Once upon a time, compliance executives didn’t need to worry about the big bad Internet all that much.

In the old days, protecting corporate data meant not losing floppy disks or reels of tape. And as corporate networks cropped up in the 1990s, IT security went medieval, erecting the digital equivalent of ramparts and moats around sensitive financial and other data.

Alas, those days are gone. Blame the Web application.

Today, those same applications that let executives work from anywhere—instant-messaging tools, online email, databases searchable by Web browser—pose dangerous new threats to sensitive financial information. And any time the integrity of financial ...