Step 1 - Establish enterprise mobility strategy and policies
Traditional IT models are highly controlled and monitored with individuals relying on companies to provide computing capabilities and network access. The deployment of applications to company-owned assets, such as a PC or BlackBerry, was straight-forward and the delivery of support processes was reasonably simple.
But it's far more complex in the modern mobile environment where many of the former safeguards no longer apply or are inadequate. New policies need to be developed to tackle some key questions:
- What is the overarching enterprise mobility strategy that drives this policy?
- Who owns the device and pays for access - the company or the individual?
- What are the risks of having company data on a personal device? Conversely how do enterprises protect the privacy of employee, customer and supplier data?
- How does the enterprise enforce security, such as passwords or encryption, on a personally owned device?
- How does the enterprise mitigate the risks of an employee losing a device?
- Who is responsible for providing technical support and for what applications, for which devices?
- What are the financial impacts and expected returns on investment of moving to this new end-user computing model?
Step 2 - Establish solid infrastructure
Building a solid foundational infrastructure to support enterprise-class mobile applications is essential and can be divided into three main areas:
The deployment model
This is one of the most critical decisions and is driven by security and privacy policies developed in Step 1. Applications can be either deployed:
- In the native environment of the device with access to all its resources but constrained by the devices' capabilities
- Into an encrypted container on the device with access to selected capabilities plus resources within the container
- On the device using a thin client. The applications use the capabilities of the server they run on rather than the computing resources of the device
Network architecture and security policies
Firewall rules and network security policies in most organizations are designed to support web-based applications using perimeter-based defense structures. However, this approach is no longer adequate to deal with employee-owned mobile devices that can potentially access an organization's core network behind the corporate firewall.
Organizations need to consider various scenarios when making changes to their network architecture. This may include control measures for access to the intranet, company-owned applications, data from home, public access points and from within the enterprise using either personal or company-owned mobile devices.
This focuses on workplace capabilities such as corporate intranets and extranets, email, instant messaging, microblogging, and social networking and is heavily influenced by enterprise security requirements. Collaboration infrastructure presents some unique challenges as enterprises must be able to track the use of corporate assets, while respecting the privacy of individuals, both from within and outside the enterprise firewall. This must also be balanced with users' access to enterprise data both at work and in a remote environment.
Sign up for CIO Asia eNewsletters.