Mobile devices today are far more capable, and capacious, than the analog bricks of decades past. That also creates new security risks, which the feds are asking the public to address in comments due Friday.
"Mobile devices are expected to continue to become more powerful and communicate at higher speeds, eventually giving people the power and functionality of a full desktop," the National Institute of Standards and Technology says in its draft of Guidelines on Cell Phone and PDA Security. "Besides increasing productivity, such improvements are rapidly turning cell phones into extensive data reservoirs capable of holding a broad range of personal and organizational information."
The increasing capabilities of handheld devices create risks that regular consumers--not just corporate customers or government employees--should be watching out for. Prepared for federal agencies but available for anyone to use, the draft guidelines from NIST are open for public comment through Friday.
The draft includes guidelines for both organizations and individuals using cell phones and PDAs. It suggests organizations deploying cell phones address security issues in advance, disable unnecessary services and providing central management and oversight of the devices. Individual users are encouraged to take steps such as using pin numbers or passwords and installing malware prevention software.
The document cites the range of technology now available for handheld devices, including Global Positioning System (GPS) receivers, reduced-sized removable-media card slots, and wireless interfaces. The ubiquitous gadgets that most people are literally attached to the hip to are vulnerable to theft, spam, and eavesdropping, among other problems listed in the guidelines.
"An increasing amount of mobile malware has been reported over the past several years, which raises concerns for the future, particularly when coupled with the recent trend towards establishing a more open system environment for cellular handheld devices," the draft says. It also cites a study that estimated that 85,619 cell phones and 21,460 PDAs were left behind in one Chicago taxi firm's vehicles during a six-month period.
Comments on the draft document can be submitted via email to firstname.lastname@example.org with "Comments SP 800-124" in the subject line.