We downloaded movianCrypt onto a Windows 2000 Professional system and installed the software in a matter of minutes. The Windows installer created a directory to store the movianCrypt application files and invoked the Palm application installer to place the application on our handheld the next time we HotSynced the handheld and the PC.
Once installed on our Palm device, protecting data was a snap. We simply enabled movianCrypt, created a password, and generated some random data (by scribbling the stylus in a designated area of the screen) to create an encryption key. When enough random data had been supplied, the software thoughtfully alerted us.
After it is enabled, movianCrypt replaces the standard Palm OS Security application. As with the Palm OS Security application, users can gain additional privacy by masking the names of records with the label "private." In addition, movianCrypt supports the Palm feature that allows users to display owner information. In the event that your device is lost, another person can click on the Owner Info button and view the information. Hopefully they will contact you to return the device.
Using idle CPU time to encrypt data after a file is closed, movianCrypt doesn't interfere with the user's workflow. The software requires 98KB of disk storage and 8KB of dynamic memory when running. As an added precaution, movianCrypt doesn't store a user's password on the device, so the password can't be compromised if the device is lost or stolen.
Currently movianCrypt supports only the Palm OS, but Certicom plans to release a version later this year that will support Windows CE.
Companies are struggling to find ways to protect the increasing amount of sensitive information finding its way onto handheld devices. In many cases, the organization restricts users from storing company data on their handhelds. These restrictions are not only difficult to enforce but can also render workers less productive. Certicom's movianCrypt can help companies keep Palm handheld users productive without putting corporate information at risk.