Make Strong Passwords Mandatory: Typing in passwords--especially on a smart phone--to access email or files is a pain, but it's an easy way to prevent people from breaking in. Of course, it won't work if your employees use "password" as their password.
Block Removable Storage: Mass storage in the form of CF, SD or microSD cards is cheap and easy to remove from an unattended smartphone. Security tools can prevent even authorized users from downloading files or other data to removable storage. You can also choose to enforce encryption on removable storage if it is necessary that employees be able to transfer files back and forth. This way, only approved corporate devises can decrypt the information and access the files.
Educate Employees: Employees need to understand what is at risk. It does no good to enforce all sorts of policies that employees feel are simply onerous Big Brother-like controls. If they don't believe security is important, they might be tempted to skirt the rules. Conducting seminars that highlight the dangers of mobile technology is one way to help convince people that there's something more at stake than simple embarrassment. Some companies require employees to be responsible for lost or stolen hardware. What if their culpability extended to the information lost on such devices? That might force them to be a bit more careful.
Educate IT: "The learning curve is getting better," said Sybase's Freeman. "The awareness of the security issues really started with laptops, especially with all the press stolen laptops gets. Companies are paying more attention to smart phones and are realizing the smart phones can have the same data and need to secure them in the same way."
Encryption is Key: Device encryption is easy with mobile device management tools such as Sybase's iAnywhere Afaria or Odyssey Software'sAthena. You can also choose to encrypt individual files to make it even harder for people to break in.
The key is to require that all smartphones go through IT.
