The CIO comes to your IT manager's office with a shiny new iPhone or iPad, convinced that the device will make her more productive, reduce her need to lug a laptop around, and allow her to respond more readily to business critical issues (read: she thinks the phone is cool). This perfect storm of business synergism often comes with a clear and direct mandate for you to "make it work." Does this sound familiar? This is one of a hundred scenarios we face when confronting the mobility challenge.
If your organization doesn't have stringent security requirements, this might be a relatively simple task. If you work in a regulated industry, then the challenge level just went way up. Beware of opening the door to a few special cases, because that generally backfires. The exception made for your CIO transmogrifies the matter of mobile integration from "if" to "when," and the mob gets restless; here be dragons.
This article should be viewed as a starting point, a way to get your feet wet. I'll be covering the strategies more in depth in future articles. The primary task when first approaching mobility is to create a phased approach for integration. This will take some of the pressure off and give you some time to consider your long-term strategy for the organization by asking and answering some strategic questions around mobility. For example:
- How many employees, and business units does the company have? Knowing the total exposure can help you to determine the scale of potential solutions. Many employees will have multiple devices — the average is two.
- Location? Consider carefully the "standard issue" iPad for knowledge workers where carrier presence for data is weak. Avoid costly errors like sending a device to a place where 3G coverage is poor or getting gouged by local and international roaming charges.
- What are the security and policy requirements around other devices? Looking at a mobile device as "just another computer" is a dangerous position. Mobile is unique and should be managed differently. However, looking at existing policies around devices like laptops can provide precedent and assist with defining policies that match where possible.
- Is the company a candidate for an MDM solution? If you have just a few devices — 50 or less — and your organization isn't fettered with regulatory compliance issues, you can probably float by and manage the devices with more consumer-grade solutions. If you've got more devices or any sort of regulatory or security concerns, it's time to build your requirements and start shopping.
Preparation and planning
Consider iOS device security settings, mail access, syncing and back-up strategies, and the "Five W's" for the devices during use. Do you want device encryption enabled? What about iCloud? Will you allow users to backup devices to personal computers or maybe allow iTunes to be installed on your corporate computers? What about staff inadvertently backing up their personal iTunes library on the corporate server?
How will you handle securing data from a corporate device that gets wiped, only to find that the employee gets a new, personal device and restores corporate data from a backup on a personal computer? Do you have policies for this? What latitudes will you allow for personal iOS devices on your network? Will you attempt to dictate how users back up their personal devices at home? These are some of the key issues to look at ahead of roll-out, and we're just getting started...
Your answers to these questions should become draft policies for consideration. There are two reasons for this: It makes those C-level execs and managers take a closer look at their request to "make it work," and it gauges their resolve to support the matter on their end.Phase I: E-mail, calendar, and the cloud:
In your Phase I discussions, make sure the e-mail/calendar mechanism works as expected. Some platforms don't support full syncing with the native iOS mail client. Behaviors to watch for include messages sent from iOS device don't appear in sent message folders on thick clients or web mail. Symptoms in the calendar arena include appointments made on the device not syncing across properly or getting doubles. Just be sure that both work like you expect, or at least in a way that is tolerable.
Getting documents shared between desktop and the device can be a chore. The easiest way to implement this is to put a cloud in the middle. I consider e-mail, calendar, and cloud access to be the "killer apps" for mobile, and they should be part of your initial roll-out. Not only will it meet the majority of your users' needs, but it will get you about 60% to 70% down the road to true enterprise integration.
Some items to consider here are how users get cloud storage in the first place. Is the company going to provide an accessible cloud, or will employees float around on their own and use whatever they're most comfortable with? A "company cloud" supported by policies is generally the best option for business documents, since it gives the best monitoring, quota control, user auditing, and access control.
iOS-specific issues in cloud management include making sure that the reader apps can handle large documents. The first thing your executives are going to want to do is take those gigantic procedure manuals and turn them into gigantic PDFs to use on their iOS devices. Then come the requests to annotate, make notes, suggest changes, manage revisions, and so forth. Make sure your PDF and document reader app can keep up with larger documents.Phase II: Opening your own App Store:
What apps will you offer or recommend to staff? When pushing custom apps to workers, you won't want those floating around the iTunes App Store. You'll need to have an MDM solution in place for in-house app delivery. This is one of the primary drivers for iOS in the enterprise, and it's likely to become a pressing need once the devices become commonplace.
Specific iOS issues to tackle here center around the use of multiple Apple IDs to manage devices. When it's time to upgrade commercial apps, you have to put the proper Apple ID password into the device. If you've pre-populated a bunch of apps onto a device prior to roll-out with your Apple ID, then guess what? Yep, you get to share your password with the world.
A best practice here is to let everyone create an Apple ID using their corporate e-mail for corporate-owned devices — and use their personal Apple ID for personal devices. Or the same strategy can be used on the same device — using corporate IDs for business apps and personal for the rest.
This will be enough to get you started down the road to iOS integration. By covering these bases, you'll be far ahead of most of your contemporaries entering the space at the same time. These simple strategies and items to watch for can save you countless setbacks while trying to integrate iOS devices into your organization.