PDA Security Policies for Businesses

If you're a business or organization that allows its end-users to connect their PDAs to their corporate desktop, you'll want to be sure they follow a minimum subset of policies to safeguard your corporate infrastructure. Basic policies that you may want to enforce could include the following:

· PDAs connected to the corporate infrastructure must be password protected
· While connected to a corporate desktop, the wireless port on PDAs must be disabled
· PDAs connected to the corporate infrastructure must have anti-virus software installed on them
· PDAs must be scanned for viruses prior to connecting to the corporate network
· PDAs cannot connect to the corporate infrastructure using any wireless means unless the traffic is transmitted through a secure remote access VPN
· Storing sensitive corporate information is not allowed unless it is encrypted
· PDAs connected to the corporate infrastructure must have the latest security patches installed on their operating system
· PDAs the contain classified information must have automatic bit wiping software installed on it
· Password enforcement software must be installed on all PDAs that connect the corporate infrastructure

PDA Security Upshot

PDAs and smartphones can increase productivity and businesses and organizations should not discourage their use. However, it is important to ensure that end-users understand the vulnerabilities these devices are susceptible to. Publication on the corporate intranet of PDA security policies, and periodic reminders to read these policies, will provide safeguards that will allow your end-users to make use of PDAs, and at the same time hold them accountable for security lapses. Don't assume that your average end-user understands that their PDA is susceptible to viruses and other exploits. Businesses should articulate clear guidelines for safe usage of PDAs if they allow their usage at all.