T 4.52 Loss of data when using a portable device

Portable end devices as well as portable data media are subject to considerably more risks that could lead to a loss of data than stationary devices. A loss of data can result from the theft or the loss of the device, but also from technical problems or simply a power cut.

Portable data media and devices are often stolen as well since they can be used universally, but also sometimes specifically to gain access to internal information. One of the most common causes of lost data when using portable data media is the loss of the data medium itself. Surveys have shown that every other person surveyed has misplaced, forgotten, or lost a USB stick, a memory card, or some other type of portable data medium. Sensitive data can fall into the wrong hands in this case when the data media are not completely encrypted.

Due to their portability, portable IT systems are not always online. For this reason, the data stored on them is not always up-to-date. This affects calendar entries as well as general information, but can also affect security under certain circumstances. It is also impossible to obtain information on recent security problems, update the virus scanner, etc., when the system is not connected to the organisation's IT systems and information sources.

Examples:

• A brand-new PDA falls out of someone's shirt pocket and breaks into pieces on the floor tiles, or a dog retrieves a hand-held device instead of the newspaper, unfortunately with the corresponding consequences. Damage during transportation in particular often results in a loss of data and device or component failures. Dust, dirt, moisture, and impacts, in short "improper handling", cause many total losses of data on portable end devices.
• The data temporarily may not be available because the battery is empty since someone forgot to recharge it. However, some data may be lost completely if the backup battery is also empty, causing the loss of all unsynchronised data.
• Data can also be lost when portable data media and devices are synchronised with other IT systems. In general, settings must be specified prior to synchronisation to define how to handle any conflicts arising during synchronisation of the data: For example, if files with the same name are found during synchronisation, it must be specified if the files should be copied from the portable end device to the stationary end device (or vice-versa) without prompting, or if a prompt should appear. This setting is often configured once when the docking station is used for the first time and is then forgotten over time. However, when data is then changed on a different end device than was originally intended, important data can be lost very quickly. This can also be an unpleasant side effect when, for example, several users synchronise their PDAs with the same end device without considering the fact that files with the same name may be overwritten in this case.