Law enforcement agents are finding that smartphones and other mobile devices are increasingly useful in catching crooks. This is good for law and order in general, but it's not necessarily good for companies with mobile-dependent workforces. The implication for these companies is "potentially disastrous," writes Johna Till Johnson in a column at NetworkWorld.

Per a recent California Supreme Court ruling, the state's police do not need a warrant to search the cell phones and other mobile devices of people under arrest. They can look not only at phone records, but also at any data and applications on the devices. This includes data owned by the user's company, notes Johnson, who is president of technology research company Nemertes Research.

What if the subject of a warrantless search was a doctor, who happened to be speeding, Johnson posits. If police officers took a look at protected data residing on his smartphone, for example, the hospital maintaining the data could be liable for a breach.

"The potential consequences to the hospital are devastating: Not only must it inform patients of a privacy breach (an effort which can, by itself, cost millions of dollars)," she writes. "It may also face fines and legal action for allowing the information to be revealed in the first place."

This possibility underscores the need for companies to better manage their employees' mobile devices. Encrypting sensitive data and deploying remote wiping capabilities are among the first steps in that strategy, Johnson advises. Even if a device is password protected, it is not clear whether a user under arrest would be required to enter it.

For more:
- see Johna Till Johnson's column at NetworkWorld

Related Articles:
Security vendor: Mobile users more vulnerable to phishing scams
How to know if you've been breached
Survey: Most organizations don't delete data securely