2. Ensuring Find My iPhone isn't disabled
iOS has a great capability called Find My iPhone (aka Find My iPad or Find My iPod, depending on what device you have) that broadcasts the device's location. Consequently, you can see on a map where the device last was, as well as send a tone or message to it, and -- if need be -- lock or wipe the device's contents. This feature in Apple's iCloud works from any browser, as well as from apps you can download for iOS devices.
But Find My iPhone only works if enabled in the Settings app's iCloud pane, and anyone who has your iOS device can simply turn off the service there. It's clear that Find My iPhone was designed for finding an iOS device left under a chair or at a friend's house -- not to thwart someone who stole your device.
Fortunately, you can prevent thieves from disabling the Find My iPhone capability in your device. Of course, your first line of defense is to have a password for your iOS device, then set to wipe it after a specified number of failed login attempts. Every company should enable this password and wipe requirement through its Exchange ActiveSync (EAS) policies or via a mobile device management (MDM) tool, but many do not.
You can do so yourself in the Settings app's General pane. Tap Passcode Lock, and in the pane that appears, specify your password and the idle time after which the password is required. At the bottom of the pane, set the Erase Data switch to On and specify how many failed attempts will cause your device to be wiped. Remember: If you back up your iOS device via iTunes, you can easily restore its contents after a wipe.
Of course, the idle time still provides a possible window for a thief to disable Find My iPhone. Also, most people will not require passwords for home-oriented iOS devices -- many users find entering a password too onerous a task, given the low probability they believe of their device being stolen.
If you believe that, there is a way to keep Find My iPhone from being turned off even on an iOS device with no device password. You need to go to the General pane in the Settings app and tap Restrictions. You'll be asked to set a four-digit passcode; after you do so, the Restrictions pane appears in which you can specify which controls are disabled until someone enters that passcode. In other words, you can password-protect individual settings on your iOS device.
Scroll down to the bottom of the Restrictions pane and tap Accounts, then tap Don't Allow Changes in the pane that appears. Doing so prevents anyone from changing your iCloud settings (where Find My iPhone is managed) and your email, contacts and calendar account settings unless they have your password. Even better, the passcode for your restrictions can be different from the password that secures access to your device; if you share your device password with an admin, IT pro, or family member, that person can't override your restrictions using your device password.