« Disaster Recovery

BYOD underlines need for thorough business continuity planning

With more companies instituting BYOD policies, it's crucial for those organizations to ensure that their systems remain as secure as possible.
With more companies instituting BYOD policies, it's crucial for those organizations to ensure that their systems remain as secure as possible.

One of the many technological innovations companies across many industries are seeing is bring your own device (BYOD). Smartphones, tablets and laptops can easily be moved from one location to the next, and employees are finding it convenient to use one device in the office and at home. However, studies have shown that this could increase the risk of a data breach, as one lost cell phone could prove disastrous for a business.

As such, when conducting a business impact analysis, it's crucial for company leaders to account for BYOD, ensuring that all employees understand the risks and that proper security measures are in place. Medical facilities need to be especially careful, as they can expose patients' personal information during a breach and bring hefty fines on themselves for HIPAA violations.

A survey from Spyglass Consulting Group found that over two-thirds of hospitals interviewed said that nurses use personal smartphones on the job for personal and clinical communications. However, the IT support for those devices is lacking. 

Chris Petersen, CTO of LogRhythm, told CSO that he is not surprised that smaller organizations are much more vulnerable to data breaches. He said that those firms might not have a full-time IT staff and could be less devoted to personal security. However, with BYOD practices increasing, it's necessary to take the proper precautions.

"There is no fix for this," Petersen told the news source. "If organizations don't have the proper technical controls in place, they will be helpless when it comes to ensuring a lost device doesn't mean lost personal information."

With technology evolving at an increasingly fast pace, businesses of all sizes and within all industries need to create a comprehensive disaster recovery plan that accounts for potential data breaches and BYOD trends. Organizations need to stay diligent to keep their information – and customers' data – secure.