Back in the days gone by, when mobile phones did only what they said on the tin and made calls, securing mobile data wasn't too big a problem. Those who needed 24/7 access to work information used security-focused devices, such as BlackBerrys.
However, as any IT professional will tell you, those days are well and truly over. Thanks to the influx of shiny new internet-enabled smart devices and tablets, such as the Apple iPhone or Microsoft Lumia, most employees are now bringing their own technology preferences and applications into the workplace regardless of whether they have permission or not.
On one hand this is great, as the devices have the potential radically to improve worker productivity, letting staff check email or work data when on the move. But, as noted by Lookout managing director Thomas Labarthe, they also raise some serious data protection questions.
"Bring Your Own Device [BYOD] will massively erode many of our traditional approaches to security. If we don't adapt to BYOD and accept that the threat landscape is never static, we are setting ourselves up for massive challenges," he said.
Worse still, many firms are still not waking up to the challenge, according to Trend Micro vice president of cloud and emerging technologies Mark Nunnikhoven.
"The biggest threat to mobile data in the enterprise today is a lack of understanding of the challenge by the enterprise security team," he said.
"Mobile crosses the line beyond simply a technology solution and into some cultural areas where IT has traditionally struggled. Like it or not, a mobile device is a constant companion for a user.
"This means that any changes or requirements should be evaluated from a usability point of view.
"This is where enterprise IT is struggling, which is why we've seen the rising trends of shadow IT, BYOD and the shift towards consumer products in use in the enterprise."
Understand the increased threat
With this in mind the first step in securing mobile data is understanding the threat and accepting that traditional security models will not work.
For example, one of the biggest of these challenges is third-party, potentially insecure or consumer-focused cloud applications and services being used by employees on their smartphones and tablets, which have made most traditional enterprises' perimeter data defences ineffective.
Lookout's Labarthe explained: "Now, with the proliferation of cloud services, enterprise data moves to the cloud and network traffic inherently bypasses perimeter firewalls, leaving a gaping security hole.
"Sensitive data once held securely inside the perimeter is now stored outside sanctioned networks, outside the perimeter. In this borderless mobile world, the first line of defence is no longer the perimeter firewall, it's the user."
The technical answer
The technical answer to dealing with the new frontier of mobile data isn't too difficult, at least on paper.
"[On a technology front] it's essential that businesses understand the risks involved and put in place robust security processes to reduce the risk of any data breaches or leaks occurring," said principal security researcher at Kaspersky Lab David Emm.
"This means deploying anti-malware apps, controlling the applications that staff have access to, and being able to block access to, and where necessary erase, sensitive data stored on a lost device."
Making it actually happen
While the technical answer may help secure mobile devices that IT managers know about, it still leaves the shadow IT issue unresolved.
To get round this Emm said that firms will have to back up their technical solution with a robust cyber security education programme.
"[Securing mobile data] also means boosting the level of data security awareness among employees, and adjusting security policies to reflect the changes in working practices," he said.
Trend Micro's Nunnikhoven mirrored Emm's sentiment: "Successfully securing mobile is a combination of deploying a reasonable set of controls - encrypting the device, requiring a password or biometric [screen lock], enabling remote wiping - with continuous security education focusing on data security and a strong monitoring practice."
Just the start
It's important to note that, even with these policies, there is no guarantee that hackers won't eventually find a way into mobile data reserves.
As Nunnikhoven argued, firms should use this as a starting point to launch ongoing security development programmes.
"There is no magic system or service that will 'solve' securing mobile data. You have to put the work in and tackle the problem through collaboration, basic controls and continuing education," he said.
For more information on mobility, visit the Intel IT Center.
Robot can move inside surfaces within the body to deliver drugs to where they're needed
Sony to trial cross-platform play with Fortnite
Initiative aims to use the power of quantum systems for modeling and simulation apps
Google will keep its eyes on users in other ways