Most discussions about mobile security tend to focus on smartphones and tablets, but they aren't the only dangers facing businesses. In fact, in environments where smartphones and tablets are not supported, the business still has to have a comprehensive mobile security strategy in place to ensure that employees aren't just walking around with sensitive data stored on unsecured USB drives or inserting infected drives into the network. The easiest way to secure these devices is to provide employees with encrypted USB drives. The business has to make it clear to employees that if they need to copy data to a removable drive, the drive must be encrypted. If such a device is then lost or stolen, the data it contains will be of no use to anyone who finds it. Indeed, being clear with employees and providing concrete policies are key to any mobile security initiative. Managing mobile security begins with an acceptable-use policy that spells out how personal devices can be utilized on the company's network. The policy should cover access and security elements, experts say. Access rules define what resources or applications are available from the mobile device. Security elements touch on the use of antivirus programs, encrypted drives and mobile management apps.