According to the Credent Technologies survey mentioned earlier, even given these types of loss statistics, over half of the supposedly security-conscious respondents (56 percent) surprisingly confessed to 'not bothering' to use a password every time they used their own mobile device or smartphone. This is the most basic security precaution for mobile devices and often the first line in defense. Billions of dollars are being spent on information security, yet companies are leaving their back doors and windows wide open by allowing uncontrolled mobile device access, risking sabotage, hacking and exploitation. Management software that can remotely lock/wipe high-risk content from lost or stolen mobile phones can protect users from themselves. A more proactive approach is to put in place management software that enables enterprises to establish security policies for their mobile devices and applications—policies like requiring the use of a strong device password for unlocking an idled phone—to ensure consistent protection for all mobile employees.

#2: Keeping information that could compromise company security in "plain sight" on the phone (e.g., keeping server or other passwords in Notes or Contacts, keeping detailed/sensitive information on an unsecured device) Many of us are starting to use our mobile phones as tiny computers, and are keeping all sorts of data on these devices. According to a survey of global-500 CIOs conducted by Coleman Parkes for Mformation, more than half of companies surveyed reported that technical product, sales and/or customer details are being kept on employees' mobile devices, many of which are personal devices rather than company-issued devices. The same Coleman Parkes survey also found that only 12 percent of enterprises have a full record of the data being stored on their employees' mobile devices.

To make matters worse, this critical company data is being kept on unsecured devices. According to the McAfee 2008 Mobile Security Report, 79 percent of consumers are knowingly using unprotected devices, with another 15 percent unsure of their devices' security levels. All sorts of information is being kept in "plain sight" on mobile devices and could be devastating to an enterprise if it fell into the wrong hands. Consumers, operators and especially enterprises are finding that they need remote management capabilities that can enforce security policies on mobile devices, and keep the data on those devices safe, even when individuals aren't as careful as they should be with it.

#3: Opening an application from an unsecured/unknown source Without mobile applications and content — from messaging and email to games, business applications, productivity software, educational content, and even health and fitness systems — a mobile device is basically just a phone. Every day, more applications and content are being developed specifically for mobile devices. But not all applications are created equal. Downloading/opening a "bad" — or even just poorly constructed — application can cause all sorts of problems. Users of mobile Web and other mobile applications are very concerned about the lack of protection from "bad" mobile applications and content. In McAfee's 2008 Mobile Security Report, 64 percent of mobile Web users surveyed expressed worry about surfing on the mobile web/downloading content.