Losing your PDA is bad enough, given the expense and inconvenience of replacing the hardware, but lost data can pose an even greater problem. When you lose your handheld, you lose all of the data you've entered since your least synchronization. Even worse, all the sensitive data on your handheld is exposed. Whoever finds your handheld can read the data, copy it, even publicize it unless you take steps to protect it from prying eyes.

Do you keep personal email, transaction records, or private files on your handheld? Would you want others to have access to that information? The good news is that with a small amount of effort, there are steps you can take to protect your sensitive data.

Be sure to HotSync your handheld before you start, as in all cases where you may be changing settings on your device or adding additional software. Because the purpose of security is to keep people out of your data (including you if you forget the password) one small mistake can leave a hard reset (and loss of any data you have not backed up) as your only way out.

Note: The Palm m100 does not use the Palm Security application, it uses TealLock from TealPoint.

The Palm OS® includes a built-in security function that can be used to password protect individual entries and block general access to your handheld.

Locking Individual Records

In the first instance, you can mark records in applications such as the Memo Pad, Address Book, and Date Book as Private and then set the device to not display those entries without first entering a correct password. Activating this feature is quite straightforward as is described below.

Step 1: Tap the icon marked 'Security' on the main application launcher screen.	Step 2: Tap 'Hide'.	Step 3: Confirm your choice to hide private records by tapping 'OK'.

This is the most basic level of security. It only protects certain information, and with a little PDA knowledge it is not that difficult to circumvent. Because this functionality still allows the device to be turned on and HotSync'd, someone who finds your device and wants to see the hidden records need do no more than install a simple application like No Security to bypass the necessary password.

This method of security has another drawback as well. The password encoding is weak and easily reversible. The encoded block of data that contains the password is sent to the desktop during HotSync and can be intercepted. It is also stored in the Unsaved Preferences database and can be retrieved by any Palm application.

Once the encoded block containing the password is retrieved, decrypting it is a simple matter of running a tool widely available from the Internet. [No, I won't tell you where to get the tools. I don't want to encourage mischief.]

Locking Your Handheld

The second component of the Palm OS® security is the ability to 'lock' the device. Once activated, this causes a security screen to be displayed the next time the device is turned on, requiring the user to enter the correct password before proceeding to the application screen (or whatever screen was last displayed before the device was locked).

Locking the device is accomplished from the same security screen seen previously by simply tapping the Turn Off & Lock Device button.

As you can see in Step 3, one additional benefit of the security screen is that is also displays the contents of the Owner field in the device Preferences, so a person finding the device will see the information as soon as they press the power button.

The most important distinction between this level of security and simply password protecting individual records, is that locking the device prevents any activity on the device without first entering the password, including HotSyncing, so there is no opportunity to install applications which bypass the security function. The only way to circumvent the locking mechanism is to hard reset the device which deletes all the information on the handheld, including the records you do not want others to see.

Unfortunately, despite the added protection locking your device provides, most users find the process of going to the main application screen, tapping security and then tapping the lock button too time consuming--meaning they quickly lose interest in doing it. However, there is a quick and easy way to streamline the process by reassigning the Power Stroke (the motion of moving the stylus from the bottom-middle of the screen to the top-middle). The default setting for the Power Stroke is to show the Graffiti alphabet, but you can also set it to turn off and lock the device by following the steps below.

Step 1: Tap the icon marked 'Prefs' on the main application launcher screen.	Step 2: Tap the drop-down box in the upper right-hand corner and select 'Buttons' from the list of options.	Step 3: Tap the button marked 'Pen..' at the bottom of the screen.

Step 4: On the screen that appears, tap the drop-down arrow next to the words 'Grafitti Help'.	Step 5: From the drop-down list, select 'Turn Off & Lock'.	Step 6: Ensure that the new setting appears next to the drop-down arrow and tap 'OK' when finished.

If you want to enhance the security of your PDA, there are a number of third-party applications available that provide additional functionality not provided by Palm. Most of these programs automatically lock of your device whenever it is turned off (eliminating the inconvenience of always having to remember to do it yourself) and many combine password protection with encryption to give your data maximum protection. Just a few of the more popular applications include:

OnlyMe - One of the simplest third-party applications, OnlyMe ensures that your device is locked whenever you turn it off (or it turns itself off when not in use). It works in a similar fashion to the Palm OS® security in that once activated, whenever the device is turned on a password must be entered. It differs however in that the password uses a six-button keypad (passwords can be from 1 to 12 digits) rather than text entry.

TealLock - Another program that ensures your PDA is locked each time it is turned off is TealLock. This application has a few more features than OnlyMe and supports alphanumeric passwords, but the core functionality is similar.

DataGator - For the more security conscious, DataGator encrypts the contents of selected databases using 168-bit or 448-bit encryption. This ensures that even if your device falls into the hands of a sophisticated individual with the means to extract the data from your device, the encrypted data is unreadable without hacking the encryption key (which is virtually impossible).

PDABomb - Like DataGator, PDABomb provides advanced security through the use of encryption. It also has a unique feature that completely wipes the contents of your PDA (hence the name PDABomb) in the event an individual attempts to bypass the security by repeatedly entering random passwords or if more than a preset amount of time passes between HotSyncs.

While security applications can't ease the angst you will feel if you lose your PDA, they can make sure that critical data does not fall into the wrong hands. Of course, PDA security is only one component of an overall security strategy. After all, the same data that is on your PDA is also on your desktop, so be sure to evaluate the methods for protecting your PC too.