Mobile Device Backup - InformationWeek
Mobile // Mobile Devices
03:40 PM
[Dark Reading Crash Course] Finding & Fixing Application Security Vulnerabilitie
Sep 14, 2017
Hear from a top applications security expert as he discusses key practices for scanning and securi ...Read More>>

Mobile Device Backup

Android and Apple devices make backup a challenge for IT. Look to smart policy, cloud services and MDM.

InformationWeek Digital Supplement - August 2012
InformationWeek Green
Download the entire August 2012 InformationWeek digital supplement on mobile device backup, distributed in an all-digital format as part of our Green Initiative.
(Registration required.)

Mobile Device Backup

As smartphone and tablet use grows in companies, IT wrestles with how to back up sensitive data that might reside on these platforms. IT can't simply deploy a software agent for full backups as it would with PCs or laptops because of restrictions built into mobile operating systems. Mobile backups are also complicated by the fact that many smartphones and tablets are the property of the employee, not the employer--86% of respondents to InformationWeek's 2012 Mobile Security Survey say they allow or plan to allow employee-owned devices.

Those employee-owned devices are likely to be Apple or Android products. Our survey shows that 46% of respondents allow employee-owned Apple iOS devices to store corporate data, followed by 36% that allow Android 3.x and 4.x devices, and 28% that allow Android 2.x devices.

A feasible mobile backup plan should address both employee- and corporate-owned devices. While IT has more control over devices it deploys to users, many of the backup challenges are the same regardless of whom the device belongs to.

Put It In Writing

Start with well-defined policies that explain IT's responsibilities regarding corporate data on both employee- and IT-owned devices. On the technology front, consider cloud-based storage and synchronization services to back up essential corporate data, and look to mobile device management software that can provide the kind of fine-grained control necessary to enforce company policy on personal devices.

If you let employee-owned devices access company applications or data, make sure your mobile device policy clearly describes the requirements for access. IT's first reaction to the bring-your-own-device phenomenon may be to write separate policies for employee- and company-issued devices. That's the wrong approach, says Michael Finneran, an independent consultant and industry analyst (and InformationWeek contributor). "Our job is to make sure mobile users get access to the stuff they need securely, regardless of who owns the phone," says Finneran. "What level of security is required is defined by the organization, … and what users get access to is defined by their role."

Your policy should be just as clear about where IT's responsibilities lie regarding backups. IT has an obligation to back up company data and to take steps to do so. But IT doesn't have any obligation to protect an employee's personal information, files, applications, and other information, such as photos and videos.

Of course, separating personal and corporate data is really hard. A mobile device can quickly become a hodgepodge of business and private information. For instance, a phone's contact list could have personal and business contacts. Business documents saved as PDFs may be loaded into an e-reader app. Thus, your policy must make it clear that while IT isn't responsible for backing up your MP3 files or vacation photos, some personal data may be intermingled with corporate backups. Your policy must also address remote data wipes for just the same reason--personal data may be destroyed if a device is lost or stolen.

To read the rest of the article,
Download the August 2012 InformationWeek digital supplement.

Our full report on backing up Android and iOS devices is free with registration.

This report includes 15 pages of action-oriented analysis. What you'll find:
  • Pros and cons of cloud backup and sync services
  • Advice on policy and key MDM requirements
Get This And All Our Reports

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of IT Report
In today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll