Why Your Business Needs a Mobile Security Policy

Laptops and mobile devices may be business travelers' dream tools, but they're likely to be a small-business owner's nightmare if they're lost or stolen.

If you're thinking "It can't happen in my company," consider these statistics: It's estimated by Absolute Software that in 2005 over 750,000 laptops were lost in the U.S., with 97% of them never recovered.

And in 2005, a publication of the Licensed Taxi Drivers' Association and mobile-security company Pointsec conducted a London survey of items left in taxis over a six-month period, yielding some startling results. Londoners are reported to have left behind 4,973 laptops; 5,939 Pocket PCs; and 63,135 mobile phones. In 2006, 81% of U.S. companies reported losing laptops containing confidential data, including intellectual property, business documents, customer data and employee records.

There are stories in the news almost daily about the latest data privacy breach, and no company or agency is exempt. From IBM (IBM Quote) to the Ohio state government to Yale University, lost mobile devices such as laptops, PDAs and thumb drives are exposing companies' secrets and their clients' data to the world.

Even the security pros aren't immune. A speaker at a security conference I recently attended had his laptop stolen the night before the event, and he's from the FBI. Most thefts of portable devices are crimes of opportunity. Travelers are especially vulnerable: There's nothing like arriving late in an unfamiliar locale, juggling bags, battling jet lag and trying to figure out which in a row of identical rental cars is yours to make you a little careless or forgetful.

The price of replacing hardware is negligible. But the long-range costs -- financial and otherwise -- can be staggering when a company's confidential data ends up in the wrong hands.

Policy for Protection

To protect your company, it's essential to establish a mobile-device policy before any equipment or data are lost.