CTRL + SHIFT
ShareFor IT managers, the past was a gentler, simpler time. The mysteries of technology were held by a sacred few. IT policies, budgets and power were the purview of IT leadership with no other employees allowed. The “IT Department” was a satellite management outpost that set and enforced the technology agenda. They selected the technology, trained workers, and made sure operations were adapted to align with their choices. Employees would have no option but to follow their lead on how and when to use the technology.
Today this process is utterly different. Today, the roles are reversed. The proliferation of smartphones in every workplace is not your garden variety technology evolution. For the first time in corporate history, employees with smartphones are reversing the technology dynamic. The impact of this challenge to IT authority is being felt across the enterprise—from the server room to the board room and back again. What can you do now to prepare for this new mobile world order where the employees are in charge?
Morgan Stanley predicts that mobile Internet use will overtake desktop Internet use by 2014. But, as many IT managers will tell you, we’re already at the mobility tipping point.
Back when the first BlackBerrys and Palm Treos were released in 2002 and 2003, smartphones represented a huge advantage for workers who conducted most of their business out of the office, such as realtors, consultants, and mobile sale forces. Workers and businesses alike gained power and accessibility through mobile storage capacity and enough processing power that workers could send and receive email from anywhere.
However, when Apple’s first iPhone came out in 2007, many companies told their employees that the device wasn’t appropriate for the workplace. This created a big question: is restricting use of new mobile technologies in the workplace a good idea? Barring iPhones in the workplace was ineffective because workers used their iPhones anyway. Years of mobile technology incursion and adoption in the workplace have shown that denying workers access to their mobile technology of choice isn’t just a bad idea, it doesn’t work.
Higher and steady mobile technology adoption rates paint a picture of mobile device proliferation pervasive in every area of life, especially in the workplace.
Tighter enforcement of existing IT polices is not an answer. In March of this year, a Fiberlink/Harris Interactive survey of 1,347 employed adults ages 18 and over found that 12 percent of U.S. workers—more than one in ten—admit to knowingly violating their company’s IT policy. Violations include using unapproved equipment and personal devices, like the iPhone, to get work done.
Ironically, the introduction of the iPad is proving that acceptance of new technology is the key to solving IT policy violations and security breaches. Today, according to the Wall Street Journal, companies such as Mercedes-Benz Financial, Bausch & Lomb Inc., and Kaiser Permanente are purchasing and integrating iPads in anticipation of demand for the technology. The iPad tablet brings many advantages to business including greater mobility, a longer-lasting battery, and faster start speeds. Integration of technology ahead of worker demand is a dramatic departure from IT policy eight years ago and hints at where mobility management is headed.
How did we get here?
It’s unheard of: mere workers, with no training or technology background, are seeking out new technologies, adapting them for their work styles and demanding new IT policies and budgets. This IT policy control shift has created a continual cycle of catch-up in most IT departments.
There are several drivers behind the IT policy control shift.
1. The Facebook Effect The convergence of the new mobile lifestyle has blurred the lines between work and play. For example, workers no longer use their smartphones to just access work email, they also stay in touch with their friends and families on social networks on their mobile devices while at work. A survey released by Nucleus Research in July found that (1) 77 percent of workers who have a Facebook account use it during work hours, and (2) Facebook usage causes an average loss of 1.5 percent in total employee productivity. More than 150 million users access Facebook through their mobile devices. More troublesome for employers, people who access Facebook on their mobile device are twice as active on Facebook as non-mobile users.
New mobile usage patterns blend the personal and professional life often in direct violation of IT policies.
2. The Ubiquitous Always-on Employee Over the last eight years we’ve seen the end of the eight hour workday. Workers need and want to work wherever they are at all hours of the day and on the weekends. The end of the eight-hour workday and the advent of more flexible schedules are generally considered a good thing. But while flexibility leads to happier and more productive workers, those workers’ ability to access their company’s network from anywhere can lead to security breaches.
3. The Technology Treadmill Whether it is the iPad, the new Droid phones from Google, or Windows 7 phones, the mobile technology cycle gets shorter every year. Not only does existing technology advance every year, entirely new mobile technology is invading the workplace every six months. This has forced IT departments to approach the problem reactively rather than proactively. As soon as new technology is presented to IT departments by workers, IT departments are in a game of catch-up to meet worker demand.
4. The Flattening of the Corporate Structure The days of rigid and hierarchical work structures are a thing of the past. Greater mobility leads to a more lean and effective corporate structure. A mobile-based workforce creates flexibility in team structures that can quickly accommodate a range of different internal and customer demands. However, flatter organizations lead to many different and sometimes competing ideas regarding technology and corporate IT policies.
Reversing the Control Shift
Companies that are struggling with reversing the IT control shift need to reconsider the fundamentals of the IT food chain. As we see it, they have three options:
1. Do nothing.
2. Declare thermonuclear war on IT policy violations and strictly control technology use.
3. Follow the lead of companies like Mercedes- Benz Financial, Bausch & Lomb Inc., and Kaiser Permanente who proactively embrace new technology, manage technology demand, and evolve—ahead of their workers. With workers continuing to violate IT policy, evolving is really the only choice for businesses to securely move forward.
What are the new commands of mobile device management?
Implement a proactive IT policy that supports multiple devices and works for today’s expanding technology market. Allow personal devices to be used in the corporate setting with the addition of PINs and secure passwords. Make BlackBerrys, iPhones, iPads, Droids and Windows Mobile devices corporate standard. Exchange is easy to integrate with any almost any mobile device using ActiveSync functionality.
Secure your mobile network. Track your mobile devices with a multi-platform reporting and inventory tool. Knowing how many mobile devices you have and where all your mobile devices are at all times is key to securing your mobile network. Make sure reporting information is available to CIOs, COOs, and Human Resources executives—it is not uncommon for devices to leave the company when an employee is let go. Give your HR staff read-only access to make sure that no security breaches occur when staff changes.
Secure access to the devices. Implement encryption and remote wipe of the devices’ hard drives. Devices should auto-lock after five to 15 minutes if the device is not in use. Devices should auto-wipe after 10 failed login attempts. While the BlackBerry Enterprise Server already provides these precautions, Exchange servers require PINs to remote wipe iPhones/iPads and Windows Mobile devices. Android 2.2 includes this security functionality.
Plan for a single console, multi-platform Mobile Device Management (MDM) solution. A BlackBerry Enterprise Server currently provides all these security measures—but it is not a multi-platform solution. Your MDM solution should manage PC/Mac form factor and OS devices. Single console, multi-platform MDMs reduce infrastructure costs, improve operational efficiency, and create a single user view into devices and data for operations and security. Web and cloud-based MDM services are the most cost-effective.
Managing the proliferation of new technology in the workplace is about meeting the needs of both workers and businesses. Workers will continue to bring new technology to the workplace. That is a given. The only way to prevent IT policy violations and security threats is to evolve past outdated restrictions. These four starting points allow businesses to begin to see their individual mobility landscapes more clearly while allowing workers access to their technology of choice. Take a cue from companies integrating the iPad ahead of worker demand: evolving is fundamental to surviving the shifting demands in mobile device management.
Previous | Next 1 of 2
Poll: Data Limits
How do you currently manage and prevent users from exceeding mobile broadband data limits?
Your Comments
posted by Richard Bergstedt
November 19, 2010 - 03:27 PM
I believe that the author has identified a crucial area for companies to consider with regard to moble technology and management of the various devices in use. At my former work place, I do not believe that there was a policy that precluded any employee from purchasing and using a mobile device to access company e-mail. Since I left that company, I wonder if this situation has deteriorated to an even more uncontrollable control nightmare with more and more devices proliferating as theybecome available. I would love to have the opportunity to challenge myself with this problem at any company that needs help in managing this arena. I believe that many companies do not have the staff to perform this mobile device management. Contact me if you are interested.
posted by Mico
April 03, 2011 - 04:17 AM
It's very true what is said in this article about how the market has shifted. However, making a strategy and policies is simple to do - but difficult to follow up and implement. Is there any good MDM solution providing support for all new mobile OS and is there any companies making MDM solutions that is ahead of the smartphone market ? As stated, the introduction of new devices in the market is becoming more and more rapid, making challenges for the MDM providers to adapt their technology and client support for these devices - if they support MDM functionality at all. We know that its not just OS, brand or model that is making this difficult, but also firmware and operator branding can be a obstacle for a working policy for that very phone. For a good while ago a device manufactor changed their implementation of encryption policy - not updating their documentation. Also, they did introduce a bug in the authentication handling library of their business devices. Microsoft hasn't yet implemented MDM API for their MS Windows Phone 7 devices, I guess they released a consumer oriented platform to "win the masses" and thereafter release images for manufactors with MDM API later on. Rumours says they will do so in late 2011. Apple and Android makes a challenge for the professional business market - meaning, if a nurse working with homecare would use this phone in the daily work registering status of their home visits - a company making such software (client/server) would have to put a lot of resources and money in developing a new version of their software. The same for the electricians carrying a smartphones for registering their work and checking material status at their logistic storage. What I say is that these 2 OS platforms are still inmature in general technology market. So - people providing MDM solution and giving customer advices have to provide the best answer for that very customer, depending on the mobile devices they are using or planning to use. There is no such as a 1 MDM solution for all situations and smartphones. The need for the customer is so different and one have to use different approaches to satisfy the customers. I however agree that its good that technology improves the jobsituations for people in many way, but its no good advice for a customer to be recommended introducing technology that can't be handled properly when it comes to security, available 3rd party applications and solutions, etc. The OS platforms are too different for managing through 1 MDM solutions and none MDM provider is ahead of the smartphone market today. When it comes to functionality and how the end-users spends time on private things, like Facebook - its up to the company to enforce policies and then again, depending on their software solution, if this is supported to block. Blocking different functionality and services on a device is however not what I think the leaders of a company would appreciate, they get the devices first and often MDM solutions are tested with their phones to validate the functionality before a decision is taken. These people are often making a presence of how the policy is in fact is used in real-life. Also, companies having a policy "Bring your own phone" would very soon get into trouble managing their internal support for the varous devices and different questions from end-users. It's a pity that this happens..I mean, what companies are saying "Hi, welcome to the company - go out and buy your laptop of choice, fill it with private stuff and mix it with company information..we are happy if you are happy!". Why should there be any difference between handling phones in a company and their laptops ? How to cope with these challenges ? Well, its not possible to reduce the pace the smartphones market are developing. I think giving good advices to customers are important, there is no such as one correct answer to how a company should handle their situation, but it's perhaps a good way and a less good way of approaching this. Mico