In my years of selling mobile applications to enterprise customers one area of concern is universal -- data security. I've received my fair share of security scrutiny via in-depth reviews, worst-case scenario planning, and ethical hacking. My counterparts bring attitudes ranging from blithe indifference to cautious pragmatism to "never in my house." Mobile devices like BlackBerry, Windows Mobile, and iPhone are apparently "risky" -- they're small, powerful, and they connect into your private network. They're personal in nature, easy to lose, and are therefore the bane of Chief Security Officers everywhere.

Such concerns are not unfounded. However, I suggest that they might be mis-prioritized. Corporate data breaches are commonplace. Yet, some basic analysis shows that lost laptops, corporate network attacks, and physical loss represent the vast majority of events. Mobile devices are not immune, but there have been few reports of data being stolen from mobile devices in recent years.

Why is this?

• The "always on" connectivity of most mobile devices allows for continuous monitoring and remote "kills" when devices are lost
• Market leading mobile management platforms provide over-the-air and on-device data encryption, along with centralized management of IT policies to enforce strict corporate controls
• Mobile devices provide an intrinsic form of 2-factor authentication: something you have (device) & something you know (device password)
• Well-designed mobile applications offer customers the flexibility to easily configure which data is stored on the device and how much to store, along with the ability to identify data as so sensitive that it should never be stored on-device (real-time only)
• Sophisticated mobile application servers offer additional data security including: single sign-on authentication, credential aging, and data "time bombs"
• The addictive nature of today's integrated phone/email devices makes them imperative and quite personal to people, meaning they're likely to notify IT quickly when a device is lost or stolen

No one would argue that a robust security policy and proper tools are needed to manage and maintain wireless business applications. BlackBerry in particular provides a well-integrated, security first approach to mobile devices. CIOs should not fear but rather embrace the inherent security advantages offered by smartphones over the data-heavy and difficult-to-manage laptop option.