I think they still are trying to figure out how that's going to work. Do IT people trust the carriers to deliver this type of service, or is it the mobile middleware vendor? There are still a lot of questions that need to be worked out within this industry for your question to be answered. When looking at the increasing computing capabilities of handheld devices, who is responsible for securing the device?
If the smart phone or follow-on products of the smart phone become an integral part of some enterprise -- i.e., I am expecting my users to do their work using this device -- is there a transition or some natural conflict between the carrier and the enterprise? Who owns the phone? Who's in control of it? When looking at the increasing computing capabilities of handheld devices, who is responsible for securing the device?
Who carries the liability? Right now the carrier basically carries the liability, but the only thing an attacker can do is steal service. However, at some point if I have my enterprise attacked because I basically outsource part of my IT infrastructure to Verizon and I lose billions of dollars, who is going to carry that liability? When looking at the increasing computing capabilities of handheld devices, who is responsible for securing the device?
I guess it will depend on the type of attack. Where was the attack targeted? Where was the hiccup? Was it done through the wireless transmission? Was it done on the device itself? Was it targeted at a backend server and then sent over the wireless network? I don't think there is a really clear answer for it as of yet.