A major issue for organisations using mobile computing devices is that confidential company data is held on these devices and is no longer safe-guarded by the sanctuary of the office. PDAs (Personal Digital Assistants) are easily lost or stolen and the data they contain must remain confidential even under these circumstances. New Media Security specialises in securing mobile devices.
Why you should secure your PDAs?
To a business user, the information stored on a PDA may be worth much more than the PDA itself, particularly to a competitor. The analyst firm Gartner estimates the cost is at least $2,500 for each PDA lost to theft or absent-mindedness due to the compromise of proprietary data that may be on PDAs. Data falling into the wrong hands can be costly for a number of reasons:
· Commercially-sensitive data (price lists, prospect and customer lists, business plans, marketing campaigns, intellectual property, etc) are acquired by a competitor.
· The loss of confidential information results in negative publicity which damages the organisation’s image and consequently reduces revenue and stock value. Only 20 % of incidents are reported to the police for this reason1.
· Information held on the PDA (PINs, bank account details, passwords etc) can be used to perform other damaging activities such as external corporate network hacking attacks and unauthorised bank transactions.
So protecting PDAs eliminates a significant business risk. In fact, Gartner recommends that companies protect these devices to cut costs, and estimate that companies with more than 5,000 employees could save $300,000 to $500,000 annually.
In addition to the cost implications, there are legal obligations in most countries:
· EU Data Protection Directive 1995 (EC)
· Data Protection Act 1998 (UK)
· Health Insurance Portability & Accountability Act 1996 (USA)
· Gramm-Leach-Bliley Act (Financial Services Modernization Act) 1999 (USA)
· Sarbanes-Oxley Act 2002 (USA)
Failure to comply can result in heavy fines, imprisonment and suspension of business.
NMS for PDA prevents unauthorized use of PDAs (Pocket PC) and protects the confidentiality of data held on the device if it is lost or stolen. It achieves this using a secure login and by encrypting data on all storage cards and in on-board persistent memory. It also prevents data being sent via Bluetooth and Infrared ports. Enterprise tools are provided for mass deployment, and to manage remote recovery of password and re-installation after hard reset or flat battery.
NMS for PDA provides security for the mobile enterprise, helps companies comply with the Data Protection Act and ensures that any loss of data from the organisation does not lead to damaged reputation or loss of customer confidence.
· Secure authentication. The PDA can only be used if the correct user password is entered. Security configuration controls enforce rules to which the user password must conform, including how often it must be changed. Importantly, NMS for PDA ensures that a password is used. The security configurations are protected by a separate Manager password that ensures that the enterprise security policy cannot be tampered with.
· Encryption. All data stored on memory cards, and all data held in on-board persistent storage is encrypted, if required. Encryption and decryption is transparent to the authorised user and occurs on-the-fly.
NMS for PDA Enterprise consists of:
· NMS for PDA Enterprise - Security for PDAs running Windows Mobile 5, Windows Mobile 2003 editions and Pocket PC 2002. Fully supports the high-resolution and landscape graphic options of Windows Mobile 5 and Windows Mobile 2003 Second Edition, as well as 240x240 pixel screens, built-in and snap-on keyboards.
· Management Suite - A set of tools to make it easy for the enterprise to mange central configuration, deployment and recovery.
NMS for PDA Enterprise
NMS for PDA is the only security software currently available for Pocket PC PDAs that features all these key benefits:
· NMS for PDA encrypts all data, in real-time, on all removable media such as Compact Flash cards, SD cards, Mini SD cards, and micro drives. Filenames on encrypted storage cards are encrypted.
· All data in on-board persistent storage can be encrypted, and therefore, cannot be read if the PDA is lost or stolen and subjected to a hard reset, or allowed to go “dead” by running the batteries down. Filenames are also are encrypted.
· Encryption and decryption is transparent to the authorised end-user and takes place automatically without user intervention.
· Robust user authentication enforces use of a password, which must conform to the chosen password security rules.
· Secures the ActiveSync connection to the PC. Unauthorised PDAs cannot be used to connect to company laptops, and data on protected PDAs cannot be copied to unauthorised PCs.
· Can be set to prevent data being sent or received via the Bluetooth and WiFi port, if present, and the Infrared port.
· Additional optional wipe of all PDA data under three conditions: if the PDA becomes locked, (after a number of wrong passwords have been entered), or is not used or docked for a specified number of days.
· Management functions protected by a separate password allow only the PDA Manager to change login settings, control password policy, the encryption of storage cards and persistent storage, and the sending of data via Bluetooth, WiFi and Infrared ports.
· Secure restoring of the installation and security settings of NMS for PDA after the PDA has been hard reset, or after all battery power has been lost (Dead PDA) This recovery is achieved without the need to re-install the software by connecting to a PC. Can be used in with backup applications to provide secure remote restoring of backed-up data.
· Enforceable auto-power down, and password-protected “screen saver” functions to ensure unattended PDAs are protected.
· Storage status information indicators to show encryption status and usage of storage cards and on-board persistent storage.
Management Suite Tools
NMS for PDA Enterprise adds the benefits of a suite of management tools to:
· Allow easy deployment of NMS software across an entire organisation. In this way, an organisation can enforce (and update) its PDA security policy without having to rely on the end-user, or recall every PDA to base. The software can be used to deploy to PDAs that do not dock to host PCs.
· Allow for the remote recovery from forgotten passwords or locked PDAs, using a once-only challenge response unlock mechanism that doesn't need to be physically or electronically connected to the PDA.
· Allow for remote recovery from a “dead” PDA. The installation and security settings that existed before the PDA went dead, or were hard reset, are reset securely without needing to return the PDA to base.
· Provide a secure facility to connect a NMS-protected PC to a plain PDA, to allow the temporary docking of an authorised guest plain PDA.
Manufacturers
PDAs / Smartphones
PDA Business Software
Java
Microsoft Windows Mobile
Skype Me!
