We're constantly amazed at the type of sensitive information people store on devices that are as easy to misplace as a remote control. If you knew what walked around unprotected on your employee's mobile devices you might lose some sleep until you took steps to secure them.

With all of the time and money companies devote to securing their IT systems, a single unsecured PDA can poke a hole in a corporate security wall the size of Montana. Proprietary information that is otherwise under lock and key, can easily make its way across the world in planes, trains, and automobiles, and this means the information is just a single loss away from a potential corporate disaster.

Unfortunately, it is almost impossible to control what employees keep on their PDAs. Since most enterprises don't budget for the latest mobile wonders, many devices in an organization are purchased by employees and walk in the back door. With external cards, there's no telling what unsecured data is stored on a PDA and carried in hip pockets, glove boxes, brief cases, and back packs.

The same features that make handheld devices so useful make them a very serious security risk. Their portability, power, connectivity, and storage capacity add up to a ticking time bomb that is silently counting down as you're reading this article. Are you concerned yet? You should be.

We thought it would be fun and useful to put together a top 10 list, based upon feedback we've had from executives around the country as we compiled research for the writing of "PDA Security. Incorporating Handhelds into the Enterprise," our new book published by McGraw-Hill. With that, here are a few steps a company can take to get its handheld security in order:

1. Network Passwords. All of the hard work your IT security folks have done to secure your network can be thwarted with the stroke of a stylus. PDAs are a very convenient place for employees to keep those hard-to-remember items such as the 10-digit alphanumeric passwords they're forced to change every month. An unprotected mobile device can be the gateway into your entire network and all of the critical data and systems that it connects to.

2. Customer Data. Here's a lawsuit or PR nightmare waiting to happen. In the financial services industry, the loss of customer data could legally compel a company to contact every customer with the message that their personal information might have been compromised. Or consider this, wouldn't your competitor like to get hold of your customer list, along with sales history and contact information?

3. Press Releases. How would you like to see that strategic announcement that's scheduled for next month on the front page of your favorite business daily? Now, that your employees can view e-mail on their handhelds, as well as Word and Acrobat files, the probability of such documents being on unprotected mobile is quite high. Many busy executives use their handheld devices to view and edit documents when they're on the road or commuting. In short, that critical press release that your hard working staff member updated on the train, is a sitting duck to whomever finds it when it's left on the seat. And if you're a public company and this information gets released prior to public distribution you'll have the SEC knocking on your office door.

4. Credit Card & Account Numbers. Another item that should never be stored on a mobile device is the company credit card number. Guess what? It happens all the time. With so much ordering via the Internet, it's quite handy to keep credit card numbers a click-away by posting them on an Outlook Note. That's just a sync away from a mobile device and a cab driver's eBay shopping extravaganza.

5. Financial Data. What does SEC stand for again? Although handhelds aren't the best way to browse through large spreadsheets, they sure synchronize nicely and often find their way onto mobile devices. Whether it's an in-progress annual report or the internal projections for next quarter's sales, the inadvertent leak of financial data can have catastrophic consequences that could last a corporate lifetime.

6. E-Mail. There's no telling what proprietary information is to be found in your employees' in-boxes. With Wi-Fi, Bluetooth, and cellular equipped devices, downloading e-mail is a snap. An unprotected device can offer very interesting reading and present a great liability potential to your organization.

7. Intranet Access. Let's give your people the benefit of the doubt and believe that they're responsible enough to never store passwords in their notepad. Unfortunately, there's a good chance that they've checked the "remember user name and password" button on their mobile browser. Presto! Your son's tech-savvy high school friend (of course your own son or daughter would never do such a thing), who found your PDA sitting on your desk in your house can now stroll through your company's Intranet -it's more fun than an Xbox.

8. Price Lists. Your best salesperson just finished a great meeting with a top client. In all of the excitement, she left her handheld sitting on the desk on her way out. Unfortunately, curiosity got the better of your customer. Oops! Your client's competitor is getting a better deal than they are. You can tell the rest of the story.

9. Employee Information. Nice social security number! Aside from the litigation exposure, the loss of employee data such as payroll information can do great harm to your organization. Even if the mobile device is lost in your office, exposure of confidential information to unauthorized parties can cause great problems.

10. Medical (HIPPA) Information. Most companies don't have $50,000 to throw around for every violation of the new HIPPA privacy standards. Now that doctors, nurses, and medical staff have access to nifty new programs that run on their PDAs, this has become a very serious issue.

Feeling a bit queasy now? If your handhelds aren't secured you should be feeling a little bit nauseous. The good news is that there are relatively simple steps (and economically feasible) you can take to minimize the risk of data loss and secure your company's data from prying eyes and finders-keepers. On the next page you will find are some security measures to take