The danger of PDAs

[Free CISSP Exam Study Guide] Get expert advice that will help you pass the CISSP exam: sample questions, summaries of all 8 CISSP domains and more!

PDAs (personal digital assistants), pocket-sized diaries that are becoming increasingly more powerful, can represent a serious threat to corporate security.

As PDAs become smaller and their capabilities increase, these devices are becoming more popular in corporate environments, especially among managerial staff. This, combined with the ease with which data can be transmitted from a computer to these devices, means that the amount of sensitive information stored on them has also increased significantly. And as PDAs are now smaller than ever, the risk of them (and therefore critical data) being lost or stolen is now greater than ever.

Sometimes the information they store may not be very important, as they could just contain a few games or the like, but in most cases, the information stored is highly sensitive. PDAs are often used to store credit card numbers, computer passwords, mail account data and even confidential financial or commercial information. For this reason, a PDA in the hands of a malicious user could become a key to the corporate network.

Another important factor is the use of PDAs by malicious users as attack tools. As the PDA can be converted into just another computer with network access, an attacker could add the software needed to carry out attacks and at the same time, would also have the space needed to save the information obtained. An attacker could then access a whole network in a matter of minutes and obtain vast amounts of data without anyone realizing.