (PDAs)? Not only are they completely portable and thus quite likely to be left behind somewhere, but they often contain confidential data.

Sure, they're relatively cheap to replace. But as with any computer, it's the information inside them that holds the real value. What's more, with their port and beaming capabilities, PDAs also serve as access points into users' desktop machines and all their proprietary assets. Here's a look at software products that protect these small devices from invasion.

OneTouchPass
OneTouchPass 2.3 from Softava controls entry into the PDA by touch control. Users identify a series of touch points, in a particular order, on the screen image. That sequence becomes a password that unlocks the contents of the PDA. Users can select any image they want for touch control by uploading a favorite photo or image, or they may use one of a set of screens provided by OneTouchPass.

The touch system overlays the text password. If the wrong touch sequence is entered, the system reverts to requiring a text password. If someone shuts off the device before entering the text password, OneTouchPass requires the text password upon starting again. Also, if a user turns on the PDA and d'es not see the OneTouchPass screen, he or she knows that the device has been tampered with. According to Softava, even a single-tap password provides more than 99 percent security, so adding multiple tap sequences improves security without adding considerably to start-up time. Contact: Softava, www.onetouchpass.com or www.softava.com.

PDA Defense
PDA Defense takes a different approach to PDA security. To gain access to applications and functions on the PDA, users must enter a password either by typing on the keyboard or by using a hardware button. According to the product manufacturer, start-up time is immediate after entering the password. The product is built on the PDABomb Security Platform, a multi-tiered security system that uses industry-standard encryption.

PDA Defense is available in standard (Palm), professional (Palm and Pocket PC), and enterprise versions (for Palm, Blackberry, and Pocket PC). PDA Defense Standard protects five core PDA applications: address book, date book, to-do list, memo pad, and mail. The professional version adds additional features, including 128- or 512-bit Blowfish encryption which protects all information stored anywhere on the device; application lockout, which prevents unauthorized users from accessing applications without the password; and additional lock, stealth, and bitwiping functions.

The enterprise edition allows an administrator to create versions of the software that make particular security features mandatory or optional. Only the administrator can access or change the instructions. Contact: Asynchrony, St. Louis, Mo.; (314) 678-2200; www.pdadefense.com.

PDA Secure
Trust Digital's PDA Secure, also password operated, is available for Palm OS, Pocket PC, and Symbian. The software, which incorporates six different encryption standards, enables secure password and data encryption. Users can operate the Palm version in either Local Mode, which locks all applications on the PDA, or Global Mode, which completely locks the PDA itself, forbidding any use. It comes in three product lines: PDA Secure Standard and Premium for individual users, and Enterprise and PDA Policy Editor for network users and centralized managed security. Premium offers more features and encryption algorithms than the Standard version. Enterprise is the client piece and Policy Editor is the server piece of the network edition.

Trust Digital's product lets users define a sequence of touches for identification rather than a password, when that is more convenient. Users can switch from password to touch ID when they want to unlock the device subtly or perhaps in secret, while it is still in a purse or backpack. Contact: Trust Digital, Fairfax, Va.; (703) 246-9198; www.trustdigital.com.

PDALok
PDALok requires not a password, but a signature to gain access to the device. The use of Penflow Biometric Signature Recognition affords several advantages. For one thing, it's one less password to remember. Signing on and gaining access only takes a moment, even for longer signatures. The software creates a personal profile for each user, recognizing the signature, with its typical variations, over time.

Even though no signature is exactly the same, this software purportedly can identify between authentic and forged signatures. The lock prevents unauthorized users from gaining access to any of the PDA's functions and from synchronizing it with a desktop PC. Users can change their signatures by first entering the old signature and then entering the new one. The software can also be used to sign word documents and to verify signatures that are sent to the user. Contact: PDALok, Bio4 Limited, Hampshire, England; 44 (02392) 627 979; www.pdalok.com.

Featured