... > state of the PDA art means that these devices cannot be > properly secured but have been overruled! > > Am I right?
Half way. The issue is really that all of the consumer grade PDAs on the market (at least that I am aware of) are designed to be very simple and convenient with security much lower on the list of considerations; as a consequence the integrated security tends not to be a deterrent to a determined attacker and third party extensions tend not to be very well integrated with the standard applications. I'm not up on the latest software for any of the handheld platforms but last I checked www.handango.com was a good place to look for such things. > Is ther any way to prevent the PDA > user from making unauthorised changes (e.g. using policies)? I see you come from a Microsoft background. You may be better off distributing small Windows notebooks to users if that's the system you understand best. With relatively few customizations and a good third party encryption package you should be good to go. Why third party? Software that keeps information about encrypted data seperate from Windows' relatively obfuscated data stores makes data a lot easier if the drive goes bad (as so often happens with laptops). FWIW, zsnark