Mobile workers and road warriors are among the most expensive and difficult for IT departments to support, and the workers themselves often struggle with reduced functionality that hinders their productivity. Here are six technologies that can help bring some sanity to the process.
1. SprintSecure Laptop Guardian
This combo device was launched last week at Interop New York 2007 in partnership between Alcatel-Lucent and Sprint. In terms of enterprise manageability, the SprintSecure Laptop Guardian is extremely robust, although it's also a little bulky and cumbersome (see photo on the right). At the core, it is a beefed up PCMCIA card that connects to the Sprint Mobile Broadband network. However, it also contains its own CPU, its own 100-hour battery, and its own flash storage. As a result, the card continues to run even when the laptop is turned off. It also functions as a smart card for two-factor authentication, so if a user removes the card the laptop is unusable since the user can no longer log in.
The Laptop Guardian gives IT the kind of manageability that it normally only gets for desktops and laptops that are connected to the corporate LAN. Over-the-air and regardless of whether the laptop is powered on or off, IT can get complete status updates of the OS, apps, usage, and policy enforcement. IT can also push software updates, change policies, do a remote-wipe, and/or remotely lock-down the data on the machine. The card even includes GPS so that IT can pinpoint the location of the laptop at any time, which can especially useful if it is stolen.
The things to keep in mind about this product is that it only works with Sprint Mobile Broadband and it invokes a very stringent set of security and manageability principles upon the user, which could be a significant cultural change for some road warriors. Of course, the increased manageability also means that IT can provide better and faster support to the laptop when issues arise. The product also includes a transparent VPN client, so there is no software to run for the end user and the laptop is always connected to the corporate WAN. See the online demo of SprintSecure Laptop Guardian for more.
2. Microsoft Mobile Device Manager 2008
Last week at the CTIA fall conference in San Francisco, Microsoft announced the Mobile Device Manager 2008 for the Microsoft System Center. The idea here is to give IT better manageability over its growing fleet of smartphones and to give smartphone users better and more secure access to corporate data and line-of-business applications.
The product won't be released until the first half of 2008, but some of the prominent features will include:
- Full device encryption
- Ability to join Active Directory domains
- Over-the-air (OTA) software deployment
- Mobile VPN
- OTA provisioning
- OTA device wipe
- OTA disabling of camera, Bluetooth, WLAN, and more
- Application allow and deny
Microsoft is "trying to turn the smartphone into more of a laptop-like device that can be fully managed and centrally controlled and secured," said Rob Enderle, principal analyst of the Enderle Group. "This makes the mobile phone more of a corporate asset than a security liability."
3. BlackBerry Enterprise Server
The primary competitor to Mobile Device Manager 2008 is BlackBerry Enterprise Server. Actually, it's the other way around. BES is an established product that already has much of functionality that Mobile Device Manager 2008 is developing. The difference, of course, is that BES manages BlackBerry smartphones while Microsoft Mobile Device Manager will handle smartphones based on Windows Mobile.
However, on the back-end, BES servers can integrate with Microsoft Exchange, Lotus Domino, or Novell GroupWise, while Mobile Device Manager 2008 is tethered to Exchange. For those that are jumping on the Microsoft bandwagon for unified communications (UC), BES can also integrate with Office Communicator and Live Communications Server (and its successor Office Communications Server).
BES provides end-to-end encryption of data, OTA security policies, role-based and group-based administration and deployment, and a centralized management console for BlackBerry devices. While BlackBerry is best known for its mobile e-mail capability, with its Mobile Data System (MDS) applications, BES can also provide a mobile platform to wireless extend business applications. Many of the applications can even be deployed over-the-air. The graph below shows a diagram of MDS in action.
4. Network Access Control
Network Access Control (NAC) is not a product but a security framework for dealing with mobile laptop users who have intermittent connections to the corporate WAN and therefore often have out-of-date patches and updates, unauthorized software, and/or spyware and malware issues. When these laptops reconnect to the corporate LAN or WAN they can introduce malware to the network. That's where NAC comes in. NAC scans machines before allowing them to join the network and uses standard policies to check for irregularities. If a machine doesn't meet the network's security requirements it is put into quarantine and either automatically updated until it meets minimum requirements or given reduced privileges and access until an IT administrator can deal with it.
This technology should really be at the top of this list; however, since its broad launch by multiple vendors in 2006 it has received only tepid interest from IT departments. The lack of interest is due to in large part to the lack of standardization in the industry. Cisco has its own version called Network Admissions Control. Microsoft has its version called Networks Access Protection. There's also the Trusted Network Connect (TNC) specification, which is an open source implementation of NAC. Then you also have vendors such as LANDesk, Juniper, and Symantec that have their own NAC products or integrate NAC-like functionality into existing products. While multiple vendors have worked on interoperability, the real momentum for NAC isn't likely to begin until there is an industry standard. Nevertheless, it's worth considering as a tool to help manage mobile users.
5. Riverbed WAN acceleration
One of the hottest products in the enterprise mobility market has nothing to do with smartphones or laptops - although it can be a huge asset to both of them. The product is the Riverbed Steelhead appliance for accelerating data transfers and application performance over the WAN, and it has grown from a handful of deployments back in 2004 to 10,000 unit deployments in 2007.
Using its own Riverbed Optimization System (RiOS), the Linux-based Steelhead appliances work as transparent caching devices that allow enterprises to avoid redundantly transferring the same data over and over again. Instead, only the latest changes to the data are transferred over the WAN, and the result is the experience of LAN-like transfer speeds over the WAN. The graph below shows the multiples of accleration that Riverbed says its customers can expect.
Now, in addition to the standard WAN product (aimed mostly at branch office acceleration), Riverbed also offers Steelhead Mobile, which can be installed on laptops and provide direct acceleration for mobile users.
One of the strengths of the Steelhead products is that companies don't have to rip out a bunch of equipment and replace it. They typically just drop in the Riverbed appliances between their routers and switches, and install the mobile client software on the laptops where they want to accelerated performance. Cisco and Juniper are hot on Riverbed's heels in the WAN acceleration market, but neither of the two networking giants nor the rest of the networking industry has been able to catch Riverbed yet.
6. Verizon Wireless Field Force Manager
Using a combination of GPS, a Web-based application, and a mobile handset application, Field Force Manager from Verizon Wireless provides businesses with a system to track and dispatch remote and mobile workers. The software includes rich GPS mapping, job scheduling and dispatch, driving directions for employees, fleet maps, location directory, electronic timecards, worker status indicators, data capture and collection, and exception alerts.
Clearly, this solution is applicable to a specific set of organizations that have mobile workers out in the field as part of their core business, and is aimed at solving the challenges associated with that business scenario. Specifically, the goals are to increase response time to customer inquiries, reduce paperwork and phone calls, and increase worker productivity and efficiency.
This type of system would typically be very expensive to purchase and deploy. However, Verizon offers it as an end-to-end service with three tiers of functionality and businesses pay per handset. For more, check out the online demo of Field Force Manager.
Which of these technologies could have the biggest impact on how you manage your mobile workers? Join the discussion.
Jason Hiner has nothing to disclose. He doesn't hold investments in the technology companies he covers.
Jason Hiner is Global Editor in Chief of TechRepublic and Global Long Form Editor of ZDNet. He writes about how technology is changing the way we live and work in the 21st century. He's co-author of the book, Follow the Geeks.