David Kelleher, Communications and Research Analyst at GFI Software (www.gfi.com), says:

Restrict devices to allow easy management
Businesses need to clearly define why they need to use mobile storage devices and tools how their strategy ties in with the organization’s overall data storage plans. Is the organization using mobile storage for redundancy? To offload data from the main servers? For archiving purposes? To allow greater employee mobility? Is the data structured or unstructured? If an organization encourages employees to backup their data or use mobile devices to be able to copy the data they need to work with while on the road, then security and risk will be an important consideration. The more devices / tools in use the great the risk of data being lost /leaked, therefore restrictions and policies need to be imposed to ensure that a nascent mobile data storage strategy does not become a nightmare in the making.

If you’re data is mobile… the legal aspects
Today’s business environment poses challenges in the form of complex regulatory, governance and legal requirements. SMBs need to be aware of what their legal obligations are and that they are in a position to adhere to these requirements at any time. Furthermore, if a lot of data is being moved between sites or simply carried around by employees on the road, organizations must ensure that policies are in place to minimize the risk of data loss (lost laptops, USB sticks, PDAs or smart phones). Is highly confidential data being copied? Are employees forwarding corporate emails to their private email accounts or accessing email via their smart phone? Is that data secure enough in the event that a breach occurs or a device is lost? If you have doubts about the last answer, you need to go back to the drawing board and put your security /data storage policies in place. Better safe than sorry.