The mobility of an enterprise’s workforce determines, to a large extent, its ability to achieve profitability, competitive advantage and organizational goals. Employees require flexibility in where, when and how they access IT resources of the business, for the maximization of their productivity. Since they use devices that are the most appropriate or convenient for their job tasks, they have to exert less effort to perform a greater number of tasks on account of the freedom of accessibility.
Changing market conditions, business challenges and customer issues can be addressed more easily, thus increasing the agility of the organization, as workers can respond quickly to any request when not tied to any physical location.
To empower their employees, enterprises have to adopt two kinds of mobility. Physical device portability is the first one.
Any endpoint of computing mainly used and designed for its portability is a mobile device. So, these include not only tablets and smartphones but laptops as well. The laptops may use the same operating systems as desktops, but are mobile devices as these are designed for portability.
There are no restraints regarding location or time when enterprise users perform business tasks using mobile devices. The various Windows editions, MacOS,BlackBerry, Android and iOS are among the platforms on which access to IT resources of the enterprise should be available for that purpose. The resources can be classified into:
- Services – include essential enterprise resources such as remote access portals, email, databases and messaging
- Data – include sensitive records and files as well as general-purpose ones
- Applications – include proprietary apps as well as commercial software
Mobility of the second kind covers the access to common resources of the business from any device.
End users can use not just their work desktop PCs, but their laptops or smartphones or tablets or home PCs to access the same applications or data. As the users employ multiple devices, the business’ resources become truly portable.
According to research conducted by EMA, 87% of professionals employ either a tablet or a smartphone and a laptop or desktop PC. So, multiple devices are in use by the majority of enterprise workforce nowadays. Along with that, critical job tasks are performed through PCs by 98% of business users.
So, in the enterprise market, mobile devices such as tablets and smartphones are in use to supplement rather than replace PCs. The multi-device adoption has a strong rationale behind it. Note taking, email, web surfing and calendars are suited ideally for small mobile devices, whereas complex tasks such as writing detailed research papers, creating large spreadsheets or graphical representations require the processing capabilities and accessible form factors of PCs. Business users utilize the most convenient or most appropriate device for any task, as mentioned before.
IT management challenges have increased greatly due to the increased freedom of access to IT resources. All services, data and applications have to be available to remote users in a highly reliable and secure manner on various platforms and devices. Compliance commitments and security requirements have to be fulfilled without increasing related costs and administrative efforts greatly.
It becomes very important for an organization to understand best practices followed in Enterprise Mobility before adopting Enterprise mobility in their organization:
Enterprise Mobility Management – Best Practices
- Setting up Infrastructure ready for Enterprise Mobility needs – Many users expect wireless local area networks (WLANs) to be as predictable and fast as wired LANs and push IT to employ WLANs to serve both personal and business devices. The complexity of problem diagnosis and network management increases and these become more challenging as enterprises rely more and more on WLANs for crucial communications. Lack of service for personal devices of the employees or insufficient coverage for these, along with poor performance, are among the issues that affect WLANs as many are not designed for providing such crucial services. Enterprises may be required to expand site mobile access, add IP voice services, segregate enterprise devices from personal ones, manage bandwidth and raise network capacity to deal with the issues.
- Bring Your Own Device (BYOD) policy – The greatest challenge since the introduction of the PC has been BYOD. Albeit hesitantly, IT functions in enterprises are introducing BYOD policies to meet employee demands to use personal devices. Workspace delivery, device management and information security are among the challenges being magnified due to BYOD programs being implemented. The different platforms for mobile do not have consistent implementation of workspace delivery mechanisms, MDM tools and endpoint security controls unfortunately. IT has to proactively anticipate future requirements, implement programs and create policies through collaboration with users of BYOD.
- Access and Identity Management – Enterprises have to be able to provide access to required business resources and to validate users. There are 3 main features they have to pay attention to: privacy, adaptive access control and single sign-on. Users wish to sign on only once to access the resources they require to perform job-related tasks, but creating safe and strong passwords is difficult because of small device sizes. Mobile usage risks can be reduced and identity assurance increased through the use of contextual information such as behavioral patterns and user location. This is known as adaptive access control. Privacy concerns can also be raised because of location data, although such data can make validation stronger and surer.
- Risk and Security Management– Sensitive data and applications have to be accessed by mobile users from the public/private cloud or the mobile devices. Anti-malware, validation, device wipe and encryption are among the security controls (cross-platform) that have to be deployed. However, uniform enforcement of policy for all devices is difficult for security vendors to provide as the number of capabilities for security are different for different operating systems. Cloud security also has to be taken care of as part of an integrated mobile strategy.
- Better User Experience of Enterprise Mobility Apps – For nearly all mobility projects, one measure of success that has almost become predominating is user experience (UX). Business-to-employee (B2E) apps do not generally provide as good a UX as business-to-consumer (B2C) ones. Developers seem to understand implicitly that they have to provide good UX for B2C apps but that is not the case with B2E apps. Given they had a choice, employees would probably not use the B2E apps that they have to and which are often poorly designed and outdated. Some may find a way to circumvent IT regulations to be able to use the B2C version of an app rather than the B2E version recommended by the enterprise. This might raise security risks without the knowledge of the enterprise’s IT department. So, B2E apps have also to be provided with good UX.
- External Services Management– The way people use social software, communicate, create content and collaborate is changing on account of mobile devices. Issues that IT functions are commonly faced with include:
- The relation between social and mobile software – Using more of enterprise social networks that are mobile-enabled generally benefits most knowledge workers.
- Problems with Dropbox and other such services – Enterprise information can potentially be at risk when employees use synchronization solutions like Dropbox to update files simultaneously for all the devices they use. These are consumer oriented solutions and may not be entirely safe for enterprise usage. IT functions of enterprises have to solve these problems.
- Single Point Application Management– There has to be a secure and centralized user portal from where all the apps required for business purposes, whether proprietary or commercial, should be accessible for all end users. All updates, patches and related versions for web apps, virtual apps and static apps, among all other kinds of business software, should be available through the single point of access. To make sure that users are allowed to download or even initiate access to enterprise applications, two-factor authentication should be used. Black listing or disallowing of apps that are not in accordance with organizational policies may be used. White listing or allowing only specific apps that are authorized to be downloaded/installed is another option. There are 4 major ways for classifying personal and enterprise-owned resources:
- Tagging: The business supports only the data and applications that it maintains. The tagged resources are the ones to which management resources are applied.
- Containerization: An environment is created through software, independently of the primary workspace of devices, and is referred to as a ‘container’. The elements not a part of the container are not affected by the container. The enterprise restrictions affect and the enterprise supports only the data or applications stored in the container. Individual data elements or applications, a specific collection of resources, or even an entire workspace can form part of a container.
- Wrapping: The actual software code of the applications supported by the enterprise is injected with the enterprise management and security processes. In this manner, the personal applications of the users remain unaffected and the supported ones are applied with the enterprise requirements.
- Virtualization: The functionality this provides is quite similar to that provided by containerization. Business resources are supported by separate workspaces, if client devices are virtualized. Users are allowed to access a workspace created for them on a centralized server from any device that they choose. This is done through virtualization of a desktop for them. The virtualization of applications works in a similar fashion, except that only individual elements of software are delivered or hosted, instead of an entire desktop.
- Enterprise Mobility Issue Management – Although end users mainly control the devices, administrative assistance may be required at times to overcome certain difficulties. Users should be able to easily put in a service request and provide the related information for support staff to comprehend the problem. Since the technical abilities of users vary widely, it may not always be possible for administrators to talk users through the resolution of a problem. Therefore, remote access for endpoints supported has to be available with administrators to let them resolve issues. It should be possible to back up and easily recover data, if a device gets damaged beyond repair.
Meanwhile, do you think these best practices will help you substantially in the creation of an enterprise mobility strategy or have you already put a few into practice? Let us know in the comments section below.