Smartphone Anti-Theft Database: What's Enterprise Impact?Smartphone Anti-Theft Database: What's Enterprise Impact?

When it comes to data theft in the BYOD age, malware is a concern but the most prominent threats involve lost or stolen devices. To discourage would-be thieves, major U.S. phone carriers -- notably T-Mobile, AT&T, Sprint and Verizon -- have activated a database to track missing mobile phones and block them from being used.

The proactive step will likely benefit consumers, many of whom neglect security precautions. It's unlikely the new initiative will decrease the need for data-protection tools within the enterprise, however.

Intentions to build the database were announced in April by the FCC. Now that the program is operational, an owner whose mobile phone goes missing can contact his or her carrier, who will add the device to the database and prevent it from being re-appropriated by illicit parties. In the past, taking control of a stolen phone could be as simple as inserting a new SIM card. The carriers' program, however, identifies handsets via International Mobile Equipment Identity (IMEI) numbers, which are device-specific.

[ How does mobile biometrics play into the future of identity and access management? Read more at Mobile Biometrics: Your Device Defines You. ]

Many experts agree that the program is well-intentioned but that its potential impacts should not be overstated.

In an email, IDC analyst Stacy Crook wrote, "[I]t's great that the carriers came together to work on this for the good of the consumer." She countered, however, that though the effort could be helpful to IT, she doubts it "magically solves all of their problems." She pointed out that enterprises still face data loss concerns related to sensitive content being stored in public cloud services, suggesting that even if the IMEI database is successful in deterring thieves, IT security initiatives are unlikely to change. As for the database's potential effectiveness, she said, "Criminals are nothing if not creative."