First we need to clarify what Disaster Recovery means. In every company a plan, which states what you should do if the IT Infrastructure is attacked, needs to exist.
This so-called Disaster Recovery Plan, contains information and advised actions which should minimize the disruption of daily operations, limit damage and with this minimize the economic impact of the interruption.
The Disaster Recovery Plan also contains alternative means of operation and how the employees and management should act. Finally there is also a section to state which actions need to be done to resume to the former state of operations.
A Disaster Recovery Plan is very important, so you should check this article out, if you haven’t got one yet: How to begin with a Dissaster Recovery Plan
In our article however we want to focus on Mobile Device management and how it fits into the Disaster Recovery Plan. Especially important is the idea of limiting damage to the company.

How to include MDM in Disaster Recovery

A Mobile Device Management Systems’ goal is to provide a security infrastructure to list, manage and secure all mobile devices a company has. Because of this, an MDM is already a very important part of the security infrastructure of any company. (how exactly an MDM helps with building an IT-Security Infrastructure, you can read here: MDM and Zero Trust)

Because mobile devices are popular targets for attacks on IT Infrastructures, they need to be included in disaster recovery plans.
First of all, Employees need to be educated on the dangers that can compromise security. For example Fake-SMS (so-called Smishing), which might be used to get access to the company network. Overall, the most important thing is to shield the company network, resources and information from access from outsiders.

A Data recovery Plan should thus contain an own section, for Mobile Device Specific issues. In this section you need to include:

• How does an employee notice that an outside force was gaining access? Or that the security was compromised?
• Which steps do they need to take? (e.g. calling the admin, turning the phone off, disconnecting from company WifI etc.)
• Can they do anything else to minimize the possible damage?

Of course, prevention is key. But even with a great IT-Risk prevention strategy you need to have a Disaster Recovery Plan.

Which MDM features are especially useful when it comes to disaster Recovery?

An MDM provides you with many features. Most of them aim to simplify the way to manage the devices, e.g. the remote installation of apps. But there are some that were specifically designed to help in case of Security breaches and risks, so let’s look into these.
If you notice that a device was lost or stolen, you can enable the “Lost Mode”. With this, data that is on the device cannot be accessed by a third party.
By keeping the internet connection, you can wipe the device remotely and thus basically cut it off from the company.
(Don't worry though - if you should find it again later, you can easily enroll it to the MDM again)

MDM is more about protection than attack. That means in case you notice any compromising issue, you can take measures to protect the devices.
It is always useful to start with a list of possible threatening scenarios, which can occur in your company, e.g. if devices are carried around and they could potentially log into unsecured Wifis. Write down for each scenario, how the employee in question can prevent it, but also what kind of technical measures you plan to do for prevention. At the last step, write down how you plan to act in case of an emergency or threat.

Don’t invite Disaster in

Unlike an uninvited guest, whom you need politely ask to leave, you can actually prevent disaster from entering your company by using a few MDM features, such as:

1. Violations, which let you define what a breach of security is and which commands the MDM should send.
   You can define for example that if an employee tries to root the device, that the device is automatically locked and the admin informed.
2. Define Save Wifis: A device would not be able to connect to a foreign or unsecured WiFi, which is especially important if the employees frequently send important data to each other.
3. Prevent SMS and private email accounts: Though mobile devices are less prone to viruses, they can fall prey to spyware as well. For example when an employee opens a Phishing - SMS or a suspicious link via their private email account, which they might also use for shopping or online games. To prevent this, you should disable SMS reception as well as forbid private email accounts on work devices.

Disaster Recovery with MDM in a nutshell

In conclusion, you can use a lot of MDM features to modify the many settings and ways to use a mobile device and thus prevent Security disasters from the start. Should a Security Breach occur you can use features like the Lost Mode or Lock Device to prevent access to the company network via mobile devices.
Via broadcast function you can inform the employees about the breach and let them know what to do next.

Did you like our blogarticle? Why not follow us on Social Media: Instagram and LinkedIn.