"To enable security and protection of corporate data, remote lock and wipe capabilities are critical," said Peter Smith, director of Wavelength Consulting, a mobile strategy consulting firm. "Never allow a device to access corporate information without [enabling] remote lock and wipe."
The former CIO of local mobile operator CSL, Smith noted having access to monitor and remotely wipe off data should be a policy that applies to all devices that have access to the corporate internal system, regardless they are corporate-owned or under BYOD policy.
At Standard Chartered, the bank also uses the device's security functions--Schofield said it's mandatory for all iPhone-users to switch on the passcode-lock function (a best practice for all iPhone-owners).
"We use the encryption that's built into iOS devices and use our Exchange servers to force policies to enable remote wipe and allow access to our internal systems," said Schofield. He said VPN connection is also required before employees can access internal corporate systems or mobile apps.
Other precautions for the corporate iPhones: jailbreaking is disallowed, sensitive data is stored in the cloud and users may not install iTunes to download external applications.
Managing apps performance
Another challenge for enabling mobility is the control of application-performance. Compuware's International CIO study conducted last September surveyed more than 500 IT executives--64% of them stated it is almost impossible to provide support for employee's mobility. The study indicated that reliance on external networks is making it harder for IT to control performance and end-user experience.
Schofield said that performance is particularly critical for custom apps, and his team tackled the issue in the development stage. "FX Rate wasn't as fast as we wanted," he said. "So we worked on the app and the background [infrastructure] to make the packets smaller and do packet shaping, so we get the data to the phone faster and more consistently."
An alternative solution is to rely on the bank's global Wi-Fi network MobiNet--a customized network for the bank's iPhones available across all major Standard Chartered offices and outlets around the world. All the corporate iPhones are enabled, they will automatically switch to connect MobiNet once the phone enters the bank's premises. Schofield said this policy encourages employee to leverage the bank's network of physical premises to access mobile apps with more stable performance and under a secured environment.
The OS dilemma
Apart from app-performance, businesses are also tasked with providing apps for multiple platforms. Apple's iOS appeared to be the primary and first platform for most local enterprises engaging in mobile apps development. At Standard Chartered, all internal mobile apps are available only via iOS devices--the bank supported mobile access via Blackberry devices for years, but Schofield said they're not building any apps based on that platform.
Sign up for CIO Asia eNewsletters.