Forrester Research report on “Defining a Mobile Enterprise Policy” – worth a read if you are looking at adopting mobile devices into your enterprise. With mobility becoming more significant to the enterprise with every day we are likely to see an influx in the risks associated with disconnecting our data. The more information (such as traditional data like email, contacts, calendar and increasingly vertical specific data like trend information, buying patterns etc) that is held on a device, the more risk is associated with the device falling into the wrong hands.
Where laptops and tablet PCs were always a risk in the past, mobile devices are much smaller, easier to mis-place or have stolen as they can easily slip undetected into a pocket or handbag. Strong IT governance is required such that employees know their responsibilities and know what to do if a device is misplaced. In the same way you would cancel a credit card as soon as you know it’s missing, you should be able to immediately cancel your mobile device (eg remote wipe or secure lock the device) so that the information can’t be accessed by unauthorized parties.
Lastly a personal comment regarding information that is stored on a mobile device. Too often have I heard the story “My device died and I lost XYZ because it was only on my device.” In my opinion this is YOUR fault, that’s right, I’ll say it again, it’s YOUR fault – if you don’t backup your data then if the device fails, is lost or stolen, then it is YOUR fault. What’s my solution – well I have a rule that I don’t store anything on my device that isn’t readily available as either a download (eg apps such as Google Maps), on my exchange server (so I can easily configure a new device and be up and running in less than 5 minutes!) or sync’d to my laptop or desktop PC. There are some exceptions to this rule – such as the odds and ends I have on my mini-SD card, but I know there is an acceptable risk associated with this and there is nothing on there that will stop continuity of business (well in my case continuity of life as my mobile is pretty much a personal use only device).