Enterprise Security Policies for Mobile Device Backup and Restore - dummies

Enterprise Security Policies for Mobile Device Backup and Restore

By Rich Campagna, Subbu Iyer, Ashwin Krishnan, Mark Bauhaus

The storage of enterprise data and intellectual property on the mobile devices makes the ability to back up and quickly restore the devices to an operational state paramount. Both the critical tasks of backup and restore are your responsibility. To make this process as painless and automatic as possible for both you and your users, you need to establish a set of policies that should be adhered to religiously.

You should look at backup and restore policies from these two viewpoints:

  • Recommended policies for user-owned devices for backup and restore

  • Mandated policies for enterprise-issued devices for backup and restore

    Categorizing backup and restore policies.
    Categorizing backup and restore policies.

Here are the key tenets to pass on to mobile device users in your enterprise for employee-owned device backup and restore:

  • Schedule periodic backups of your mobile device with your desktop, laptop, and/or remote servers.

  • For extended removable media, such as SD cards, ensure that these are backed up separately (in case your device backup software doesn’t do this automatically).

  • When the device needs to be restored to a previous known configuration, identify a known previous backup and initiate the restore procedure. This backup might be locally stored in your data center or with an outsourced service such as Carbonite.

As is evident, these are very generic policies, and the aim for you is to provide them as a rule of thumb. Your guidance can prompt your employees to capitalize on any additional bells and whistles that a particular device or OS vendor may provide.

For instance, the BlackBerry Protect application, allows BlackBerry users to set backup options, including using the network interface they are on to decide whether to back up.

My BlackBerry Protect.
My BlackBerry Protect.

For the iPhone, the backup and restore application is built into iTunes. The user has little to do besides plug the iPhone into the computer regularly, and the backup happens automatically. Restore is also a very straightforward operation using iTunes. The user can open iTunes and select the Restore from Backup option.

iPhone backup and restore capabilities.
iPhone backup and restore capabilities.

For the Android, users have several options, including apps, service provider services, and connecting to a computer and working with folders in Windows Explorer. Also, some of the data (Gmail and other Google stuff) is automatically backed up in the cloud.

Here are the key tenets for corporate-issued mobile device backup and restore policies that you would convey to users at your company:

  • The data on your mobile device is automatically backed up when you connect to the network. This data includes any personal information you may store on the device.

  • Tampering or interfering with this backup may result in confiscation of the mobile device.

  • Notify the IT department right away if your device is lost or stolen.

  • The use of removable media is highly discouraged. As the name suggests, the media can be removed and, therefore, cannot be guaranteed to be backed up.

  • Disabling or crippling the mobile device backup agent running on the device is prohibited and may result in confiscation of the mobile device.

For disaster recovery and multilevel backup of the storage servers that are used for mobile device data backup, the mobile device backup archives should be treated equivalently to the existing laptop and desktop backup server policies you have in place.