In early days, security concerns around computer hardware and the data on these systems were mainly taken care of by ensuring good physical security around them. Lock these systems in a room with restricted access and the systems and data was mostly secure. Options to steal the data were mostly around breaking into the area physically, which is quite difficult. Things had to change and it changed. Networking was changing the way we used to look at computers and was making the data available even though it was kept somewhere on a remote system. This was a major leap in computer science, but was also changing the security scenario of computers. Admins started getting less bothered about physical security and were more concerned in safeguarding data from being stolen though the interconnectivity of these systems. There was a big paradigm shift from physical to network security. History is almost repeating itself again, thought this time making it even tougher. Physical security is gaining importance again, without making network security any less of a concern.

As devices grow smaller and other devices not really seen as “traditional computers” like mobiles and others storage capable devices become more popular, the physical security of such devices become important again. Mobile phones these days can easily store 2-8 GBs of data or more. This could include business critical emails, identity, credit card information or family pictures. As these devices are small, they can easily be lost, stolen and pilfered. Most of these devices run sophisticated enough operating systems, often with wireless capabilities and Bluetooth as well, making other application and network issues applicable to them as well. Not only such handheld devices, even traditional equipments are more vulnerable to physical security these days as most of the concentration is on securing the systems from network or application attacks.

We cannot easily go back to the early day of strong physically secure locker rooms with handheld devices! Good user education and software related protections have to be applied for making data less likely for getting into the wrong hands. These devices may even need to be running tracking systems in addition to data protection to safeguard the device itself as well as the data.

- Tracking systems that can provide the location of the device such as GPS or tracking through mobile service provider may need to be inmplemented for any mobile device carrying sensitive data.
- Only required data should be kept on these devices. Always keep moving the important but less used data onto a more secure system. Back it up!!
- The data should always be kept locked with strong passwords.
- Most critical and important data should even be kept encrypted.
- Have data theft prevention software that performs data wiping - “eradicate it before it falls in enemy hands”. Software that can wipe the data on the basis of some event that gets triggered when the hardware is in wrong hands.
- Unless required, keep all kind of connectivity like wifi and Bluetooth turned off on such handhelds.

Data that can roam with us in our pockets is less physically secure, but good user education and software can at least keep it from getting misused, if not able to prevent it from getting lost.