Users are underestimating the potential security risks of owning an iPhone, according to new vendor-sponsored research released today.

Although the research comes from, surprise surprise, a firm selling endpoint device control software, the findings nevertheless highlight the potential security blind spot created by corporate use of Apple's iconic device.

The research, from DeviceLock found that 65 per cent of IT decision makers recognised that unauthorised users could access valuable company data through the iPhone. However, nearly the same number said they had not taken any measures to secure company data against this threat.

More worryingly still, 40 per cent of businesses knowingly allow staff to download company data onto removable devices without any security provision, according to the research.

"The amount of removable and mobile memory-enabled devices that employees have on their person at any one time is now quite considerable - be it a USB stick or an iPhone," said Sacha Chahrvin, managing director at DeviceLock UK.

"Therefore, we were very surprised to see that most companies were not prepared for this threat."

While the research is obviously a less-than-subtle piece of marketing for DeviceLock's new DeviceLock 6.4.1 product, it shows how the consumerisation of corporate IT is becoming an increasing problem for IT departments to deal with.

"While 'smart' phones bring many positive benefits to the way we live and work, if the secrets that they hold about us fall into the wrong hands, it can put users at real risk of identity fraud and serious crime," argued David Porter, head of security and risk at consultancy Detica.

"Longer term, the answer to mobile security could lie with the 'secure cloud', where data is held safely in the network and handheld devices become just a way of accessing services. But this prospect is far off and isn't the entire solution."