With the advent and propigation of hand held device, the security of corperate enterprise networks are at risk. Any organization that uses or allows the use of these devices have a new worry and of course the headache that goes with it.
Not only do you have to consider the increase need for physical security, but also the security of your data that may be in these devices.
With all three stages, but especially at stage three, data security should be a major concern. With portability come increased odds that a device will be lost or stolen. The mobile device might contain highly sensitive, proprietary corporate data, such as engineering documents, internal applications, client lists, or even just internal phone lists. If you're at stage one, security is hard to enforce; but even here, you should have a policy of requiring on-device encryption and access controls. Devices typically support at least passwords at power-on. Hewlett-Packard, like some other vendors, has begun putting biometric authentication devices on high-end iPaq units. PDAs now on the market include the capability to automatically encrypt data on the handheld, which should help keep your data out of unfriendly hands.



Policies will be difficult to enforce on devices that you don't own or control. However, if you allow employees to put company data on personally owned devices, at minimum IT has a clear mandate to enforce a clearly communicated security policy.

At stages two and three, security is theoretically easier to enforce since your organization has procured and configured the devices. But typically, PDAs are extremely open to reconfiguration by users who like to install a variety of third-party programs. One option is to deploy a full-fledged mobile system management package, such as Mobile Automation's management suite or XcelleNet's Afaria. This is a rather complex, but centralized way to manage which software and configurations are on each device. It will allow you to do remote inventory and configuration management, such as pushing a new version of a database to PDA users whenever they synchronize.
The need for strong passwords and data encryption, plus some strong physical security awareness are mandantory for anyone using a PDA device that carries propriatary data within it.
The referrence artical came from here: Full Artical