Yet a disconnect remains: When we lose our wallets or purses, we immediately cancel our credit cards and change our locks at home. Why would we treat a lost device — with so many private details and insights into our lives — any differently?

Some argue that holding out hope for the phone to be returned makes a full wipe of the device seem too harsh and too permanent of an action.

Of course, the burden is on the consumer for regular backup, particularly when most personal devices contain as much critical data as computers. Regardless, research by Symantec (PDF) shows that there is, at best, a 50 percent chance of recovering a lost device (and likely drops closer to zero percent for a stolen device).

Furthermore, there’s an 80 percent chance that an attempt will be made to breach corporate data and/or networks regardless of whether or not whoever found the device intends to return it.

But even if users and IT agree that remote wiping is the safest action to take in this case, do organizations even have the right to remotely wipe data on employee-owned devices?

The short answer is that it depends. From a legal standpoint, it is usually determined by where the organization and employees are located. In Germany, for example, it is illegal for companies to wipe personal data from an employee-owned device. These companies only have the limited right to delete enterprise data from personal owned devices, so many opt for mobile management solutions that allow them to do that.

In the U.S., laws on this are more lax (or even non-existent). Most U.S.-based companies have employees sign Employee Agreements or Acceptable Use Policies over what IT can or cannot do with their computing devices. In most cases, we’ve already given IT permission to do pretty much anything with our devices if we — even minimally — use them for work.

The truth is, there is a lot of shared risk between employees and employers, so arguing over who should delete the lost device’s data is the wrong argument. With most security matters, a pre-emptive approach is best. In this case, close collaboration and understanding of what actions to take in the worst-case scenario.

Here are some suggestions for building a Bring Your Own Device (BYOD) policy:

Open the lines of communication: Employees need to know the risks they face on a personal level, as well as the risks the organization faces.

Be proactive... create a BYOD plan: Don’t wait until a device is lost or stolen before figuring out the right course of action.

BYOD is managable... if the right tools and technologies are in place. There is a plethora of both personal and commercial options for automatic backup, remote wipe, security, and management of devices. With the amount of sensitive data we carry on our devices every day, there really is no excuse to be caught off guard.

Speaking of tools and technologies, it’s an exciting time to be in the mobile workplace. Employees’ and IT departments’ tech savoir faire is evolving at an unprecedented rate as groundbreaking technologies, devices, and apps make their way into the workplace.

Whether it is traditional MDM, Mobile App Management (MAM), Mobile Risk Management (MRM), virtualization, containerization, app wrapping, consumer or enterprise solutions, or a combination of these, there are a lot of innovative solutions out there. Now is the right time to figure out the best approach for your company’s mobile management and BYOD security strategy.

In the new enterprise mobile world, who owns security, data, and the responsibility of keeping our privacy, security, and sensitive information safe? In this case, I’d argue we are all on the same team.

Just as the new mobile world is about connectivity and hyper productivity, it is also a world of partnerships and trust. After all, when you use your device for personal and work purposes, it’s not your data or my data. It’s our data that is at risk.

Domingo Guerra is the president and co-founder of Appthority, a company focused on mobile security in the enterprise.Top image courtesy of Viorel Sima, Shutterstock