The prevalence of cheap, mass storage devices doesn't help. Think CD-ROMs, FlashDrives, iPods, Treos. If you wanted to steal company information in the old days, you had to literally take the paper or file boxes with you. Computers and tiny storage mediums have aided corporate crooks in making out like bandits. It's all too easy to download files, put them on a FlashDrive, stick the drive in your pocket, purse or brief case and walk out the door.
One way to combat the issue is to have strict policies in place that prevent employees from bringing mass storage devices into the building. These can be enforced at the front door with security checks that may or may not already be in place. (Of course, treating your employees like potential criminals doesn't exactly foster the best work environment, but what the heck.) Enterprise software providers also offer programs that will let network admins see what devices are connecting to their company's network, and kick them off if they aren't authorized.
The bottom line is, enterprises need to do their homework and figure out if and how sensitive material can leave the office, and then formulate a plan to prevent it.