BOSTON -- The consumerization of IT has placed the power in the hands of end users. Without their voice in the mobile workplace policy process, IT faces a losing battle.
Such was the sentiment at several sessions here at this week's BriForum 2014, where the ubiquity of mobility was discussed and experts shared tips on how best to deal with the evolving landscape.
Only about 30% of companies even have a formal mobility policy, with 21% sharing best practices and 10% without any kind of policy, according to a recent CompTIA survey.
Companies that put mobile policies in place may not consider the workers enough and they may not get the desired results because of it, according to Brian Katz, head of mobile innovation for a large pharmaceutical company in New Jersey, during a presentation here this week.
"If you build a policy without the users, they're not going to read it," Katz said.
During the session, audience members said IT, security, legal and compliance teams are typically the organizational units that formulate mobility policies. But leaving out users is a mistake organizations can't afford to make.
"Your users are your biggest asset," Katz said. "If you get them involved and they agree with you, they will become your biggest advocates."
But if all you've done is hand out devices and learned to manage them, your organization isn't mobile, according to Katz.
That's because users still need access to applications for productivity. They don't want a mobile experience with applications that are regurgitations of desktop applications.
"The reason this sucks so bad is because your finger is your primary input device on mobile applications," said Jason Conger, solutions architect at Splunk Inc., a data monitoring and analysis company in San Francisco, during a session on mobile applications. "Oftentimes, the buttons are too stinkin' small to hit the right thing."
Enterprises must avoid what Katz calls "crapplications" by considering the user experience first.
"If you build an app and roll it out to 1,000 people and find out nobody opened it past the first day, it doesn't matter how good you think your app is, people don't want to use it," Katz said.
Users and data ingestion, leakage
The relationship between IT and users also drives the long-standing issue of what happens with company data. Data leakage has been ongoing in different forms for years, first with floppy and zip drives, then email and consumer applications such as Dropbox. To curb this, IT tried encryption or securing data through server-based computing and virtual desktop infrastructure.
That led to an even bigger problem, according to David Stafford, director of product management for end-user computing at VMware Inc. during a session.
"IT systems are becoming Al Capone's vault," Stafford said.
Brian Katzhead of mobile innovation
Because IT has done so much to protect databases and encrypt devices, there won't actually be anything of substance left within systems, causing data ingestion among users. Today's problem isn't about how to keep data from getting out, but how to encourage users to bring the data back in, according to Stafford.
"We don't have regulated robots for employees," he said. "What we have are real people that know how to use real tools to do real work for real benefit, and they are going to use what's easy and conducive."
Workers want access to data that is easy, ubiquitous and perpetual. Two-factor authentication or virtual private networks, while earning IT a pat on the back from higher-level executives, may push users further away from using IT-sanctioned systems because it doesn't give them easy and constant access to data or their applications, Stafford said.
There's no one simple way for IT to solve this problem. Recognizing users are consumers first is one place to start. That gives IT the chance to have a symbiotic relationship with users as opposed to pushing down mandates.
"You're going to them to say, 'You're one of my consumers and I'd like you to use my service. Let's see what value I can offer you to use it,'" Stafford said.
Using social enterprise tools allows users to ask questions and create content in a collaboration community. After people leave an organization, their corporate intellectual property is saved.
While different approaches can solve issues around data ingestion, it doesn't minimize the need for encryption. Encryption is easier now than it was a decade ago, when giant processers and virtual machines were required, according to Katz. But it's all about striking a balance.
"I do think we spend a lot of time looking at vectors we can't control, versus how do we enable secure channels for people and enable them at the same time," Katz said. "We spend so much time looking at security and no time looking at user experience."