« Disaster Recovery

Rise of BYOD should push companies to reevaluate disaster recovery plans

Disaster recovery planning must account for BYOD policies, as more employees own mobile devices and access  office systems from remote locations.
Disaster recovery planning must account for BYOD policies, as more employees own mobile devices and access office systems from remote locations.

One of the major innovations in the digital business world is more employees are bringing smartphones, tablets and laptops to work. Bring-your-own-device (BYOD) is especially popular with cloud technology, as workers can access their office systems from numerous locations. However, company leaders should ensure they have a comprehensive disaster recovery plan in place to account for the possibility of a security breach.

Businesses of any size could be susceptible to not only cyber threats, but if a device becomes compromised. While the healthcare industry has been in the news more often for such issues, a recent article in CSO explained that all sectors should remain diligent in fully educating employees on proper uses of mobile devices.

For example, Troy Gill, senior security analyst at AppRiver, told the news source that technology is available today for most devices to tackle key security issues. Enforcement of password locking and remote data wipe are both critical. Gill added that corporations should have a virtual private network (VPN) to keep connections secure, even when employees access company systems from mobile devices.

Chris Petersen, CTO of LogRhythm, a security information and IT company, explained to CSO that it’s not uncommon for smaller practices to be more vulnerable to security issues. However, there are lots of affordable options out there, he said. Until the gap between new devices and cyber issues is bridged, using personal devices at work can be dangerous. Petersen added that with that mind, eliminating BYOD could be a viable option for some organizations.

“There is no fix for this,” Petersen said. “If organizations don’t have the proper technical controls in place, they will be helpless when it comes to ensuring a lost device doesn’t mean lost personal information.”

Along with technical control, all employees need to be fully educated on the intricacies of their company’s disaster recovery planning. That way, businesses can have a quick recovery process should anything become compromised.