While I was in the Miami airport recently, a man was running around asking everyone in sight if they had seen his lost PDA. He was obviously in a panicked state, and I can only imagine what type of data must have been on the PDA to cause him such anxiety.
That episode made me consider the fact that PDA security is a critical issue. Although most PDAs offer password protection, passwords alone aren’t always enough. There are too many ways to reset, guess, or crack passwords. Because of this, I recommend that your IT department take a serious look at several Palm and Pocket PC products for encrypting sensitive data stored on company PDAs.
Security vs. speed
Encryption software requires a significant amount of system resources and will usually slow down a PDA a bit. Pocket PCs tend to be less susceptible to this slowdown, however, because they often have faster processors than their Palm counterparts. Before rolling out a PDA encryption product, your IT department should test several different products to determine which offers the best balance of speed and security.
One of the most popular encryption tools for Palm devices is Memo Safe from DeepNet Technologies. A replacement for the Palm MemoPad application, Memo Safe works on Palm OS 2.0 and higher devices. It allows you to save your memos in an encrypted format. Memo Safe version 3.0 is fully backward compatible with MemoPad, has integrated spell check, and allows you to use a separate password for each document. It even contains an automated memo backup feature that guards against corruption.
A single copy of Memo Safe costs $7, and corporate volume discounts are available for purchases of 25 or more licenses. It's important to note, however, that Memo Safe isn’t a full-blown encryption product; it only encrypts memo files. Those who need a little more protection should consider movianCrypt or JAWZDataGator.
Certicom's moviancrypt encrypts and decrypts your data files on the fly using 128-bit encryption. To prevent the encryption software from slowing down your PDA too much, movianCrypt takes advantage of processor idle time to re-encrypt decrypted files.
The software is easy to use; you don’t have to worry about going through a special interface to encrypt and decrypt files. Everything on the device—including applications—is automatically encrypted. All encrypted data is stored and decrypted as it is accessed. The entire process is transparent to the end user.
The downside to movianCrypt is that you can’t just buy a single copy. The minimum number of licenses that you can buy is 25. Also, Certicom won’t even give prices on the Web. Instead, they insist that you fill out a form and wait for a salesperson to call.
JAWZDataGator from JAWZ, Inc. provides completely application-independent encryption for your data while running seamlessly in the background. There are two main versions of JAWZDataGator, one that uses the triple-DES encryption algorithm and one that uses the Blowfish algorithm. JAWZ, Inc. reports that the version that uses Blowfish runs approximately twice as fast as the version that uses triple-DES.
Both the triple-DES and Blowfish versions also come in a standard or professional variety. The standard variety encrypts only Palm Address, DateBook, ToDo, and MemoPad data. The professional variety not only encrypts these Palm applications but also third-party applications. JAWZDataGator is available for Palm OS 3.0, 3.1, and 3.5. The various versions of JAWZDataGator Standard cost around $40, while the JAWZDataGator Professional versions will set you back about $50.
One of the best encryption software packages for Pocket PC is PocketLock from Applian. PocketLock allows you to apply 168-bit encryption to files and folders with the mere click of a button. Of course, not all Pocket PCs can handle 168-bit encryption. Your Pocket PC may be too slow or may not have enough memory to effectively use 168-bit encryption, or your corporate security policy may dictate a specific encryption type. PocketLock allows you to choose from the following encryption types:
- 40-bit RC2
- 40-bit RC4
- 56-bit DES
- 128-bit RC2
- 128-bit RC4
- 112-bit 3DES
- 168-bit 3DES
This list is arranged in order from weakest to strongest encryption algorithm. PocketLock costs $19.95, and a trial version is available.
Another encryption utility for the Pocket PC is Sentry 2020 from SoftWinter. Sentry 2020 allows you to encrypt sensitive data using either CAST-128 or Twofish-256 encryption. Twofish-256 is a stronger type of encryption but requires more system resources than Cast-128 does.
Sentry 2020 works on versions of Windows CE 2.0 and above. Additionally, it allows you to encrypt files stored on removable media. For extra security, your encryption key can be stored in a different location than your files. Sentry 2020 is available for $50 and includes free upgrades for life. You can also download a 15-day free trial version from SoftWinter's Web site.