Security surrounding PDAs and other “smart-phones” is a complicated issue. I for one own an iPhone (but hopefully for not much longer)! I know… I know! Here comes the classic iPhone / Blackberry debate. It’s been a hotly contested acquisition! IT would prefer I use a Blackberry. They feel they have more control over the device and in many respects they do… BUT they don’t want to pay my expenses and I’d much rather a richer Internet experience. Fortunately for me many senior VPs in the organization wanted an iPhone as well.

Why give all the background?

Because sometimes technology is driven by the business and thus needs to be supported by IT. We need to find the best way to make these devices secure even tough they may not have all the security bells and whistles IT is looking for.

These devices have allowed us to spend a little less time in the office and a little more time doing the things we want… But there is a cost. Sometimes in the course of using information we have to deal with data that is sensitive… whether it is of a military nature or mere intellectual property concerns! The reality is these devices are now capable of holding a lot more information. In fact some of these device now offer the ability to extend its capabilities though the use of SD cards! So how do we protect the company and the data we all work so hard to create? Corporate policy! We need to have clear guidelines as to what data we will allow on any device… that includes USB thumb drives!

Most of us use these so-called smart-phones as glorified email and calendaring clients. Both Blackberry and the iPhone offer differing levels of security over these devices… Both offerings allow for remote wipe! Blackberry does this though the use of its proprietary server product… the iPhone relies on its implementation of Microsoft’s ActiveSync. Certainly RIM’s offering is a lot more feature rich… but one needs to keep in mind the type of data we are protecting.