I was sitting drinking with a friend who had just quit his job as a high-powered analyst with a major financial firm in Canada and I asked him what was the best thing about leaving.

"I no longer have a BlackBerry," he said. His two friends who still worked at his former firm nodded their heads sagely in agreement.

There is a limit to how much a human can take in this "always-on" connected world. The BlackBerry has certainly pushed people to the limits, as many of my friends tell me when I subsequently asked them about their use of their BlackBerrys.

"The BlackBerry is both a blessing and a curse, that's for sure," one of them who works in Bermuda said. "Last night at 4 a.m. I found myself responding to an e-mail just because I could. Pretty bad. (However) it's been easy to work from home as I have network access from there and can forward my desk phone to the BlackBerry."

Research in Motion's BlackBerry handheld has become the icon of the new generation of wired professionals. BlackBerry's main claim to fame is it allows people on-the-go to be connected at all times to up to ten e-mail accounts or other data, giving them access to their personal messages, news alerts and financial information.

The BlackBerry also serves as a portable phone and organiser. That power of connectablity is heaven. The downside to being connected is it can interrupt work and take over your time. The key to your sanity, as always, is knowing when to turn off your BlackBerry, in particular its e-mail function.

There is no doubt however that the BlackBerry (or other handhelds) that merge e-mail, the Internet, corporate network access, the phone, wireless connectivity and other business functions will take over as the devices to carry around with you. The price is tumbling rapidly (about $200 online) so the take-up by non-corporate users will begin to rise as they abandon their cellphones.

With the growth of devices like the BlackBerry, connecting to corporate virtual private networks (VPN) has become easier, but also more open to hacking. A VPN is a way to provide remote access to an organisation's network via the Internet. VPNs send data over the public Internet through what are called secure "tunnels".

While the transit of private corporate data over the public private network traffic is done in encrypted form, security analysts are warning that the transfer may not be so private after all.

According to NTA Monitor, a corporate security firm, nine out of ten virtual private networks have exploitable vulnerabilities. The company's findings are disclosed in a white paper it has issued online.

"The tests were mainly carried out for large organisations, including financial institutions that had their own in-house security teams," NTA Monitor says. "The common belief is that VPN systems are invulnerable, when in fact they are frequently the weak link in an otherwise secure system."

The most widespread flaw involved the hacking of user names. Many VPNs give away useful information to someone guessing user names. The survey also found that a text-based password could be broken in 16 minutes, while a password containing a mixture of words and letters took two days.

"A six character password using letters from A-Z, which has a possible 309 million combinations, can be cracked by brute force in 16 minutes," the company warns. "A six character password using letters and numbers, with a possible 57 billion combinations, can be cracked in two days."

The study also found the majority of VPN vendors still allow their implementations to leak information about valid usernames and do not lock out accounts after a number of failed attempts.

To help out harassed IT workers NTA Monitor has released a free tool enabling network administrators to scan and identify VPN servers within their networks and to identify VPN servers that have known flaws.

The Ike-Scan tool is available along with the white paper at (www.nta-monitor.com).

While we are on the topic of BlackBerrys I should point out to corporate users the issue of protecting corporate communications.

Another issue for BlackBerry users to watch is the privacy of their e-mails.

In a lawsuit filed in Toronto recently, the Canadian Imperial Bank of Commerce (CIBC) submitted a raft of BlackBerry e-mails and messages as evidence that several former executives took confidential information from the company and tried to recruit others while they were still employees at the bank.

The lawsuit was filed against Genuity Capital Markets, an investment management firm started by six former employees of CIBC. The messages submitted as evidence include "PIN messages", previously thought to be more private than e-mails.

A personal identification number (PIN) uniquely identifies each BlackBerry handheld on the network. If you know another person's handheld PIN, you can send a PIN message directly to that person's BlackBerry, without being routed via a BlackBerry Enterprise Server at the company.

BlackBerry owners use the PIN system to exchange private and sensitive information with one another and previously operated under the illusion that these were protected from prying eyes at corporate headquarters.

As the CIBC case outlines, that confidence is no longer justified.

Supposedly PIN messages cannot be logged and archived like any other e-mail messages. Apparently CIBC found a way to access the messages and it is not revealing how it did so. Weirdly, one of the former CIBC employees was a technology worker and should have known better.

The disclosures have caused an earthquake among BlackBerry users. The reality is, virtually every message sent and received through a company-issued BlackBerry is retrievable, according to reports.

Unless the device is disconnected from the company's server ? and changed, for example, to a personal e-mail account offered through a private Internet service provider ? every message is likely stored in a corporate computer. CIBC isn't saying how it got access to the BlackBerry messages. So the word on the street is: Be careful how you use your BlackBerry and use digital certificates.