However, in the world of corporate networks, "tethered" has an explicit meaning. It means a device is physically locked to a certain location and the user can only use it at that location. The definition of an "insider" used to be only those people you could guarantee were using a "tethered" piece of technology to access the corporate network. The benefit of this approach has been that companies always knew exactly which device and which trusted "insider" was on the network at any given time.
As workers are required to go mobile in order to stay productive (and provide value well beyond the 9 to 5 work hours), the corporate network has had to go virtual - piggybacking on the infrastructure of the threat-ridden public Internet.
This also means that the definition of who and what should be trusted as an "insider" has had to expand. Users often have multiple devices and multiple log-on points to gain access to corporate resources. This means there are several different possible points where trust needs to be validated. It also means that measures must be taken to ensure the devices and points that are placed in the hands of our users do not become leaking sieves for sensitive corporate data.
A combination of both physical and behavioral controls is required to meet the needs posed by these virtual insiders. Physical controls should include encryption and strong authentication enforced through policy for every mobile device that is going to touch corporate data. And behavioral controls should differentiate between information that is corporate and personal and control information when the user is mobile.