As mobile devices are being used as a basic part of the corporate Information Technology (IT) solutions, security is suffering. One of the reasons that security is such a problem is because the corporate IT department has little or no control of the mobile device. The company cannot control: what other applications may be running on the mobile device, the environment of the mobile device, and potential theft of the device; such circumstances expose the security of network data that the user's mobile device has legitimate access to.
Making the problem harder to solve, most of the time the mobile device is not actually owned by the company, but is owned and controlled by the employee of the company. This is called the “Bring Your Own Device” (BYOD) model and is becoming a new standard for mobile devices. Today, BYOD situations are most prevalent with the tablet style iPad® devices and exasperates device management, which can be done by the company. So, the user is the owner of the device; and the user typically only authorizes control by the company to company-based applications or data, but the user does allow the company any other control or access to the user's mobile device.
The situation becomes a catch-22 situation because the company is the owner of the data and therefore does not want its data used on an insecure platform or device, which the company cannot control. This creates a “mobile standoff,” which limits how mobile devices are used within the company and results in corporate modifications to the employee policy manual defining “corporate acceptable” usage of mobile devices in the corporations attempt to control behavior of employees in order to give the corporate some sense of control over the security hole created when mobile devices of employees are given access to potentially sensitive corporate data.