Laptops

Sanity check: Six technologies to enhance mobile workers and take the pain out of managing them

Mobile workers and road warriors are among the most expensive and difficult for IT departments to support, and the workers themselves often struggle with reduced functionality that hinders their productivity. Here are six ways to bring some sanity to the process.

Mobile workers and road warriors are among the most expensive and difficult for IT departments to support, and the workers themselves often struggle with reduced functionality that hinders their productivity. Here are six technologies that can help bring some sanity to the process.

1. SprintSecure Laptop Guardian

This combo device was launched last week at Interop New York 2007 in partnership between Alcatel-Lucent and Sprint. In terms of enterprise manageability, the SprintSecure Laptop Guardian is extremely robust, although it's also a little bulky and cumbersome (see photo on the right). At the core, it is a beefed up PCMCIA card that connects to the Sprint Mobile Broadband network. However, it also contains its own CPU, its own 100-hour battery, and its own flash storage. As a result, the card continues to run even when the laptop is turned off. It also functions as a smart card for two-factor authentication, so if a user removes the card the laptop is unusable since the user can no longer log in.

The Laptop Guardian gives IT the kind of manageability that it normally only gets for desktops and laptops that are connected to the corporate LAN. Over-the-air and regardless of whether the laptop is powered on or off, IT can get complete status updates of the OS, apps, usage, and policy enforcement. IT can also push software updates, change policies, do a remote-wipe, and/or remotely lock-down the data on the machine. The card even includes GPS so that IT can pinpoint the location of the laptop at any time, which can especially useful if it is stolen.

The things to keep in mind about this product is that it only works with Sprint Mobile Broadband and it invokes a very stringent set of security and manageability principles upon the user, which could be a significant cultural change for some road warriors. Of course, the increased manageability also means that IT can provide better and faster support to the laptop when issues arise. The product also includes a transparent VPN client, so there is no software to run for the end user and the laptop is always connected to the corporate WAN. See the online demo of SprintSecure Laptop Guardian for more.

2. Microsoft Mobile Device Manager 2008

Last week at the CTIA fall conference in San Francisco, Microsoft announced the Mobile Device Manager 2008 for the Microsoft System Center. The idea here is to give IT better manageability over its growing fleet of smartphones and to give smartphone users better and more secure access to corporate data and line-of-business applications.

The product won't be released until the first half of 2008, but some of the prominent features will include:

  • Full device encryption
  • Ability to join Active Directory domains
  • Over-the-air (OTA) software deployment
  • Mobile VPN
  • OTA provisioning
  • OTA device wipe
  • OTA disabling of camera, Bluetooth, WLAN, and more
  • Application allow and deny

Microsoft is "trying to turn the smartphone into more of a laptop-like device that can be fully managed and centrally controlled and secured," said Rob Enderle, principal analyst of the Enderle Group. "This makes the mobile phone more of a corporate asset than a security liability."

3. BlackBerry Enterprise Server

The primary competitor to Mobile Device Manager 2008 is BlackBerry Enterprise Server. Actually, it's the other way around. BES is an established product that already has much of functionality that Mobile Device Manager 2008 is developing. The difference, of course, is that BES manages BlackBerry smartphones while Microsoft Mobile Device Manager will handle smartphones based on Windows Mobile.

However, on the back-end, BES servers can integrate with Microsoft Exchange, Lotus Domino, or Novell GroupWise, while Mobile Device Manager 2008 is tethered to Exchange. For those that are jumping on the Microsoft bandwagon for unified communications (UC), BES can also integrate with Office Communicator and Live Communications Server (and its successor Office Communications Server).

BES provides end-to-end encryption of data, OTA security policies, role-based and group-based administration and deployment, and a centralized management console for BlackBerry devices. While BlackBerry is best known for its mobile e-mail capability, with its Mobile Data System (MDS) applications, BES can also provide a mobile platform to wireless extend business applications. Many of the applications can even be deployed over-the-air. The graph below shows a diagram of MDS in action.

4. Network Access Control

Network Access Control (NAC) is not a product but a security framework for dealing with mobile laptop users who have intermittent connections to the corporate WAN and therefore often have out-of-date patches and updates, unauthorized software, and/or spyware and malware issues. When these laptops reconnect to the corporate LAN or WAN they can introduce malware to the network. That's where NAC comes in. NAC scans machines before allowing them to join the network and uses standard policies to check for irregularities. If a machine doesn't meet the network's security requirements it is put into quarantine and either automatically updated until it meets minimum requirements or given reduced privileges and access until an IT administrator can deal with it.

This technology should really be at the top of this list; however, since its broad launch by multiple vendors in 2006 it has received only tepid interest from IT departments. The lack of interest is due to in large part to the lack of standardization in the industry. Cisco has its own version called Network Admissions Control. Microsoft has its version called Networks Access Protection. There's also the Trusted Network Connect (TNC) specification, which is an open source implementation of NAC. Then you also have vendors such as LANDesk, Juniper, and Symantec that have their own NAC products or integrate NAC-like functionality into existing products. While multiple vendors have worked on interoperability, the real momentum for NAC isn't likely to begin until there is an industry standard. Nevertheless, it's worth considering as a tool to help manage mobile users.

5. Riverbed WAN acceleration

One of the hottest products in the enterprise mobility market has nothing to do with smartphones or laptops - although it can be a huge asset to both of them. The product is the Riverbed Steelhead appliance for accelerating data transfers and application performance over the WAN, and it has grown from a handful of deployments back in 2004 to 10,000 unit deployments in 2007.

Using its own Riverbed Optimization System (RiOS), the Linux-based Steelhead appliances work as transparent caching devices that allow enterprises to avoid redundantly transferring the same data over and over again. Instead, only the latest changes to the data are transferred over the WAN, and the result is the experience of LAN-like transfer speeds over the WAN. The graph below shows the multiples of accleration that Riverbed says its customers can expect.

Now, in addition to the standard WAN product (aimed mostly at branch office acceleration), Riverbed also offers Steelhead Mobile, which can be installed on laptops and provide direct acceleration for mobile users.

One of the strengths of the Steelhead products is that companies don't have to rip out a bunch of equipment and replace it. They typically just drop in the Riverbed appliances between their routers and switches, and install the mobile client software on the laptops where they want to accelerated performance. Cisco and Juniper are hot on Riverbed's heels in the WAN acceleration market, but neither of the two networking giants nor the rest of the networking industry has been able to catch Riverbed yet.

6. Verizon Wireless Field Force Manager

Using a combination of GPS, a Web-based application, and a mobile handset application, Field Force Manager from Verizon Wireless provides businesses with a system to track and dispatch remote and mobile workers. The software includes rich GPS mapping, job scheduling and dispatch, driving directions for employees, fleet maps, location directory, electronic timecards, worker status indicators, data capture and collection, and exception alerts.

Clearly, this solution is applicable to a specific set of organizations that have mobile workers out in the field as part of their core business, and is aimed at solving the challenges associated with that business scenario. Specifically, the goals are to increase response time to customer inquiries, reduce paperwork and phone calls, and increase worker productivity and efficiency.

This type of system would typically be very expensive to purchase and deploy. However, Verizon offers it as an end-to-end service with three tiers of functionality and businesses pay per handset. For more, check out the online demo of Field Force Manager.

Your take

Which of these technologies could have the biggest impact on how you manage your mobile workers? Join the discussion.

About

Jason Hiner is the Global Editor in Chief of TechRepublic and Global Long Form Editor of ZDNet. He is an award-winning journalist who writes about the people, products, and ideas that are revolutionizing the ways we live and work in the 21st century.

19 comments
jpollard
jpollard

recent announcement embedding MobiNET/MobiKEY technology onto a Novatel USB modem .. secure access to your desktop OR to a given end point. with 400 laptops you have everything you need with built in management!!

femijumo
femijumo

IT IS ALRIGHT BUT THE COST IMPLICATIONS MUST BE CONSIDERED.LIKEWISE THERE CAN NEVER BE A PERFECT TECHNOLOGY.

Foxfur
Foxfur

A very thoughtful comeback! I'll bet that with your attitude, you close many more deals than most of your coworkers do... Right on Justin! Steve (Not a salesman for anything except the 2nd Ammendment!)

18th Letter
18th Letter

What about Citrix? Doesn't applications like Citrix enhance mobile workers? This article is not comprehensive at all.

msbeach
msbeach

Any open source solutions?

DaveMarriage
DaveMarriage

Unfortunately I have AT&T, but the GOOD Mobile Messaging seems to be decent. Like someone else said, same idea as 2 and 3.

david.black
david.black

Of course, you don't work for Riverbed do you? Or resell their product? And you're a "systems engeineer?" Yeah, right.

maus_69
maus_69

To me, #2 & 3 are the same (just competing products). I had never heard of Steelhead so the post was worthwhile for me!

jagannathan.d
jagannathan.d

simply excellent!! Anyone who still finds it hard with mobile workers.....cant be in competition. Jagannathan.DDR.

amitatnirma
amitatnirma

Hmm really a good option to monitor and control as well as facilitate the mobile employees as well as IT professionals who work from home or remote client locations

hlhowell
hlhowell

IT is a service to field operations, not a management function over field operations. I have been a developer, and a field engineer, and I watched as my job became more and more difficult as the "IT" service became "Iformation Management", and they had no idea what information I needed or how I got it, and how the market was changing. The more you "lock down" access, the less productive the field and marketing for your company will be. The less you lock it down the more risks you will have, I acknowledge that. However, the idea of managing the field (or even the in house folks in engineering marketing and sales) will limit your company's access to global information, limiting their capabilities, and reducing your company's effectiveness in the global market place. This is a fine line that needs careful attention, and not just "Here is a technique that I have found to limit access and see how secure my network is." Think about it. Regards, Les H

pmolina
pmolina

Salesmanlingoitis is a serious problem in the US. Rather than making fun of the afflicted, won't you help by considering a small donation to the cause? Go to www.salesmanlingoitis.org. The person you help may be you someday!

rdcpro
rdcpro

These items may improve manageability of mobile users, but it's hard to see how they will enhance mobile use. For that I would turn to products like Colligo, which can synchronize documents in a SharePoint library to a laptop, so the mobile worker can have access to them whether or not they are connected to the WAN. The hours a mobile professional spends in the air are wasted if the technology depends on a WAN link. The laptop component of Riverbed begins to approach that, but caching content is only a small part of the answer--they need full fidelity access to the resources they depend on when they're in the office. If you can give them THAT, you'll be enhancing your mobile workforce. As IT departments, we should always be looking for ways to increase our customer's productivity, not just our own. Regards, Mike Sharp

blarman
blarman

Until a product is out (Microsoft Management Center) there is nothing to evaluate. Don't classify it as a solution alongside existing (and working) products. Also, stick to actual products that IMPLEMENT ideas. NAC isn't a product: find a product that uses NAC and preview it! Article should have been titled "4 useful products and some other stuff the blogger threw in for the heck of it".

jasonhiner
jasonhiner

You mentioned that tight security means less productivity and less competitiveness. That's true in many cases, and I understand where you're coming from, as you probably know if you've read my post "Sanity check: The six consumer technologies that are destroying traditional IT" [http://blogs.techrepublic.com.com/hiner/?p=548] That said, there are job roles and certain industries that require tighter security and tighter central control (i.e. government, banking, and health care). There are other industries that require better control and audits because of compliance and regulation issues. Everyone else needs to find the balance that fits with their corporate culture and goals.

dmcaplan
dmcaplan

I started out normalizing data entry functions across 4 partner sites/8 counties, and have now found myself responsible for the mobile workforce that is entering the data in those 8 counties/4 partner sites. Now I'm just trying to find the best way for them to work while dealing with territorial parter site IT staff and highly variable cell phone/internet connectivity (we serve a number of rural areas). I'm in the odd position of essentially dictating required services, but only having "input" into field operations. Next time I swear I won't take a job with a state agency!!

jasonhiner
jasonhiner

You bring up a good point. I meant to mention a few more of the user benefits. For example, with the Sprint solution the user benefits from not having to search for Wi-Fi hotspots as much because of having Sprint Mobile Broadband, plus the user doesn't have to fire up a software VPN client. With BES and the Microsoft mobile server, the user gets better support from IT and better access to line-of-business apps. The Steelhead solution gives users much better performance when working remotely. The Verizon solution for field workers improves efficiency and communications for users.