The Impact BYOD Has on Your Backup & Recovery Strategy

For years, mobile devices have increasingly helped employees around the globe access important documents and emails while sitting in cab, standing on line for coffee or waiting in an airport. Most recently the trend has turned towards Bring Your Own Device (BYOD) for businesses of all sizes.  As the name implies, BYOD gives employees the freedom to “bring in” and use their own personal devices for work, connect to the corporate network, and often get reimbursed for service plans. BYOD allows end-users to enjoy increased mobility, improved efficiency and productivity and greater job satisfaction.

However BYOD also presents a number of risks, including security breaches and exposed company data, which can result in extra money and resources to rectify the situation. What happens when that employee’s mobile device is lost or stolen? Who is responsible for the backup of that device, the employee or the IT department?

According to a recent report by analyst firm Juniper Research, the number of employee-owned smartphones and tablets used in the enterprise is expected to reach 350 million by 2014. These devices will represent 23% of all consumer-owned smartphones and tablets.

BYOD has a direct impact on an organization’s backup and disaster recovery planning. All too often IT departments fail to have a structured plan in place for backing up data on employees’ laptops, smartphones and tablets. Yet it is becoming imperative to take the necessary steps to prevent these mobile devices from becoming security issues and racking up unnecessary costs. Without a strategy in place, organizations are risking the possibility of security breaches and the loss of sensitive company data, spiraling costs for data usage and apps, and compliance issues between the IT department and company staff.

The following best practices can help businesses incorporate BYOD into their disaster recovery strategies:

  1. Take Inventory: According to a SANS Institute survey in 2012, 90% of organizations are not ‘fully aware’ of the devices accessing their network. The first step is to conduct a comprehensive audit of all the mobile devices and their usage to determine what is being used and how. While an audit can seem to be a daunting task for many organizations, there are mobile device management (MDM) solutions available to help simplify the audit process. Another integral part of the inventory is asking employees what programs and applications they are using.  This can help IT better determine the value and necessity of various applications accessing the network.
  2. Establish Policies: Once you have a handle on who has what device and how they are being used, it is important to have policies in place to ensure data protection and security. This is crucial for businesses that must adhere to regulatory compliance mandates. If there is not a policy in place, chances are employees are not backing up consistently or in some cases at all.  You may want determine a frequency for a backup schedule with employees or deploy a solution that can run backups even if employee’s devices are not connected to the corporate network.
  3. Define the Objective: Whether you have 10 BYOD users or 10,000 you will need to define your recovery objectives in case there is a need to recover one or multiple devices. .  Understand from each department or employee which data is critical to recover immediately from a device and find a solution that can be customized based on device and user roles. The ability to exclude superfluous data such as personal email and music from corporate backups can also be helpful.
  4. Implement Security Measures: Data security for mobile devices is imperative. Educating employees can go a long way in helping to change behavior. Reminders on password protection, WiFi security and auto-locking devices when not in use may seem basic but can be helpful in keeping company data secure for a BYOD environment. Consider tracking software for devices or the ability to remotely lock or delete data if a device is lost or stolen.
  5. Employee Adoption: The last best practice for a successful BYOD deployment that protects mobile devices across your organization is to monitor employee adoption. In a perfect world, all employees will follow the procedures and policies established. However if you are concerned about employees not following policies, you may want to consider leveraging silent applications that can be placed on devices for automatic updates. These can run on devices without disrupting device performance.

About The Author: Jennifer Walzer is CEO of Backup My Info! (BUMI), a New York City-based provider which specializes in delivering online backup and recovery solutions for small businesses.