Assuming that users won’t bother with passwords unless they have to, some IS departments set up systems so that passwords must be changed at specific intervals or network passwords cannot be saved on the machine—never mind the service calls. Some places combine these procedures with physical spot checks for password cheat sheets taped to computers.

The only way to truly keep data safe is with a sturdy encryption program, although many companies don’t see the need for such a strict system. According to Ken Dulaney, the San Jose, Calif.-based vice president of mobile computing at Gartner, "You’d better be dealing in nuclear secrets" before implementing companywide encryption. He says that even on-the-fly encryption programs—which automatically decrypt and encrypt documents as users open and close them—slow users down and are often seen as too intrusive.

The Prudential Insurance Co. of America, based in Newark, N.J., however, decided to install encryption software on each of the 13,000 laptops that have been issued to its agents and field support staff during the past three years. Meanwhile, when users dial in to check e-mail, access customer information or download forms, laptop management software can see what they’re doing and even take control of the machine to do upgrades, for instance, or check for unauthorized software. Mike Scoda, systems architect of field infrastructure, has a sunny take on getting users at the insurance giant to comply with security policies. He says his team had no trouble convincing people to follow security precautions because employees want to protect customer information. Besides, he says, "you can’t get into the laptop unless you have the proper password. That really self-enforced the whole environment." The downside? If an agent forgets the password, the laptop is useless until he contacts the help desk to get one-time codes generated based on the machine’s serial number. Scoda is mum on how much time the help desk spends doling them out.

Another approach to preventing data loss is to minimize the data stored on the machine, which has the added benefit of ensuring that if a user loses the unit, all of his work won’t be gone, too. At Greenwood Village, Colo.-based Re/Max International, for instance, the key information on a user’s hard drive regarding communications with prospects is automatically synchronized each time the user checks e-mail, says Bruce Benham, CTO of the real estate franchise, which has more than 62,000 sales associates in 34 countries. If there’s an update to information on the network end, the server takes care of that, too; the synch usually takes less than five minutes. Benham says salespeople don’t usually complain about this synch time because they no longer have to compile separate reports about their field activity.