When I talk to IT managers, I almost always hear fears of mobile devices as conduits for sensitive corporate data to leave the company. I don’t know why I keep hearing this. There’s simply no evidence to support this fear. In fact, there’s solid evidence that says mobile devices are not a significant—or even moderate—risk factor.
Every year, I check the Identity Theft Resource Center’s database of personally identifying information (PII) breaches, which require disclosure by both state and federal laws. I’m sure many losses go unreported, and the database doesn’t cover corporate information not containing PII. But if mobile devices were a conduit to data loss, they should show up in this database.