CIOs and IT managers need to clearly understand this new threat environment, and take a holistic approach to establish a mobile‐aware IT strategy. The key steps include taking an environmental view of vulnerabilities and threats, creating an effective security policy to address the risks, developing a security strategy focused on protecting critical assets, and employing a proactive security audit and monitoring process to enforce corporate security policy compliance.
"Protecting the magnitude of corporate and customer information at large in todays complex IT environment has become the top priority for organizations looking to meet regulatory and industry specific compliance requirements. Recent growth in business mobility is taking organizations information assets well outside the corporate boundaries. This makes corporate data even more difficult to protect. "As use of mobile technologies in business increases, more and more critical business and sensitive personal information is being collected, processed and transmitted over shared wireless networks by mobile workers from outside corporate confines. Mobile devices have created a variety of unprecedented exposures and risks, including loss, theft, misuse, and unauthorized access to corporate network and data disclosure. Consequently, many traditional security measures are not able to scale beyond corporate boundaries, leaving organizations unprepared and exposed to risk. Deploying the latest firewall, antivirus or encryption tool is not enough to ward off todays sophisticated intruders. Not just hackers, but organized crime, dishonest insiders and basic human error easily find ways past traditional deterrents ‐ especially when critical data lies outside IT controls."