Whitepaper Goals And Intended Audience; Security For Your Motion Tablet Pc; Thinking About Security - Motion Computing LE1600 White Paper

Whitepaper Goals and Intended Audience

This paper will introduce basic concepts of security and different areas of vulnerability. It will then
highlight the features of the Motion Tablet PC and discuss how those features can be used to
provide a more secure computing environment. This paper is meant to be an overview only of
the LE1600 security features for Motion customers or prospective customers. It is not meant to
be a guide for implementing these features or for designing a corporate security policy.

Security for your Motion Tablet PC

Motion Computing has strongly embraced the need for enhanced platform-based security for its
Tablet PCs. The result of that commitment has been to provide safe and effective computing
environment out-of-the-box that enables strong security protection. That base level offering will
serve as the foundation for complementary add-on security technologies that will allow you to
maximize your security protection.
The Motion Computing security architecture is structured on integrating various hardware security
technologies and software security applications to deliver customizable, uncompromising
protection, and performance. This architecture is designed to provide an extensible security
framework that enables a wide array of security features. The multi-layered approach addresses
vulnerabilities in four protection classes labeled access control, application and data protection,
platform protection, and network protection.
Ultimately it is the organization or the end users decision as to how much protection is needed.
For some, security policies may identify data as the most important asset. They may choose to
enable existing and add-on security technologies that will provide the highest level of protection
for their data. For other users, the tablet pc may be the most important asset and they can
choose to enable existing and add-on theft protection technologies to harden their platform.

Thinking about Security

When developing a security strategy, it is important to do it top down. Good security practices
require risk assessment, policy development, technology deployment, and follow-up reports and
audits. The security technology and implemented policies will define the level of security
achieved by a platform or organization.
Risk assessment is important for identifying areas of vulnerability and priorities. From this
knowledge, security policies can be developed. Developing security policies involves a thorough
analysis to reveal vulnerabilities and their potential harm and to identify possible control
mechanisms and their associated costs. Once completed, a cost-benefit analysis should be
performed to determine what controls and expenditures are appropriate for the given
vulnerabilities. The result is a security plan and policies that describe what the security system
will do. The next phase is to implement the policy along with the technology. It is also necessary
to provide the end users with training to make sure they understand the security policies and how
to use the technologies being implemented. Once the technologies and policies are
implemented, it is important to do periodic audits to make sure the vulnerabilities have been
addressed and any new ones are identified.
The security system assurance process will provide information describing how well the security
system meets the security policies requirements. This provides a feedback mechanism back to
Customer Whitepaper: Motion Tablet PC Security Basics, Rev A03 Page 2