Reality Check: Managing complexity in a mobile enterprise

Editor’s Note: Welcome to our weekly Reality Check column. We’ve gathered a group of visionaries and veterans in the mobile industry to give their insights into the marketplace.
Based on the shopping bags I saw this past holiday season, the smartphone industry is posed to have a banner year in 2010. Consumers of all ages and technical abilities want these intelligent devices that give them constant access to email, the ability to search online at will and, in some cases, the comfort of a 24/7 GPS system.
But once 2010 rolls around and workers return to their usual routines, businesses can expect a host of new Android, BlackBerry, iPhone and other smartphone devices to flood the workplace — and their happy owners will expect wireless access to the network. Traditionally, IT has restricted access to non-approved corporate devices due to security concerns, but that old school way of thinking is starting to change. The business benefits of a mobile enterprise are too important to dismiss, and mobility management platforms are proving to be quite valuable.
According to a 2009 Forrester study, “Understanding Information Workers’ Smartphone Usage,” 43% of IT executives are somewhat concerned or very concerned with the security issues of using smartphones for business. IT departments worry about devices containing sensitive information being stolen, complications of getting through the enterprise firewall, correct versions of local software, and encrypting data communications. A mobility management platform that helps manage and secure devices should put those worries to rest.
Security holes in the mobile environment
Understandably, a top security concern among IT departments is simply not knowing how many smartphone devices are on the network. While a portion of these smartphones may be owned and issued by the company and tracked through IT, an increasing number are personally-owned devices that workers are bringing in without the knowledge of IT.
If you think your network is locked down tight from mobile devices, you could be wrong. One of Sybase’s customers, a national retailer, wanted to better track its mobile device activity and usage, as well as gain a better understanding of who and what was roaming around the network. IT implemented software to monitor what was accessing the network, and to their great surprise, discovered more than 1,000 unauthorized mobile devices were on the corporate network.
This scenario is not unusual in today’s workplace, and it raises several concerns within the IT department. Should these devices be allowed access? Can we identify and track these devices and users to ensure privacy or compliance regulations? How do we prevent these non-standard personal devices from introducing viruses or other security breaches? Is the anti-virus software on these devices updated? How do we back up data on these smartphones?
The inherent “freedom to roam” is another ongoing IT concern. Virtual offices, telecommuting and pervasive Wi-Fi access allows employees to move beyond the safety of the wired network perimeter. Once outside the corporate bounds, IT loses the security controls it worked so hard to implement. Firewalls, user group policies, user authentication, and password notifications become difficult to implement.
Even beyond these concerns is the well-known fact that phones disappear. People steal smartphones and sell them on eBay. Users tend to leave them in taxis, on planes, at restaurants and in rental cars. Plus, the phones are less rugged than laptops and desktops. Ask anyone who has dropped a phone or watched it fall out of a pocket. The size and versatility of these personal devices make them much more prone to being lost or damaged. Again, this is another headache for IT, which must track and replace the mobile devices. If sensitive data is stored on the smartphone, businesses can be held responsible for privacy breaches, lack of compliance fines or public embarrassment.
Every IT department ticks off one or all of these concerns when developing a mobile strategy, but these security and management requirements should not shut down a company’s mobility plans. Securing and managing mobile devices is possible with a good mobility management platform.
Mobile enterprise strategies that work
Security is always a concern, especially in today’s world of hackers and disgruntled employees who want to either prove they can infiltrate businesses or cause financial and credibility damages. Introducing mobile devices does not have to intensify this threat. A mobility management platform with tested and proven features can help IT both secure the network and business assets and manage the increasing number of smartphone devices.
Industry analysts such as Forrester support this view. The analyst firm’s report, “Understanding the Critical Role of Device Management and Security in Your Business’ Mobile Strategy,” states: “A comprehensive mobile device management and security solution should be at the heart of any business’ mobile strategy….Investments in mobile device management solutions will have an immediate impact on the mobile operations of the business. It will lighten the support burden on IT professionals and afford them more time to work on strategic projects, not just keep the lights on.”
As President of Sybase iAnywhere, Terry Stepien plays an integral role in establishing the company as the premier provider of mobile enterprise solutions. During his tenure at the company Stepien has held many positions including SVP and GM of the Mobile and Embedded Computing division. He also served as VP of Product Marketing responsible for Sybase’s key initiatives in Enterprise Data Management, Data Warehouse, Application Development Tools and Occasionally Connected Computing. Before coming to Sybase, Stepien was VP of Marketing for Powersoft’s Watcom subsidiary.
Stepien is an active member of industry consortiums, and is founder and co-chair of the ITAA m-Commerce Committee. He began his career at the University of Waterloo where he was engaged in software research and development at the University’s Computer Systems Group, and where he held an adjunct faculty appointment in the Department of Computer Science. He is a recipient of the 2001 J.W. Graham Medal in Computing and Innovation from the University of Waterloo. Stepien holds a Master’s of Mathematics degree in Computer Science from the University of Waterloo in Waterloo, Ontario.