Consumer mobile phone security requires more attention, now that their data storage capacity is increasing. At the same time, much effort is spent on data-centric security for large enterprises. In this article we try to apply data-centric security to consumer mobile phones. We show a maturity model that can be used as a roadmap for improving their security. Additionally, several shortcomings of the data-centric approach are discussed.