Handheld devices are becoming an indispensable part of everyday life. In this paper, we review the security of handheld devices, which are based on the Pocket PC operating system. We then identify the risks and threats of having these handheld devices connected to the Internet, and propose several methods to protect against the threats. We point out some advantages and security threats of porting server applications to handheld devices. We also consider the newest technology in mobile applications using the Microsoft's NET framework and provide the security risk analysis for it. We conclude the paper with an open problem.