This article is courtesy of TechRepublic Premium. For more content like this, as well as a full library of ebooks and whitepapers, sign up for Premium today. Read more about it here.
Mobile device usage is going through the roof, bringing major new challenges for enterprise IT. Here's a look at what tech leaders and executive management must do to deal with the fallout.
Gartner’s prediction for 2014 is that 65% of all phones purchased will be smartphones, increasing to 82% by 2017. It predicts that Android will remain the dominant mobile operating system with a 75% market share, followed by Apple; and then Microsoft, which will have a projected 12% of the market.
Throughout enterprises, smartphones and tablets have become devices of choice for many users. These devices have flourished in an atmosphere of BYOD (bring your own device). In many cases, they are being used for both business and personal applications.
The confluence of business and personal use on a single mobile device has created new security and application design and deployment challenges for corporate IT, which historically has been able to presume that enterprise computing devices will be hardware dedicated solely to company applications and use.
Enterprises that also have an e-commerce presence, or other needs to communicate over mobile with worldwide customer bases, also must be in position to support corporate applications on potentially hundreds of different mobiles devices.
Enjoying this article?
Download this article and thousands of whitepapers and ebooks from our Premium library. Enjoy expert IT analyst briefings and access to the top IT professionals, all in an ad-free experience.Join Premium Today
This creates several new inflection points that IT must respond to:
- New security for mobile computing must be designed for a broad number of both personal and professional circumstances.
- Applications must be designed and deployed to run on mobile devices as corporate secured applications, even though the devices are also used personally.
- New approaches to IT infrastructure for the collective management of mobile devices—and their security—must be adopted.
- More than ever, the end user experience (EUE) must be factored into the design of every mobile application.
Mobile device security
In May 2013, Kaspersky Labs Chris Doggett, senior vice president, North America, said, “Mobile platforms, for a lot of [malware] attackers, represent a new target-rich environment."
Malware attacks take aim at virtually every smartphone and tablet on the market, including Android, Linux, Windows, and Mac iOS. Accordingly, enterprises are moving to install malware protection on mobile devices and to regularly audit their mobile devices for malware. In some cases, the malware fight extends to subscribing to cloud-based solutions that monitor internet-wide websites, identifying those most likely to pass off malware—as well as monitoring both mobile and desktop computing that company users are employing to access these sites. It gives IT an opportunity to contact the users and to lock out the websites.
Besides being malware targets, mobile devices also get lost or misplaced. In 2011 alone, $30 billion worth of mobile devices were lost. Among the common places they were lost were offices and coffee shops. To address the possibility of mobile devices being lost or misplaced, enterprises are installing data encryption on the devices, along with robust user authentication and password controls and even biometrics that identify rightful users through voice recognition, facial recognition, or fingerprint scans. Many enterprises also use software in the data center to track mobile devices and to shut them down when they are reported lost.
IT is also wrestling with what position to take when users download software from third parties not authorized by IT onto personally owned mobile devices that they also use for business. It can become untenable to declare this software off limits when the enterprise does not own the device.
To insulate enterprise IT assets from the introduction of unwelcome third-party applications and viruses or malware that user-owned mobile devices might carry, many IT departments are using secure gateways for mobile access into the enterprise. In 2014, we can also expect more companies to migrate to an approach of containerizing applications on employee BYOD devices—a security methodology that segregates enterprise applications and facilities from their non-enterprise counterparts and prevents leakage of corporate data to the “outside” by partitioning it off from personal data.
It also makes the containerized enterprise data eligible for wiping and enables other enterprise data protection techniques intended to safeguard corporate information when it is in jeopardy. For example, Mitsubishi Motors North America opted to containerize its corporate assets (email, contacts, calendaring, etc.) on BYOD devices, in effect creating an additional layer of security protection between business and personal applications.
Mobile application design and deployment
The concept of containerizing areas on mobile devices is also playing an expanding role in mobile application planning, design, and deployment.
“With the transition to mobile applications in enterprises, companies want to take advantage of containerization,” said Jonathan Dale, director of marketing for Fiberlink, an IBM Company. “In the course of this, they are asking themselves several questions. First, they are evaluating which existing enterprise applications that they want to leverage by deploying them on mobile devices. Second, they are asking themselves from the security and best practice standpoints how they are going to provide a mobile environment that can accommodate both enterprise and public applications.”
Dale gives the example of a business user who is riding to work on the train and wants to work on a company report that was emailed to him. The user takes out his tablet and accesses the report, which is stored on his device in an authorized — and safe — enterprise container that is resident on his device. He can open and edit this report while en route, save it, and even email it out. This combination of a non-leak “corporate” container for business documents and a document retrieval and storage procedure that is practiced by end business users enhances security in the mobile environment.
Revisions to IT infrastructure for mobile
Beyond containerization, application deployment on mobile devices requires improvements to enterprise IT infrastructure. Among these improvements are:
- New definitions on what application libraries mean in data centers.
- New edge technology that can monitor application performance on mobile devices and push out new application revisions and operating system updates to many types of mobile devices. The technology uses a mobile device application distribution process built on automation that detects the correct versions of operating systems and software to be distributed to individual mobile devices in the field.
- Internet monitoring (often through cloud services) that detects outside security threats to mobile devices before they occur and enables IT to preempt the threats before they become issues.
- Automation breakthroughs that will enable developers to build software for mobile platforms by simply selecting an icon on a computer display that represents the underlying hardware platform (like an Apple iPhone) that the software is to run on. The automation generates all the underpinnings needed for the application, allowing the developer to focus on the top-level app only.
One of the most significant mind shifts is in application administration in the data center and the adaptations it makes for mobile devices. Last year, a Gartner press release made this prediction: "By 2017, 25 percent of enterprises will have an enterprise app store for managing corporate-sanctioned apps on PCs and mobile devices." It said that in-house app stores will give enterprises “greater control over the apps used by employees, greater control over software expenditures and greater negotiating leverage with app vendors," but added that wide adoption would be necessary to achieve that control.
The bottom line is that policy development is likely to share equal billing with technology advances for mobile devices. In enterprises, it means that you’re welcome to bring your own mobile device, but that caveats are likely to be made as to which public apps you can download in addition to the enterprise apps that are now likely to come to you from the enterprise’s own “app store.”
A new focus on the end user experience
The other major impact on enterprise application development is the growing importance of an excellent end-user experience. A positive end-user experience is vital for customers (who will abandon the company’s e-commerce website if they are dissatisfied with wait times or navigation options) and for enterprise users, who have come to expect that their devices will operate as they want them to.
For the enterprise application development group, this transforms app building in three major ways:
- Human-factors engineering (i.e., ease of use) becomes as important to an app as its root functionality.
- End-user app prototyping and app quality assurance (QA) checkouts become so indispensable that they transform traditional QA testing and app acceptance tests.
- The network group takes an active role in application performance management (APM).
To facilitate these emerging trends and practices, application design, development, and testing must become a broader discipline that engages end users much earlier in the app process (such as in early app prototyping and modeling). Forward-thinking enterprises are also revising their internal QA functions to include a new level of QA that is oriented toward ease of use of the app. Finally, it is not enough that an app processes rapidly during corporate QA testing that is done at headquarters. Today, internet monitoring services and network edge monitoring methods can extend visibility of app performance beyond enterprise walls so that companies see not only how an app is performing for an end user in New York, but what its performance is like for an end user in Zambia.
This expanded view of app performance is new territory for most app developers, whose noses have stayed close to the ground with a focus on troubleshooting bugs in software code and little focus on what happens to an app beyond its traditional boundaries. Consequently, this shift toward the end-user experience on mobile devices is a major sea change that development managers and others corporate data centers are grappling with. In some cases, there have already been organizational revisions in IT — such as combining the network and the applications groups into one “application performance management” group.
Mobile computing will continue to expand in enterprises as mobile devices become more powerful and adaptable to the needs of business. So will the enterprise IT policies and practices that support them.
In the short term, we can expect enterprise IT to enact security measures, such as device-level encryption and malware protection and centralized mobile device monitoring and management. In addition, we're going to see reforms to the IT infrastructure so that tasks that were once tedious and painstaking to manage — like operating system and app version level synchronizations over multiple end devices —become an automated process that gets pushed to mobile devices as users turn them on.
Accustomed to a user-centric experience on their mobiles, business users and customers will also expect sensitivity to their usage patterns and preferences from their IT departments. Accordingly, new disciplines will emerge in IT (such as end user app visibility QA and checkout). Enterprises will also deploy their own “app stores.”
Central to this process will be executive management support for a strong set of corporate policies that govern the use of mobile computing, and that are universally applied.