PDF version of this report
You must have Adobe Acrobat reader to view, save, or print PDF files. The
reader is available for free
download.
Choosing Mobile Devices
for the Enterprise
Copyright 2018, Faulkner Information Services. All
Rights Reserved.
Docid: 00021152
Publication Date: 1802
Report Type: TUTORIAL
Preview
Currently, different vendors offer significant variations in their mobile
offerings, including different levels of security. Understanding the
differences presents a challenge to the enterprise, particularly if it is
investigating a platform-neutral, multiple device solution – a choice that
is becoming increasingly common. An important component of mobile devices
for the enterprise is mobile device management (MDM), which typically
involves the provisioning, support, configuration, security, compliance,
and management of mobile devices, including pushing updates to the
devices, identifying non-compliance issues, and remotely wiping lost or
compromised devices, as well as data management.
Report Contents:
Executive Summary
[return to top of this
report]
One of the characteristics of the current technological age is that
products often first gain wide popularity in the consumer world and are
then adopted by the enterprise. Examples have included electronic mail,
instant messaging, and social media, including blogs.
Another example is the mobile device. Not merely a
cellular phone or tablet but, in reality, a small, often handheld computer platform
offering services including voice and data communication, still and video
camera, multimedia presentation, and numerous other
applications. The momentum of the mobile device in the consumer market has
compelled the enterprise to adopt it for business purposes.
Related Faulkner Reports |
Developing Mobile Applications Tutorial |
Generally, the mobile device is likely to include Internet connectivity and
functionality – including email and calendaring; voice, text, and video
communication capabilities; and the ability to run a number of
applications.
There is no “one size fits all” mobile device available, and there are
significant differences among vendors, particularly in the area of
security. The enterprise that is investigating a platform-neutral,
multiple device solution – an increasingly common event – must commit to
careful investigation and be aware of both advantages and risks.
Because of the wide acceptance of enterprises to allow workers to "Bring Your Own Device" (BYOD) (allowed
by an estimated two-thirds of organizations by 2019), mobile
devices increasingly need to be managed and supported. Because of the
BYOD trend and threats such as malware, mobile device management
(MDM) is now widespread. An additional impetus for MDM is that enterprise
devices and applications, once predominantly Windows-based, need to
support additional platforms such as Apple iOS and Google Android.
Description
[return to top of this
report]
In the current market, by far the most commonly-used type of mobile
device is the smartphone, occupying a field that is crowded, dynamic, and
continually growing. The smartphone has been at the forefront of public
consciousness since Apple announced its pioneering iPhone in 2007. Although it
was predated by the BlackBerry, which for a time was the favorite of business
executives, the
enormous popularity of the iPhone made the adoption of mobile devices
by the enterprise a natural step. In a
sense, then, the enterprise’s adoption of mobile devices has been
driven by its consumer popularity. This same popularity is also
crowding more limited mobile devices out of the picture because, with the
wide array of applications now available, the smartphone can do almost
anything another kind of mobile device can do.
The enterprise is now discovering the usefulness of mobile devices for its own needs, but an enterprise is
likely to look at a mobile device in a different way than a consumer sees
it. The enterprise is likely to look at a smartphone primarily as a small,
extremely portable laptop computer, while consumer interest may be more
focused on the range of applications the smartphone offers.
Consumer demand can even drive the enterprise’s decision on which mobile
devices to use, since senior staff, among others, are likely to be already
using smartphones themselves for personal use and to have their own
favorites. Fads, "popularity contests," advertising, and competition for news
space are ubiquitous, and the major vendors try to bring new models to the
marketplace at a rapid rate. For the enterprise, though, this can mean that the
result is some employees using newer models that have not yet been vetted by the
IT department while other employees are attached to earlier models that are
incompatible, obsolete, or ineligible for further service.
Securing mobile devices
from malware before enabling network access is a prime concern, and mobile device
management (MDM) has
become a necessity for the enterprise, with products offered by
both major and smaller vendors. One possibility for reducing the MDM burden is to effectively outsource
casual
administrative functions to employee end-users with a self-service portal
that allows them to enroll devices, reset passcodes, locate lost devices,
and lock and wipe stolen devices.
Current View
[return to top of this
report]
The ordinary metrics for the spread of technology devices are
being outpaced by the rate at which smartphones are challenging the
business world. With the continued popularity of tablet computers like the
Apple iPad series, the push for even more types of mobile devices in the
enterprise is only getting stronger. The result, unfortunately, can be
less time for analysis and strategic thought about the best and most
appropriate devices from an enterprise perspective.
In addition, while enterprise mobile devices used for such purposes as
paging and inventory control do not necessarily have much crossover with
personally-owned devices, there is constant pressure on the enterprise to
allow employees to use their own smartphones for business purposes. These
are smartphones with which they are familiar and have chosen
because of their functionality. This factor opens up new fields of concern
about security of data and about management platforms, at the same time
that it tempts the enterprise with the prospect of cost savings, because
the cost of purchasing new phones may be reduced if not eliminated if
employees are allowed to use their own mobile devices. Some businesses now
subsidize employee costs for personal smartphones.
Security is a universal concern where any computer software is involved,
and particularly where the organization is involved in government,
proprietary, or health care work. The rapid growth of the smartphone and
other mobile devices means that regulatory restrictions struggle to keep
pace with development. Even with explicit rules in place, the enterprise
must be aware of the potential for data theft. A prominent example of
security difficulty is the potential placing of HIPAA regulated patient
identification data on personally owned mobile devices. Penalties for
HIPAA violations can be stringent, yet the ability to store patient
information on personal mobile devices increases yearly.
Smartphones, along with other mobile devices, provide first-time issues
for IT departments in cases where employees are allowed to use their own
phones for company use. In the past, organizations ordinarily insisted
that employees use company assets for company work, and they were able to
control them and to limit and restrict their use. With the smartphone this
may not be the case, and even if it is, restricting use of a smartphone is
difficult.
An employee’s smartphone may or may not provide adequate security for
protecting a company’s information. Dangerous applications may even be
added to the smartphone by the user, without the organization’s having the
ability to restrict them. When an employee leaves a company, the data on
the phone may (although it should not) be taken away by the employee, as
may data such as phone numbers of important corporate contacts. The
technology to trace and potentially to recover lost or stolen phones
exists and is in use, but has both development and implementation
costs, requires trained staff, and potentially can raise legal
issues.
On the other hand, allowing employees to use their own devices for
corporate business potentially offers attractive cost savings. Areas of
savings include bulk purchase of devices, and favorable deals with
carriers for transmission costs and lengths of contracts. Therefore one of
the biggest issues for the enterprise considering a smartphone rollout is
whether to adopt the use of company-issued smartphones, or to allow
employees to use their own smartphones for company business. Allowing the
use of personal smart phones creates a number of issues, particularly
security issues, both the security of data and of the phone itself.
However, carrying multiple mobile devices, personal and company-issued,
can be confusing and even dangerous for an employee.
The use of personally-owned smartphones leads to the issue of platform.
An increasing number of organizations are working toward platform-agnostic
smartphone solutions, finding particular value in Web-based applications.
There are a number of operating systems (OS) in use in the smartphone
field. They differ from each other, and each offers its own strengths and
weaknesses. The current leading operating systems are summarized below.
Android. The Google Android OS, initially designed for
touch screen applications, has stormed to an overwhelming first place in
use among mobile operating systems, far outdistancing its competitors.
It is open source and growing rapidly in terms of its use by
application developers. Its application array, Google Play (formerly
Android Market), is substantial.
Blackberry. The original Blackberry OS was created by
RIM for business use, and was the most widely used for several years, but
slipped badly due to competitive pressures and was discontinued, as
Blackberry’s product line faced significant challenges. The new Blackberry
10 operating system received acclaim when released in early 2013 but was
subsequently replaced with the Android OS . The current model is the
BlackBerry DTEC60. The Blackberry Enterprise Server (BES) is still
regarded as providing the most control of devices for the enterprise,
including the ability to restrict which applications can be used on a
device. Along with the management control, however, comes an initial
learning curve at the server level and a continuing administrative
responsibility.
iOS. The Apple iOS operating system is
used by the extremely popular iPhone, best known for its huge range
of available applications, all of them first reviewed by Apple before
being offered for download. Its market share remains essentially steady,
at about a fifth of the market. The same OS is used for other Apple
devices, like the iPad tablet. The need to connect an iPhone to iTunes in
order to synchronize with a host computer – a requirement not posed by
other operating systems – may strike organizations as a problem, since
either iTunes, with certain security issues, needs to be installed on the
enterprise server, or employees may need to load it outside the corporate
environment, neither of which may appeal to the organization.
Windows Phone. Microsoft introduced its Windows
Phone (the latest release is Windows 10 Mobile) to replace Windows Mobile.
The intention with both products was to benefit from Microsoft’s giant
installed Windows base. However, Microsoft was not able to make
significant inroads in this market. Microsoft continues to promote its
mobile devices as complements to desktop and other computers running
Windows.
Once platform(s) and product(s) are selected, the issue of management of
mobile devices comes to the forefront. There is an obvious incentive for
the enterprise to use a centrally operated control system, and protocols
like the OMA (Open Mobile Alliance) Device Management protocol make such
management possible. The ideal is remote (OTA or Over The Air) control,
but there are many variables to be considered, and the field is still
developing.
Among MDM products, the current market leader
is VMware’s AirWatch. Other MDM products from major vendors include
XenMobile by Citrix, IBM’s MaaS360, and Microsoft’s Intune. There are
other notable products on the market as well, such as AppTtec360 Enterprise
Mobility Management, Baramundi Management Suite, and SOTI MobiControl.
Outlook
[return to top of this
report]
There is no sign of a slowdown in the growth in popularity of
increasingly sophisticated smartphones and other mobile devices, or in the
number of things they can do. This fact may help the enterprise
significantly, as OS manufacturers are rushing to close gaps that might be
exploited by their competitors.
A unified management system that controls personal computers,
smartphones, and other devices used by the enterprise is essentially
available now, and organizations may find that the management of
privately-owned smartphones has become easier. However, security concerns
remain paramount, and cannot be too closely examined. It seems likely that
vendor consolidation, already underway, will continue as the number of
competitors in the field with technological innovations expands past the
point where the market can support them, giving larger vendors the
opportunity to acquire smaller ones, along with their desirable
technology.
Just as cloud computing concepts require clarification and
standardization groups like the US National Institute of Standards
and Technology (NIST) and the International Organization for
Standardization (ISO) are tasked with devising MDM standards. The US
National Institute of Standards and Technology is tackling mobile device
management technology issues, releasing Guidelines for Managing and
Securing Mobile Devices in the Enterprise.
Some MDM vendors are rebranding MDM as Enterprise Mobility Management
(EMM). EMM aims to protect every element of the mobile experience,
not just mobile devices. EMM consists of multiple components, including:
- Mobile Device Management (MDM)
- Mobile Application Management (MAM)
- Mobile Content/Email Management (MCM)
- Mobile Security Management (MSM)
Recommendations
[return to top of this
report]
An enterprise must not base its decision on sensational articles, flashy
advertisements, or claims about which smartphone is most admired by
various demographic groups. Armed with a strategic analysis, the
enterprise must determine the most appropriate mobile device solution for
its needs, rather than the most popular device. The simpler mobile devices
pose only standard issues for the enterprise in deciding which to select –
issues of appropriateness for the task, reliability of the vendor(s), and
so on. But the smartphone, as a combination of many mobile devices, is
another matter. Its selection raises numerous issues that must be
addressed in deciding whether to use the device in the enterprise, how to
use it, and what other devices might be used along with it.The enterprise
developing a mobile device/smartphone strategy needs to bear the following
principles in mind:
Put strategy before technology. The enterprise should
not devise its strategy and select devices on the basis of publicity or on
the “cutting edge features” of the device. As with any other strategic
decision, device selection must begin, not with the device per se, but
with the needs of the enterprise. What is the device to be used for? What
business purpose does it serve? What strategic advantage can it provide
for the organization?
The breakneck speed of adoption of smartphones and other mobile devices
in the enterprise should be tempered by a longer view. Studies
demonstrate, for example, that the most popular features of smartphones
are not necessarily what employees want to see featured on the devices
they use. In many cases, their main interest is in more effectively
presented corporate applications, or, in other words, an easier way to
access the applications that they already use in their everyday work.
However, the overwhelming popularity of smartphones and tablets is a force
to be reckoned with.
Research vendors and carriers. Among the issues that
individual smartphones present are battery life and power, the size of the
screen and visibility of data, the kind of keyboard on the device (whether
virtual or physical), the size of the keys, the kinds of devices that can
be attached to the device, and – often overlooked in an era of texting –
the quality of reception of voice phone calls.
Carriers in numerous advertisements make claims for the coverage range of
their systems. These claims must be evaluated carefully and skeptically. A
carrier that proclaims it covers a certain percentage of its service area
may not be able to provide contact in a certain part of a city, or
even within a certain building, although this situation is improving. To
check carrier claims is a daunting task, but a necessary one, made simpler
by selecting a number of crucial locations for testing. More than one
organization has signed a restrictive agreement with a carrier, only to
find that smartphones did not work in one or more places where the company
had offices or clients. The current 4G technology does not necessarily
solve this problem.
Numerous smartphone plans are available, a fact that makes possible
comparison shopping, including aggressive negotiation on the part of the
enterprise for the most financially favorable and least restrictive
agreements with vendors and carriers.
Consider multiple platforms, but also consider support
requirements. Surveys show that the majority of companies using
smartphones do not restrict themselves to one vendor, operating system, or
model. This pattern diverges from the frequent IT practice of one vendor
or product per field of activity. With multiple choices come multiple
administrative tasks, and organizations must be clear on what the
management burden will be. The more complex the environment, the greater
the support requirements.
Consider the size of the screen; larger screens are
easier to use, particularly for long periods of time, but are also more
expensive per unit. Storage size may or may not be a consideration for the
enterprise, depending on whether or not the business use of the device
includes large files such as video. Continual Wi-Fi connection may be
desirable, but also may be expensive. Finally, as noted, applications may
work on some platforms but not others.
Investigate remote management solutions. It is possible
that a single solution may not be sufficient. In this area it is
critically important to investigate vendor offers, and to follow up on
references with similar organizations.
Orient the workforce. The ubiquity of mobile devices may
lead employees to think that there are no problems posed by the
integration of new mobile devices with other enterprise system operations.
A workforce aware of issues involved, will be a workforce more conscious
of the security and cost implications of mobile devices, particularly
smartphones.
Employees must also be aware of their personal responsibilities for
smartphones or other mobile devices. This point is particularly important
if the enterprise decides to authorize the use of personally-owned phones
for company business. Whether the device is corporate- or privately-owned,
employees must be well informed of their roles in physically protecting
the devices, and ensuring the security of corporate data on them. They
must also be told what costs they will incur, and what costs the company
will cover, if personal devices are used; what they are allowed to do with
the devices, if corporate-owned devices are issued; and how devices must
be handled when an employee is separated from a company. Again, the more
complex the environment, the greater the opportunity for ambiguity in
policy, and with ambiguities come mistakes and problems.
The selection of a mobile device such as an “approved” smartphone for the
enterprise is in many ways no different from any other corporate decision:
it must be made on the basis of analysis leading to an understanding of
which solution provides the greatest benefits and the fewest and most
manageable disadvantages. The fact that the mobile device sector is moving
at lightning speed does not free the enterprise from its responsibility to
research the best solution for its specific needs – expeditiously,
but with care.
MDM has been expanding into data management as well, including cloud and
third-party applications. Consequently, MDM solutions often begin with an
assessment that performs a complete asset inventory of an enterprise’s
various mobile devices and platforms, as well as its data/security
requirements and third-party and cloud applications. MDM can also
include policy management:
- Does the enterprise require its mobile workforce to use only one
platform? - Or can a (limited) number of platforms be accommodated?
- Does enterprise data need a certain type of protection and encryption?
- Are cloud applications mandated or prohibited for business use?
- Is compliance with various standards required?
- Is authentication of users necessary?
- Do costs need to be controlled?
Business needs and strategy should determine which, if not all, of these
policy questions must be considered.
MDM can address a variety of threats: lost or stolen devices can be
wiped, malware can be averted, and enterprise data can be protected on
multiple platforms. Solutions Review suggests asking the following
questions:
- How sophisticated is your mobile environment/strategy?
– You need to understand how and at what level your organization is
utilizing mobile devices. - How will this new level of security and management impact
employees? – As Bring Your Own Device (BYOD) programs grow
and mobile strategies continue to mature, the line between personal and
work life becomes increasingly blurry. - Do you have the internal IT resources to manage and maintain
an MDM solution? – Evaluate your internal team and understand
what they can handle. - How will you ensure compliance and decrease risk? –
Monitoring tools or asset tracking can help you maintain a certain level
of compliance, but some of these functions are more reactive then
proactive. Through seminars, courses, or information sessions you can
clearly outline, define, and reinforce policies and guidelines. - What will our enterprise mobility policy entail and what MDM
functions will we utilize? – Answering this question will
provide the dos, don’ts, and actual functions your mobile devices can
perform.
Consult with enterprise general counsel to avoid any legal or
regulatory issues. BYOD may demand that a variety of platforms, including
Windows, iOS, and Android, be supported. With new and upgraded mobile
devices hitting the market, successful MDM will have to address these
situations. Perhaps a cloud-based MDM solution will be optimal with
real-time updates/upgrades/pushes. Perhaps buying MDM applications
as needed would be wiser for a growing enterprise with fewer devices to
support, as long as the applications interoperate. For employees who use
their personal phones to access company data, you may want the ability to
erase that company data without wiping the entire device.
Web Links
[return to top of this
report]
- Research in Motion Blackberry: http://www.blackberry.com
- AirWatch: http://www.air-watch.com/
- Apple iOS: http://www.apple.com
- Citrix: http://www.citrix.com/
- Google Android: http://www.android.com
- IBM: http://www.ibm.com/
- MobileIron: http://www.mobileiron.com/
- NIST: http://www.nist.gov/
- SAP: http://www.sap.com/
- Windows Mobile: http://www.microsoft.com/windowsphone
About the Author
[return to top of this
report]
Kirk Woodward is a technical writer and project manager.
His areas of expertise also include enterprise software, hardware systems,
and the use of Internet resources.
[return to top of this
report]