Backup: Don’t forget cell phones used for work


Some organizations’ important data may be going unprotected if an application on someone’s mobile device creates it and then it sits there without being backed up. If the device is lost or stolen, the data is gone.

You might think it’s easy to solve this problem by installing a backup app on the phone and using it. Unfortunately, it’s not that simple.

The security models of Android and iOS devices allow each application to see only the data created by that application; therefore, you cannot install a backup application and have it back up data of other applications. The only way around this is to root the phone, but that’s a problem if the employee is using their personal phone for work. Most people are uncomfortable rooting their phone, especially just to satisfy their boss’s backup needs.

This is why each application needs to either store the data it creates in the cloud or synchronize it with the cloud. Any problem doing so needs to be reported to someone who can fix it. Backup of mobile device data can be problematic, so it’s crucial that someone is making sure it happens.

Physical sync

One option that some pelople still use is syncing a phone to another device like a laptop and then backing up that device. This is less-than-optimal, starting with the fact that the user has to remember to do it, which means it won’t happen very often, if ever. And from an IT perspective, there is no control over the process, so there’s no good reason for an IT department to adopt it.

Mobile device backup

There are services and software that specialize in backing up mobile devices. The challenge with them is they typically can access only the core apps on iOS or Android devices. That makes this an unviable option for corporate users trying to back up data created on the devices by business apps.

Cloud sync

The most common way people back up mobile devices is to make sure they use only apps that sync their data to the app vendor. That’s better than nothing, but you still need to be careful.

Look for software that provides centralized notification of each user’s synchronization status. That way if a sync fails, action can be taken to correct it so the data they’ve created doesn’t exist only on the mobile device.

Since the phone is only a cache, the cloud copy is really the only copy so it needs to be backed up. Commercial apps designed for enterprise use should be able to do that.

Mobile device management (MDM)

Mobile device management is the option that most organizations prefer if there is corporate data on a device. Corporate apps where a user would create data run inside or on top of the MDM app, which controls what happens to the data. This includes encrypting it while it’s stored on the phone and replicating it to a central location to be protected using other means.

An MDM-based system will also allow remotely deleting any corporate data from a device. This way the data itself is protected from a backup perspective, and it’s protected from theft via the remote-wipe concept.

The app then controls what happens to that data, which includes encrypting it when it is stored on the phone and replicating it back to a central location to be protected using other means. An MDM-based system will also allow you to remotely delete any corporate data from a device that has it. This way the backup protects the data itself, and it’s protected from theft from the device via remote-wipe.

Mobile devices creating data important to you must be backed up. If done via a custom app that syncs to the cloud or an MDM solution, the disruption to the end user should be minimal. Make sure your entire organization isn’t disrupted by failing to deal with this problem. Remember, ransomware often targets mobile devices.

Copyright © 2023 IDG Communications, Inc.



Source link