If you are one of those who uses a PIN to secure your iPhone, there's a report you might want to read. Bernd Marienfeldt has a treatise on his blog confirming what most people have suspected; a PIN will keep the casual user from picking up your phone and using it, but that's it. It won't keep someone from accessing all your data.
Marienfeldt and fellow security guru Jim Herbeck have discovered that plugging an iPhone 3GS into a computer running Ubuntu Lucid Lynx allows nearly full read access to the phone's storage, even when it's locked!
The idea is that a determined person is just a buffer overflow away from full access to your data, even a fully up-to-date, non-jailbroken device. Bernd believes the iPhone's lack of data encryption for content is a real problem. He also cites the inability to digitally sign e-mails as reasons why the iPhone is still not quite ready for center stage in the enterprise department, and provides a list of bullet points of areas it needs to improve if it wants to make the grade, and 'become a reasonable secure mobile network device.'