Designing an Enterprise Handheld Security Policy - Part I

In this guide we've spent many pages discussing vulnerabilities and weaknesses in handheld devices and accompanying software. Now it's time to provide you with some much needed help. Most enterprise security policies do not include specific provisions for handheld devices such as personal digital assistants (PDAs) and Smartphones. Unlike legacy platforms, the threats to these powerful new devices are new and relatively uncharted. Worse, these tiny, embedded operating systems currently have little or no native security.

Note that if you are planning to roll out PDAs across the enterprise, you will first need to invest in 3rd party management software. 95% of the large customers that we deal with use Intellisync. SOTI has a new program out as well (Mobicontrol), but they have not yet returned any of our requests for evaluation. Still, we respect their programming skills and we recommend you check them out.

We will begin with a general background, and will then provide you with the skeleton of a sample template for your organization.