Basic Security Safeguards for Pocket PC

Imagine for a moment that you are in Las Vegas and you accidentally leave your Pocket PC in the back of a cab. What would become of the device and the data that it contains? Being that there are countless taxicabs in Las Vegas, your odds of ever finding the cab that you just got out of again are pretty slim.

You are now at the mercy of the person who finds your Pocket PC. There are a few things that you can do to tip the odds in your favor though, including dozens of third party security products that you can use to lock down your Pocket PC.

Even if you don’t have the budget or can’t spare the memory for third party software though, there are still several things that you can do to help secure your data and maybe even recover your lost device.


Passwords are your device’s number one line of defense. Unless your device is password protected — at the least — a person who finds the device can do absolutely anything with it.

For a long time, Pocket PCs have supported a numeric PIN, similar to those used for ATM machines. On newer Pocket PCs though, you have the option of using a stronger, alphanumeric password. So if your device supports alphanumeric passwords, we highly recommend using them.

Most of the Pocket PCs that do offer alphanumeric password protection will also allow you to enter a password hint. The hint is designed to help you remember your password should you forget it. Just be sure that your hint doesn’t give the password away.

For example, My Wife’s Name is a terrible hint. If someone found or stole your Pocket PC and saw this type of password hint, they could just start trying random girls names until they figure out the password.

A better hint might be your boat’s name (assuming that you own a boat), because boat names tend to be very unique and imaginative.

Memory Cards
The second most important thing that you can do to secure your Pocket PC is to use removable memory cards for data storage. For example, my Pocket PC accepts Secure Digital (SD) memory. The idea behind using a removable card is that you can save all of your data onto the device.

When you are done using the data, remove the card from the device and put it some place safe. The concept is that if your Pocket PC is lost or stolen, then there is no data on the device. All of the information is stored safely on a memory card that is still in your possession.

Most Pocket PCs take either SD or CompactFlash cards or both. MultiMediaCards
fit in SD card slots but are less secure and not as capacious, while newer half-sized
miniSD type cards can be found in some newer Microsoft-based handhelds—usually along
with another removable memory card format.

You must exercise caution though, as memory cards can work for or against you when it comes to security. Imagine — for a moment — that you have taken my advice and protected your Pocket PC with a strong password and all of your data is stored on a removable memory card.

There’s just one problem though. One day you are feeling a little lazy or you are a little rushed, so you forget to take the memory card out of the device.

Guess what happens now? On that particular day your Pocket PC is stolen. It’s not a huge deal though because you’ve got a strong password, right?

This is where the removable memory chip becomes a double-edged sword. The person who has stolen your Pocket PC doesn’t even need to know your password to get to your data. He can simply remove the memory card and place it into a card reader or into another Pocket PC and gain full access to your data.

Of course, you can always protect yourself against this type of exploit by buying encryption software for your Pocket PC.

Don’t Store Passwords
One of the best things about a Pocket PC is that you can connect it to a corporate VPN (Virtual Private Network) and check your e-mail or access your files. It never fails to amaze me how many people tell Windows to remember their passwords, though.

Configuring Windows Mobile to remember passwords (other than the password to protect the handheld itself) is an extremely dangerous thing to do on a mobile device. If the device is lost or stolen, then anyone who happens to figure out your device’s main password would be able to use any additional connections that are set up through the device without having to provide any additional credentials.

This means that if someone managed to get past your device’s main password, and you had the password for your corporate VPN stored in the device, then the person who stole your device now has access to your corporate network. They can access your files and E-mail and can even send messages as you!

Owner Information
Some Pocket PC devices allow you to enter contact information for the device’s owner. There are two schools of thought on this one.

On one hand, if you enter your contact information, then there is always the chance that some Good Samaritan will find the device and return it to you.

On the other hand, if some unscrupulous individual finds the device, they now have your home address and phone number. They could call your house to verify that you are not home and then break in. The thief’s job is even easier if you happen to keep your travel schedule in the Outlook calendar.

Personally, I keep my contact information in my Pocket PC, but that’s just my individual choice. You should do what feels right to you.

Some Pocket PCs, such as the one that I use, have an integrated cell phone. Such models typically also include a GPS (Global Positioning System) chip (see Preview: iPAQ hw6515 – HP’s Smart New Smartphone Entry as an example). By default, the GPS transmitter is turned off.

iPAQ Phone

However, if you switch the GPS transmitter on, then the device will occasionally transmit its position to your cell service provider. Sure, enabling this feature will burn a little bit of battery power, but on the flip side, you can actually call the phone company and find out where your device is.

Although there are a lot of third party security utilities for the Pocket PC, there are also measures you can take secure your device without the aide of add-on software. Take the basic steps outlined in this article and be more secure should your handheld become lost or stolen.

Adapted from

Do you have a comment or question about this article or other small business topics in general? Speak out in the Forums. Join the discussion today!

Small Business Computing Staff
Small Business Computing Staff
Small Business Computing addresses the technology needs of small businesses, which are defined as businesses with fewer than 500 employees and/or less than $7 million in annual sales.

Must Read

Get the Free Newsletter!

Subscribe to Daily Tech Insider for top news, trends, and analysis.