The recent sale of a used PDA holding sensitive corporate data has led to calls for firms to revise their policies for the security of mobile devices.

The buyer of a BlackBerry device sold on eBay last month found that it contained valuable corporate data left by its previous owner, a former vice president at investment bank Morgan Stanley.

The incident illustrates why firms should not leave device protection to their employees, according to Magnus Ahlberg, managing director at mobile security specialist Pointsec.

"You can't really rely on end users to be up to date with security tools and wiping data," he said. "The IT team should decide what measures to take and ensure they are implemented."

Ahlberg added that technology such as encryption should be used to protect sensitive data.