Mohammad Al-Ubaydli’s blog

Making your Handheld Secure

Posted in Articles, My publications, Technology by Dr Mohammad Al-Ubaydli on July 25, 2003
“The only real security that a man will have in this world is a reserve of knowledge, experience, and ability.”
Henry Ford (1863 – 1947)
The male changing room in the surgical theatre of my clinical school has a security camera. I know this because my Palm Pilot was stolen from me during my time as a clinical student, and the camera spotted the thief. When the police returned my machine, I found that all my data was lost. The data loss was planned, because I had installed security software.
There are several levels at which you can make your data safe on your handheld. The main point, however, is that the existing software that comes with your machine does not provide any reliable security. Furthermore when you connect your handheld computer to your personal computer, the data is copied to there as well, so you must secure both machines.
To start with, you can password-protect your handheld computer. For Palm-compatible machines, TealLock provides excellent security, and the equivalent on Pocket PC machines is SafeGuard PDA. Both can lock the machine after a specific period (15 minutes is a ward round-friendly duration) and can be unlocked quickly by the correct user (the keypad is thumbfriendly).
The next layer of protection is to secure particular data of your handheld. For example eWallet requires a password before granting access to my credit cards details, while
HanDBase allows password-protection of my clinical databases. Both are available for the Palm and Pocket PC, and both encrypt the data.
In the long run, however, security of data might be improved by wireless networks. These would allow the sensitive data to be stored on a central computer, which would only be
accessed through password-protected machines within range. Once outside this range (for example when a clinician takes their handheld home) the data would no longer be on the
handheld computer.
An alternative aspect to security is protection from viruses. At the moment, there are few viruses that target handheld computers, and most of them enter the machines when they
connect to personal computers. That’s why most anti-viral packages, such as those by Norton and McAfee, monitor the connection for malicious code. But there is still the risk of viruses when two handheld computers connect to each other through their infra-red beams. Software is already available that monitors this route, at considerable expense.
But perhaps the most important defense against such dangers may well be education. Kevin Mitnick, one of the world’s most notorious hackers, was able to access so much “secure” computer data because he manipulated the humans who were using the computers. They routinely gave him their passwords.
Such education begins with risk analysis. The team involved in deploying the handhelds should consider the gaps in security; take reasonable steps to plug the gaps; and most
importantly, educate the end users about the gaps. The NHS Information Authority provides a rather useful toolkit for going through these steps, as part of compliance with British Standard 7799. This is available on request from the NHSIA’s Security Risk Manager, Tom Lillywhite. Good security must include good habits, such as holding onto your machine rather than leaving it in the surgical theatre changing rooms.
published in British Medical Informatics Today Summer 2003 issue

How to become a publisher – part 3

Posted in Articles, My publications, Technology by Dr Mohammad Al-Ubaydli on July 23, 2003

In the third article in our series on how to publish your own book, Mohammad Al-Ubaydli outlines the publishing process, including the all important ISBN.

The international standard book numbering (ISBN) system has helped book buyers around the world to get hold of books from sellers and publishers.


Getting an ISBN for your book takes a little effort and a little money, but most of all it takes time for all the paperwork to be processed. So it is one of those jobs that you should do as soon as you’re able to.

Start by visiting the ISBN agency’s excellent website ( and register through their standard service. The fee is £60 ($94; 87) +VAT, and it gets you 10 ISBN numbers. You can then apply these to any 10 books that you publish. If you publish more, you can buy more numbers in blocks of 100 or more (depending on how ambitious you feel), but you cannot buy individual numbers. The only remaining cost is for posting the completed form for every book.

This is extremely supportive pricing. At these prices, what do you have to lose? As a way of encouragement, think of Hermann Hauser, the Austrian born entrepreneur. He moved to the United Kingdom and founded a string of companies, including Acorn Computers. Legend has it that he founded so many companies because it cost less than £100 to register with Companies House (

Judging a book by its cover

Your book’s cover is very important, and everyone from the bookstore manager to the final reader will base a large part of their buying decisions on how much they like the cover.

So get a good cover. If you have artistically talented friends, ask for their help. Look at other books for inspiration on good cover design. And think seriously about getting a professional to design the cover (

According to industry humour, if you do not think that a book should be judged by its cover, then you have not met the buyer from Barnes and Noble, America’s largest bookseller. This is a little unfair, but only because the company is not the only one that has this practice.


A good printer is like a good plumber. This is because the costs and results can vary considerably, as well as the reliability of the person you are dealing with.

Finding a printer

A good starting point is the London Book Fair, where many printers display their goods. Alternatively, searching on the web or asking colleagues at universities should get you some phone numbers. No matter how you find them, printers will always send you free sample copies to show the quality of their work. Take advantage of these and compare what is on offer. Expect to spend at least £1000.

Print runs

For your first book, short run printing is probably the best way to go. The printing costs quite a bit more per copy, but you can print a small number of copies. Traditional printers usually require that you print over a thousand copies, and the total bill can make your venture into a gamble. What would you do if you were left with 950 unsold copies?

Using the right jargon

Talking to a printer requires practice, and it is possible that you will be taken advantage of if you seem naive to the business. So it is worth while getting a book that you like and talking about it to a printer that you don’t like. Ask them how to make an exact copy of the book, and note down what words they use to describe it. This is the language you will need to regurgitate as you talk to the next printer.

Other prerequisites

There are three other things that you should make sure your printer is able to do. Firstly, they must accept electronic copies of the book. In other words, they must be able to work from a word processing file that you email them, rather than demanding that you print out the book and mail it. This is one of the key advantages of using a computer to write the book, and if your printer cannot continue the process then you should not trust their professionalism.

Secondly, make sure that they can generate and print the ISBN and bar code on to the back of your book cover. No bookseller will agree to stock your book otherwise, and few readers will take it seriously.

Finally, ask for the copies to be shrink wrapped. It will cost a little extra, but it adds professionalism to your efforts, and ensures the book arrives in good condition on your readers’ desks.

You are now ready to sell your book.

Published in the 26th of July 2003 issue of the British Medical Journal