Mobility is now so important to productivity and the overall success of the enterprise that mobile access to information is an increasingly important concern of IT departments. But to set an effective mobile IT strategy, we need to look closely at the types of information that live in a mobile environment. In this series, Craig Mathias explores the various ways mobility solutions can be used successfully and cost-effectively in your enterprise.
|IT strategy overview|
I want to begin this series with an outrageous statement (you must be used to that from me by now!): There's really no difference anymore between mobile and desktop operations in essentially any area of IT. In other words, anything you can do in the office you can do on the road. That being said, one size most certainly does not fit all in this case. I work on mobile solutions all the time and have found that any given solution falls into one of three distinct philosophical categories. Which of these applies in a given situation depends somewhat on the particular biases of those involved, but I've used all of them quite effectively over the years:
- Duplicate the desktop -- With the advent of modern notebooks that truly duplicate the functionality of desktop PCs, it makes sense to have all of the capabilities of one's desktop computer on the notebook -- all of the same applications and access to data via synchronization. So, while a completely duplicated environment can make sense (and provide some backup in the event of a failure of one machine or the other), many professionals have ditched their desktops altogether and use only a notebook. A docking station with a larger monitor and keyboard can completely eliminate any reason to own a desktop, and having only one machine makes both maintenance and use a lot simpler. Costs are also reduced; software licenses are amazingly expensive now and becoming more so all the time. Nevertheless, I still use a desktop when I'm in the office for reasons of performance and to have a backup if a computer fails (indeed, I have four machines, three of which are notebooks, ready to go just in case).
- Access the desktop -- Remote access has been an integral part of mobile computing for as long as I can remember, and indeed, VPNs are commonly used for this purpose. Another option is a PC-oriented remote access solution, such as GoToMyPC, LapLink Everywhere or Route1. The key here is what your remote access strategy is. Do you want to access a specific machine on the network, such as your desktop computer or a specific server, or do you want to be a node on the office LAN? Do you want remote control of a specific computer, or file access and transfer? These are the capabilities to consider when defining your solution; just make sure you understand the security implications of the solution you select and that it fits with your firm's security policy. It's good practice to encrypt all sensitive data, use strong authentication, and virtual private network (VPN) techniques -- whether in the office or on the road.
- Replace the desktop (and the notebook!) -- This is where things really get interesting. PDAs were originally used to manage personal information and were synchronized with a PC via a serial or (later) USB cable. Once we put radios in PDAs and turned them into smartphones, everything changed -- or, at least, started to. Smartphones are still not full peers on the enterprise LAN, but that's going to change over the next few years. Apple's iPhone points the way -- we may be at the beginning of the end of the era of everyone getting a notebook, instead getting a smartphone that just happens to have a PC inside. Note that today's smartphones are sometimes usable for remote access, and even as platforms for Web-based applications. In the future, they will probably support desktop executing environments, meaning the degree of flexibility we'll have in the field will truly match that available in the office.
I think that with greater availability of wireless broadband services, we'll eventually move to the Web services model entirely, wherein mobile (and desktop) devices become more like terminals running off server farms accessed over broadband networks, whether within the enterprise or on the road and irrespective of whether a network is wired or wireless. In this model, there are no mobile operating systems and applications to maintain, less concern about viruses and malware, and much lower costs. In the meantime, no matter what your strategy, there's a mobile platform ready to fill the bill.
|Information in a mobile environment|
As I noted in the last section, IT is, after all, about using technology to manage information. Since mobility is now so important to productivity and the overall success of the enterprise, mobile access to information is today an increasingly important concern of IT departments everywhere. But to set an effective mobile IT strategy, we need to look closely at the types of information that live in a mobile environment.
The first of these is "personal" information -- what would typically be handled in a personal information management (PIM) application. This typically includes contact information (ranging from phone numbers and addresses to the detailed contact information often maintained by salespeople), calendar and scheduling data, quick notes and scrapbooks, and similar items. Increasingly, however, this information is maintained within enterprise apps and even shared in many cases, meaning that it's often at least partially under the control of IT already.
Next is personal productivity data -- data that is typically manipulated by suites such as Microsoft Office. Again, this data is often shared, but not always. And finally we have data that is by definition shared, that used by enterprise apps that run on servers inside the enterprise. This data is too large to be distributed to mobile computers and so must be processed via remote access or a similar mechanism. The common thread here is that all of this data is required for effective operations, and -- surprise -- all of it, even on mobile computers, needs to be managed by IT.
I have always recommended that enterprises own all IT resources, rather than letting end users bring in their own PCs, handsets, other devices capable of storing enterprise data, or even applications. There is an old saying here -- you can't secure what you can't manage, and you can't manage what you can't secure. Thus any mobile IT strategy must center on the end-to-end management and security of all assets -- period. Even "personal" data should be secured and backed up by services provided by enterprise IT. Ditto for secure remote access (increasingly via a Web portal), which needs to include both strong authentication and the use of a virtual private network (VPN). Provisioning these can be automated, but their use must never be avoided or circumvented. Don't forget to have an acceptable-use policy in place as well, along with the usual (and centrally managed) virus, malware and firewall protections. In short, even "personal" data needs to be owned and managed by the enterprise, along with the PC, handset and whatever other IT assets are applied.
Enterprise applications bring up an important point -- I believe that these and many others will eventually wind up running within the browser model. The browser has, in fact, become the interface for enterprise apps and some personal-information and personal-productivity apps as well. This means that a smaller, cheaper (and, thankfully, lighter-weight) PC may be in the future of many mobile workers. The Mobile Internet Device (MID)/netbook/micro notebook (and even high-end handset) will, I believe, replace traditional big-OS notebooks for many over the next few years. But for that vision to become a reality, we'll need a lot more wireless connectivity. Apart from the current state of the economy, however, nothing really stands in the way of that vision coming to fruition. Mobile WiMAX, CDMA Revision A, and HSPA are all seeing increasing deployments, and LTE, which will offer 100-300 Mbps (peak) throughput, will hit the market beginning as early as 2010, according to a representative of Verizon Wireless that I just spoke with.
But wireless isn't always available and can be expensive. The key in deciding on mobile connectivity is in assigning a time value to the access of all enterprise information. How often does a particular individual need to access, sync up with, or modify enterprise data? If once a day works (and it will, quite often), then skip the wireless plan. Sure, eventually we'll all go wireless. But strategy is all about matching resources to goals, and a little critical thinking here can ensure success without busting the budget.
|Delivering mobility cost-effectively|
So far, we've reviewed the essence of IT strategy, which, like any strategic exercise, is the matching of resources to objectives via an action plan. IT strategy, especially in challenging economic times, must also carefully consider the costs involved, as it's likely that mandates for flat or even decreased IT budgets will be common, at least over the next year. So the task at hand -- defining a mobile IT strategy -- boils down to developing the most cost-effective means for delivering information to staff who need it and allowing them to act on it, wherever they might be.
And the key here is deciding what information a given person needs, how often he needs it (based on the time value of the information), and what applications are involved, and then (and only then) picking the right combination of mobile devices to address the need. Again, all too often we tend to start from the opposite direction -- the cool device first, without regard to cost or mission -- and that's what often gets mobile IT projects into financial trouble.
Mobile IT strategy will continue to have at its core the provisioning of email. The BlackBerry approach of push email, now being pursued by a number of other (mostly software) suppliers, will continue to be quite popular. But I think email will move into the Web to an even greater degree than it has in more consumer-focused email services and that, in fact, the Web will become the metaphor for provisioning most IT services to mobile users -- from enterprise apps to enterprise-centric social networking. The core advantage here is that the differences between the desktop and mobile user experiences will continue to narrow (thanks to much-improved mobile browsers and more-available broadband wireless networks) and that IT costs, especially with respect to application development and deployment, can be further minimized through this commonality. The core disadvantage is that ubiquitous (or continuous) connectivity is required to make this work, and the carriers may not be able to continue to build out their networks, let alone expand to 4G services, at the pace that many expect. This means that a hybrid (and somewhat platform-dependent) approach of local execution and some Web services (or enterprise applications) is likely to prevail for the next few years at least -- and this is not the strategy that leads to lower or optimal costs.
What can be done in the interim, however, is to carefully define the set of applications required by a particular group of mobile workers (sales, service, management, etc.) and to map these to the smallest possible set of mobile devices. I always recommend that the enterprise own the mobile device and that the enterprise be responsible for all aspects of mobile device and mobile information management. I strongly suggest that any successful mobile IT strategy will not allow the use of personal devices in the service of enterprise functions. That old saying again -- you can't manage what you can't secure, and you can't secure what you can't manage -- and a personal PC or handset is beyond the reach of enterprise IT. Similarly, be judicious in limiting the number of approved devices to the absolute minimum. This makes it much easier to verify that your mobile IT implementation is both manageable and secure, to say nothing of holding costs as low as possible. And make sure your acceptable-use and security policies are kept up to date and that all mobile users are educated as to their contents. Consider the use of mobile device management capabilities to minimize problems (or at least fix them quickly when they occur), control support costs, and simplify operations so that education and training costs are contained as well.
Finally, always consider that your mobile IT solution will grow, change and evolve over time, and thus your strategy must include this element as part of an ongoing plan. Strategy is rarely static for long periods of time; advances in technology and growth and change in the organization itself mean that you'll be quite busy with strategy development even as you implement and manage new solutions. But, then, that's always been the essence of IT management, and shifting the emphasis of IT to mobility changes only the focus -- not the mission -- of IT in any setting.
About the author: Craig Mathias is a principal with Farpoint Group, an advisory firm based in Ashland, Mass., specializing in wireless networking and mobile computing. The firm works with manufacturers, enterprises, carriers, government, and the financial community on all aspects of wireless and mobile. He can be reached at firstname.lastname@example.org.