-- Handheld devices and laptops ranked highest among storage devices that posed the greatest risk for sensitive corporate data, followed by Universal Serial Bus memory sticks, desktop systems and shared file servers.

-- Sixty-four percent of companies surveyed reported that they have never conducted an inventory of sensitive consumer information.

-- Sixty-four percent also reported never having taken an inventory of employee data.

-- Eighty-one percent of respondents reported that protecting sensitive "data at rest" is a priority this year, and 89 percent predicted that it will be a priority next year. The survey defines data at rest as all electronic information found on storage devices within an organization's IT infrastructure.

Asked "How long would it take to determine what actual sensitive data was on a lost or stolen laptop, desktop, file server or mobile device?" the most frequent answer was "never," according to the survey.