« Disaster Recovery

Why BYOD needs to be accounted for in disaster recovery planning

Having a BYOD policy can greatly help companies in their disaster recovery planning, ensuring that all devices remain secure.
Having a BYOD policy can greatly help companies in their disaster recovery planning, ensuring that all devices remain secure.

As more businesses are trying to become as technologically savvy as possible by integrating mobile devices into daily operations, it is important for company heads to account for necessary security measures as well. Bring-your-own-device (BYOD) policies can be especially beneficial in disaster recovery planning, and even in the prevention of data breaches.

Employees must have a clear understanding of their role when it comes to keeping sensitive company information secure. Even if they are allowed to carry a laptop or mobile phone between their home and the office, it is important that they know the ramifications of being lax with security and will work toward keeping data safe.

No business or organization should think of itself as exempt from BYOD security polices. For example, a report released on March 26 by the U.S. Department of Defense Inspector General's (IG) office found that 14,000 commercial mobile devices (CMDs) used at the U.S. Military Academy and the United States Army Corps of Engineers Engineer Research and Development Center had less than desirable cybersecurity.

According to the IG report, the Army CIO did not develop clear and comprehensive policies for commercial mobile devices.

"In addition, the Army CIO inappropriately concluded that CMDs were not connecting to Army networks and storing sensitive information," the report said. "As a result, critical information assurance controls were not appropriately applied, which left the Army networks more vulnerable to cybersecurity attacks and leakage of sensitive data."

Not only was there not a facility to wipe data from a phone should it be lost or stolen, there was also an absence of training and user agreements.

Shawn McCarthy, research director for IDC Government Insights, explained to the technology blog CSO that sometimes a company can misunderstand what BYOD entails. It is still well-advised to impose rules and regulations that all employees adhere to, he said, otherwise it can become more like the Wild West with everybody bringing any device into work.