Options to Secure ArcPad Data
There are four distinct areas of security that may be applicable to your ArcPad Project. You can each of these on their own or combinations of each, or all. You can:
- Password protect and encrypt the AXF data file used in ArcPad
- Encrypt memory cards on your mobile device
- Secure your ArcGIS Server environment with users and groups to limit who can publish ArcPad data (only applicable when synchronizing data to ArcGIS Server is required)
- Secure your internet connection used for synchronizing ArcPad data (only applicable when synchronizing data to ArcGIS Server is required)
Password protect and encrypt the AXF data file used in ArcPad
The quickest and easiest way to secure your data is to password protect and encrypt the AXF data file used in ArcPad. An ArcPad AXF file is a Microsoft SQL Server Compact Edition relational database that can be created using ArcPad Data Manager for ArcGIS.
There are four methods of configuring an AXF file using ArcPad Data Manager for ArcGIS, the first three are tools that appear in the ArcPad Data Manager toolbar in ArcMap and the fourth is an ArcToolbox tool. The four methods are:
- Get Data for ArcPad Tool in ArcMap
- Configure Project for Geoprocessing Tool in ArcMap
- Author Project for ArcGIS Server Tool in ArcMap
- ArcPad Check Out Tool in ArcToolbox
If you do chose to encrypt and password protect the AXF file, when you attempt to open the file in ArcPad you will be prompted for the password before the data is displayed. Simply put, the AXF file can be distributed as required, but only a person who knows the password can access it.
Encrypt memory cards on your mobile device
Windows Mobile 6.0/6.1 provides a way to encrypt storage cards. You may encrypt memory cards used on your mobile devices in order to mitigate the threat that a storage card with sensitive data is stolen out of a device. For more information on how to prevent data loss on encrypted storage cards that are used in Windows Mobile devices, refer to this article from Microsoft.
Secure your ArcGIS Server environment
Local connections to ArcGIS server are handled through operating system users and groups. Two groups, agsadmin and agsusers, are created by the ArcGIS server installation process. You need to add to these groups any user that will make local connections to the ArcGIS server. These users will be able to publish an ArcPad project to the ArcGIS Server.
Please note that users that do not have the right to publish will still be able to use (either to download or synchronize) published ArcPad projects. In order to restrict who can download and subsequently synchronize your ArcPad project, refer to “Secure your internet connection” topic.
In ArcGIS Server you can also configure internet connections (web services) through the Manager application. ArcPad publications made to an ArcGIS server which has security enabled will not display in the ‘Get Data from Server’ dialog in ArcPad.
If your ArcGIS Server environment has a firewall, it is recommended that you use a reverse proxy web server to receive incoming http requests. The ArcPad Project publication wizard (in ArcCatalog) offers you an option to enter the name of your reverse proxy Web server. For more information on ArcGIS Server security including the use of a reverse proxy web server please refer toImplement Security for ArcGIS Server
Secure your internet connection
When you publish an ArcPad Project, Web access is automatically enabled. This means that others can browse for the project from ArcPad (assuming they have a network connection), by entering the url of the GIS Server upon which the project is published.
To restrict who can download and subsequently synchronize your ArcPad project, you will need to configure security options on your web server.
For more information on ISS security refer toSecurity Guidance for IIS