We've been exchanging some e-mails regarding iPhones in the enterprise, and Stephen Wellman wrote:
Oh, I don't disagree with any of these points. But we're seeing a different attitude toward these risks than we would have in years past. That's what I find interesting. Plus, if I am not mistaken, close to 90% of mobile devices in most companies were brought in by the employee, and almost all the security risks you outline below apply to these devices, too. Yet, they're still storing company info. Is this a bomb waiting to explode? Probably so. But it's not stopping this trend, which is what is interesting. Is it even feasible to manage risk from this paradigm anymore? That's the question I want to explore and continue to explore.I can't really agree that enteprises have a different attitude about the risks. It's the same as it's always been -??? indifference. The reality is that few corporations really take mobile device security seriously. There???s a huge gap between what is and what it ought to be. The Apple iPhone has just gotten people all giddy and even more thoughtless. Or perhaps they think that because it's an Apple device it won't get viruses and therefore it's safe. If professionals and executives used the phone solely to make and receive calls, that would be fine, but the moment they fill in their address book or start syncing e-mail, it's a corporate asset with huge potential liabilities attached. Shame on corporate America.