Your company just implemented a "bring your own device" policy that allow users to use their own personal smartphones and tablets to access their personal corporate files. What steps are needed to ensure that the data access is secure, while allowing a syncing of data to the personal devices?