COMMENTARY--
PDA Defense is a security program for handhelds that'll delete your data if someone steals or tries to break into it. If it's good enough for the US Department of Defense, is it good enough for you?Like many IT services providers that find themselves doing the same thing over and over for their clients, St. Louis-based mobility specialist Asynchrony Solutions developed some reusable technology after it found itself routinely addressing the PDA security concerns of its customers.
Seeing a market for the technology, the company took the next logical step by readying it for use by both enterprises and consumers, and eventually shrink-wrapped the technology into three versions of a product it calls PDA Defense.
According to Bob Elfanbaum, the company's CEO, customers such as the U.S. Department of Defense have helped to make PDA Defense a bestseller in the PDA security market.
What's so special about PDA Defense?
The feature that security-conscious organizations and PDA aficionados will probably like most is what I call the Mr. Phelps feature: PDA Defense can be programmed to make PDA-bound data self-destruct after a certain number of failed password attempts or if the PDA goes a certain period of time without being synched. Says Elfanbaum, "The military guys love this stuff because they can program their PDAs to do a bit wipe if they go more than a few hours without synching."
Data self-destruction isn't PDA Defense's only defensive measure. It can also encrypt your PDA's data. That includes data that you might move or save on a memory card in the PDA's expansion slot. A variety of encryption algorithms are supported, including Blowfish 64,128 and 512 as well as AES 128, 192 and 256.
PDA Defense's bit-wiping and encryption features can be device-wide or application-specific. In other words, if the PDA has a database application on it with sensitive corporate data, PDA Defense can be programmed to encrypt and/or wipe that data without enabling security for the data that goes with the Address Book.
PDA Defense can also shore up a PDA's password protection scheme. By default, when a PDA Defense-protected device is powered on, the PDA Defense security screen comes up looking for a password. But that screen could tip would be hackers off to the fact that PDA Defense is loaded on the system. Which is why PDA Defense can also start up in stealth mode, in which it launches into a security screen that looks and feels like the PDA's native password prompt.
In extremely sensitive situations, however, a PDA Defense-protected PDA could be vulnerable. Elfanbaum admitted that, if the first instinct of a hacker is to crack the device open and suck any data in the silicon into some other form of storage (something an intelligence agency might do), then the only thing standing between the security of that data and the hacker who's trying to get at it would be the encryption algorithm. Given enough time and compute horsepower, just about any algorithm can be hacked, but doing so is not trivial.
Although weaknesses in the Palm OS were what originally necessitated the invention of PDA Defense, the product now supports PocketPC as well. RIM's BlackBerry is not yet supported but is under consideration. Says Elfanbaum, "the number of BlackBerry users still numbers in the low hundreds of thousands, a market that doesn't have enough critical mass to justify another version of PDA Defense yet."
For organizations looking to centralize PDA security policy management, Asynchrony Solutions now has an enterprise version that allows an administrator to create organization and group-wide policies that are subsequently rolled out through the more popular enterprise synching servers.
Considering what it does, PDA Defense's pricing is reasonable. The professional edition (with no centralized admin capabilities) goes for US$29.95, and the enterprise version (with centralized admin) costs US$1,500 and covers 50 users (which works out to US$30 per user). That per-user cost goes down as the number of users goes up. For organizations with 10,000 licenses, Elfanbaum says, the cost drops to about US$13 per user.
What do you think? Would you considering installing PDA Defense? What other measures do you take to keep your handheld data safe? Let us know at edit@zdnet.com.au.
3%
2%
