F-Secure's vice-president, Maria Nordgren, is warning that Siri is a security nightmare and she's dead on. Siri doesn't store things "locally", but rather communicates with the Apple servers in Oregon. And let's take it a step further. Users who are allowed to use their personal devices at work could very well be a company's biggest security headache. IT departments cave to the wishes of CEOs and users and allow the latest gadgets on their networks. These users start working with company data on their personal devices, which normally aren't watched like company assets are watched. Sure, the company may have a policy of "no official business" on BYOD devices, but do you honestly think users follow it? Hell no! It's too convenient to copy information to the device so they can work at home. Of course, IT security has never been given the teeth to enforce policy, which is basically the root of the problem. In essence, if the CEO wants it, the CEO gets it, regardless of the impact on the company. And IT and the security folks are told to "make it work" even if the end result is detrimental to the security of the organization. From a security standpoint, especially for those companies that have sensitive information that competitors would love to get their hands on, BYOD shouldn't even be a consideration. If mobility is a requirement, the company needs to purchase the devices and set up the policies and restrictions that would allow them to be used as securely as possible. CEOs who push for a BYOD solution should be hauled before the board and be forced to explain why they feel corporate security should take a back seat to saving a buck. Because that's exactly what it boils down to. Let the worker pay for their own device instead of doing it right and purchasing a solution that works for the company, including setting the security options that work best for the corporation. Because we all know, users would never, ever compromise the security of a company. Right?