Moreover, Bailey and others say, workers have to be accustomed to using smartphones and tablets for daily tasks before a disaster strikes. Executives shouldn't assume that workers will be able to easily switch from their regular desktop habits to working on their handhelds. Nor should they expect workers to learn on the fly how to use a VPN to access corporate systems from their home computers. And even if they could, let's face it: Working on a smartphone or tablet doesn't match the ease of working with a desktop's full-size keyboard and screen.
Of course, all this talk presupposes that corporate systems will remain up and running during a disaster. If they don't, that's a whole other ballgame.
"If you have a data center that gets wiped out, it doesn't matter if you have mobile devices," Bailey says.
With that in mind, IT needs to understand the role mobility plays in keeping a business running as it plans its back-end recovery efforts, making it a priority to restore the servers that support mobile device management and applications that enable mobility, Nocera says.
"It's knowing where those applications are being served up and making sure you have them covered in your recovery plan," he says.
More CIOs are bumping that up the priority list.
Buddy Cox, executive vice president and CIO at Houston-based Cadence Bancorp, is seeing that firsthand. According to industry statistics, 18 million people bank via mobile devices today, and that figure is expected to grow to 50 million by 2015. Faced with those kinds of figures, along with workers' changing work styles, he says he's enabling more mobile devices to handle a growing number of mission-critical applications.
"We looked at what our customers and [employees] need to access in an event, from minor interruptions to catastrophic ones. And we know who carries iPads or iPhones and what options we have," he says, explaining that his disaster-recovery plans also include regional recovery sites where employees can work. Those sites even have satellite-based communications systems.
But, for now, experts agree: Mobile isn't a panacea, but rather one piece of what should be a multilayered approach that also includes land-based connections, alternative office sites and some redundant systems.
"We haven't gotten to the state where [we can] just fail over to mobile devices," says Dan Waddell, senior director of IT security at eGlobalTech, an IT consultancy in Arlington, Va., and a member of the board of the International Information Systems Security Certification Consortium. "They should be considered, but they should not be the only option."a
Pratt is a Computerworld contributing writer in Waltham, Mass. Contact her at marykpratt@verizon.net.