Data Storage Security for Handhelds

Use

The mobile client data stored in your handheld can contain company confidential information, and this information needs to be protected against misuse. You have to protect your handheld against theft, unauthorized access and viruses. The following guidelines help secure the data in your handheld:

Safeguard against theft of device

This is the first level of security that you can provide to your handheld.
Activate password protection and encryption on your handheld

Recommendation

We recommend that you use the security features that come along with handhelds. The handheld vendor provides password protection and encryption software. If not, you can use third-party encryption software for your device security.

Note

When data on a handheld is encrypted, any access to the data involves decrypting the data and encrypting it again when it is changed. So, the use of encryption results in a loss of performance.
Store data in a removable memory device

You can store the client-related information in a separate memory card, and safeguard the memory card. In this case, theft of your handheld does not compromise the data on memory card (provided the memory card is not in the handheld when the device is stolen). For further protection, you can encrypt the data on the memory device.
Install and run anti-virus software on your handheld

You must install and run trusted anti-virus software on your handheld. The virus definitions on the handheld must be handled regularly.
Run the client on insecure mode

To enable the encryption of the local DB password, the com.sap.tc.mobile.cfs.security.advancedCfsSecurity parameter is set to true by default.

However, while debugging an application you would need to have access to the local DB password. In this case, you need to set this parameter to false. On synchronization, the local DB password is changed to the initial DB password that would have been provided during installation of the client. You can access the contents of the database when the client is run in the insecure mode.

To ensure that the contents of your database are secure, you would need to switch back to the secure mode by changing the parameter to true.
Logoff the client

You must logoff the client by choosing Logout on the homepage. Closing the client window allows the client to continue to run in the background and does not logoff the client.