The 7 Rules of BYOD, and How Disaster Recovery Plans May Change

Brett Harney Business Continuity / Disaster Recovery, BYOD

I came across the article today "6 Rules for BYOD" from RCR Wireless News, and I thought it was a good one to share and comment on.  I added a seventh rule that will be imperative for a successful bring your own device policy (network optimization and bandwidth management), but it also got me to thinking about Disaster Recovery. We have been talking a lot about DRP's with our clients lately, as it needs to be on everyone's 2015 planning.   This article made me think: why not incorporate your BYOD policy into your Disaster Recovery Plan?  At the very least, it should be a consideration for accessing content should workstations suffer outages, especially if you have redundant apps in the cloud.  I think we will be adding this to our DR checklist. Here is the part of the article, along with my thoughts... Experience shows that there are six simple rules to follow to ensure the smooth and successful introduction of BYOD and its ongoing use throughout an organization. These guidelines cover policy, security and management, and smart companies have these rules and tools all in place before opening the door. 1. Strike the balance It may seem obvious but the people within your organization have different and potentially competing interests in terms of devices. The IT department wants to maintain control, the business lines search for increased productivity and the staff themselves – well, sometimes the boys and girls just wanna have fun using the latest and greatest devices. Your challenge is to strike the right balance, establishing a policy and an environment that allows all those interests to coexist in harmony. Recognizing that goal is the starting point; following the next five rules helps to deliver it. 2. Think device management The BYOD environment has one inevitable consequence. Your IT department will now have to support multiple mobile operating platforms – Apple iOS, BlackBerry, Windows and Android in all its many and varied configurations. If you don’t recognize this in advance, it can increase the IT team’s workload and create additional hidden costs. Happily, there is a range of device management tools available that can provide a single dashboard for monitoring and managing devices across all the major mobile platforms – even automatically distributing firmware and app upgrades to all devices, whether company-owned or private. 3. Don’t confuse business and personal tools If your staff finds that accessing or storing company information through their mobile device is difficult, they will start to look for workarounds and adopt personal cloud storage services like Dropbox, iCloud or Google for company information. This presents an obvious security risk if sensitive information is stored outside the company framework. So right up front, choose a mobile-friendly content management system that is easy to use but has strong security to prevent data leakage or sensitive company information residing in multiple unsecure locations. 4. Plan for future developments Mobile devices are no longer simply phones or mobile e-mail terminals. They are often a key component of the way a business operates, extending desktop functionality to the mobile device. Part of this evolution demands that users are able to run customer care solutions and services via their smartphones and tablets. When companies decide to develop custom business apps, they typically require at least $20,000 per app per platform. This means that a multiplatform environment can automatically carry an additional cost, especially when you consider the ongoing expense of maintenance across multiple platforms. However, some app development platforms can slash those costs through cross-operating system capabilities and drag-and-drop interfaces to automate many of the processes and reduce the need for specialized skills. 5. Allow choice, but enforce control Just because you are allowing your staff to choose their own device doesn’t mean you can allow total freedom over the way it is used. Employees can’t be allowed to ignore or circumvent security policies. Your device management solution should allow the IT department to create, manage and enforce policies while maintaining the freedom of choice of the users. It’s possible, for example, to control which applications are used at different times of the day, to block devices with unauthorized software modifications or be notified if an app is downloaded that is identified as a security threat. 6. Seek secure connections – and save money As operators phase out all-you-can-eat mobile data bundles, enterprises of every size are encouraging their staff to use Wi-Fi wherever possible. But not all Wi-Fi connections come with the same level of security. Ensure that your devices access networks that offer security through end-to-end encryption and block access to unknown free networks that may allow hackers to access critical information.

The Seventh Rule: Ensure your bandwidth is up to the challenge

BYOD will mean people are using multiple devices for many different applications, some professional and some personal use.  Ensure your network is optimized and monitored accordingly, and bandwidth is adequate to support corporate email, file exchanges, music streaming, and the inevitable video streaming of employee's watching their nanny cam on their phone. Companies that follow these 7 simple rules will lay the foundation for the successful implementation of BYOD. It’s all about planning, controlling and managing the flexibility to maintain security, minimize cost and maximize choice.  Planning is key - much like Disaster Recovery Plans... and it seems to make more and more sense to use BYOD to supplement your DRP.