For a tighter hold on data in the event that a device goes missing, several new Android phones--including the Motorola Photon 4G and the Motorola XPRT from Sprint--offer AES encryption natively on the phone and on the accompanying SD Card, for data-at-rest security. These Motorola phones also support remote data wipe via Microsoft's ActiveSync.
Rooted Android or jail-broken iPhone mobile devices are another security issue. Such modified mobile devices no longer conform to their manufacturers' specifications and may damage your business network if given access to it. The safest policy is to detect modified devices and remove them promptly.
If you allow personal phones and tablets on your network, you should require that certain approved software be loaded on those devices before they can connect. Relevant items include a data-wipe app, an app that monitors what other apps may be doing (like McAfee's free App Alert for Android, which is currently in beta), antivirus software, and a properly configured VPN.
More-advanced policies take into account mobile app security that may be based on reputation, whitelist, or blacklist. Reputation considers certain attributes of an app and gives it a thumbs up or down for use. Whitelisting permits only apps specifically approved for use. Blacklisting blocks specifically forbidden apps.
In the future, advanced security policies will consider location and environment. If you want certain phones to work only in the warehouse, say, you'll be able to specify that limitation in your policy. When the phone is anywhere else, it will stop working. Of course such advanced policies require supporting apps, like those from Good Technology and Fiberlink's MaaS360.
Coming Soon: Management in the Cloud
Mobile devices for business are a dynamically changing market. Eventually, many companies will manage their tablets and phones in the cloud. Though a few cloud solutions are available now, more are on the way.
The entirely cloud-based BlackBerry Management Center focuses on mobile devices for the low-end and small-business market. Though this service is for BlackBerrys only, RIM is developing an as-yet-unnamed cloud service that will also work with Android and Apple phones and tablets.
Good Technologies, MaaS360 by Fiberlink, McAfee, Virtela, and a number of other companies either have or will soon have cloud-based mobile management systems out.