THE BLOG

IT On the Verge of a Mobile Meltdown: Why BYOD and Mobile Application Management are Driving Businesses Crazy

31/07/2014 11:44 BST | Updated 29/09/2014 10:59 BST

When British Telecom was nationalised and Post Office-owned, innovation was lacklustre but you generally had a phone that worked, and a phone line that came into your office or home that rarely had a problem. All that changed in 1984 however, with Thatcher's privitisation bill and the telecoms industry becoming deregulated and open to competition. That opened doors to better choices for customers, as well as faster innovation but also meant despite the added choice there were some systems that worked and others that didn't.

In retrospect, deregulation of the telephone monopolies is a lot like what's happening now with applications in the enterprise. In the early days, IT had a monopoly of control - devices, operating systems, applications. In that tightly controlled environment - everything worked as intended because, IT had control over it. IT distributed the approved devices (i.e. desktops, laptops), approved operating systems (i.e. Windows XP? Windows 7?) and approved applications (i.e. Office 2010? Oracle database?). And behind the scenes IT did all the Application Readiness magic - testing applications for compatibility with OS' and devices, fixing problems, and then handing off the approved application package - assured of functioning properly - to the deployment system for distribution to the employees.

It was all very big brother. But in that iron clad system, it worked and enterprise applications chugged on reliably, like background white-noise, with boring predictability and reliability.

Now comes Mobile and BYOD and everything is rapidly changing. It's as if the iron curtain is being lifted, and Big Brother is falling. The popular revolt is breaking up IT's monopoly on control from the bottom up. Employees want to be unshackled. They want the devices they want. The operating systems they want. The apps they want. And IT must now bend to the will of employees, rather than the other way around.

The only problem is, now that the workplace is democratising - everything has grown more risky. Things are breaking. And IT is going crazy - because it now must serve two masters: the people and the c-suite. IT must give users what they want - while assuring the executive team that there will still be reliability, predictability, control and security.

And as a result, many IT teams are "On the Verge of a Mobile Meltdown."

Tasked with implementing BYOD and empowering employees - IT now has to figure out a way to maintain its sanity and rein in the chaos. IT must give employees what they want - while still delivering the reliability and security that was emblematic during the grey-old days of centralised control. But how to do that when employees are connecting their devices to the corporate network? Replacing their phones and tablets and updating operating systems and apps at will - without any IT control?

How can IT know whether a stock traders' financial app that moves millions of pounds in securities at the swipe of a finger - will work tomorrow when the trader upgrades to iOS 8? How can IT know that an employee's cloud-storage app is capable of moving sensitive corporate data outside of the firewall to an unknown environment? How would IT know that a notes app an employee is using to track sensitive customer data can connect out to email, texts, Facebook and Twitter - making it easy for the employee inadvertently to leak confidential data out to the world?

IT needs to expand its Application Readiness processes and automation capabilities to accommodate the strange new world of mobile devices, operating systems and apps. And to do this, it must address two fundamental challenges on an ongoing basis to prevent a "Mobile Breakdown":

  • Will your mobile environment break your apps?
  • Will your mobile apps compromise your environment?

If IT can tackle both these issues quickly, efficiently, and economically, sanity can be restored and organisations will be able to conquer BYOD with the predictability and reliability we were accustomed to when IT ruled the universe.

Will Your Mobile Environment Break Your Apps?

This question is important, because in the mobile world - IT no longer controls the devices, operating systems and application versions accessing corporate data. Employees are constantly purchasing new phones and tablets. And they're also completely free to upgrade to a new OS whenever they want. As a result, IT can no longer know for sure whether corporate-approved mobile apps will function on the myriad devices and operating systems employees are actually using.

What can IT do about it?

IT may no longer be able to control the environments - but it can test apps' compatibility with those environments so that it can warn employees ahead of time when an upgrade will break the app.

How IT conducts these tests is a matter of strategy. Some organisations will throw more headcount at the problem. Some will acquire new testing tools. But best practices dictate that businesses should incorporate mobile application management into their existing Application Readiness processes so the same effort and technology solution around testing and repackaging can be used for all applications - including mobile.

Sophisticated Application Readiness solutions already do this. They enable automated compatibility testing for mobile devices and operating systems - at the same time as tests are conducted for on premises, web-based and virtual apps - saving time, money and headcount.

While an organisation may not be able to control whether a financial trader upgrades her iPhone or OS, it can learn ahead of time whether her stock-trading app will work in that new environment. This gives IT the opportunity to warn traders not to upgrade their iOS until the detected compatibility issues have been resolved. IT can be a hero in preventing the previously functioning app from breaking - and in the process head off the mobile meltdown that would otherwise ensue had that app broken - with millions on the line.

Will Your Mobile Apps Compromise Your Environment?

IT must also be able to address the second critical question in mobile application management. Will the mobile app break your environment? By that I mean, do you know what the app does? What device features it can access? And whether those functions comply with existing corporate policy or require new policies? For example, do you know which apps your employees use for business-related (a.k.a. confidential) purposes that can also access Facebook? Twitter? GPS function? Camera? If you don't, you should or you have a security problem.

In the 'good ole days', IT was very familiar with the enterprise apps allowed onto the network. It therefore was simpler to create and enforce policies around those applications. But in the mobile world, most IT teams have very little idea what the apps hitting their network can do, and therefore they have very limited ability to assess the apps' behavior and risk to determine appropriate policy.

All organisations need to enhance their Application Readiness processes to identify the mobile apps that display behaviors that may introduce risk to corporate security and data privacy. These tests can be done manually. But Application Readiness best practices would dictate the use of tools that provide automated processes that look inside the mobile app property files and APIs to understand what features the app is accessing on the device, in order to identify apps that exhibit risky behavior. Transparency to these behaviours will help enterprises establish mobile application management policies and configuration profiles designed to reduce risk.

Today Mobile, Tomorrow....?

Today mobile is creating tension and anxiety - tomorrow it will be something new. Businesses must address these issues around BYOD and mobile in order to secure their corporate data and prevent unacceptable risk today. The bigger question is how to address this issue efficiently and cost effectively tomorrow, and the day after that -- across all environments (on premises, virtual, cloud, mobile, and whatever comes after that) and across all devices. Companies need the confidence that the approach they choose will accommodate today's needs as well as change that is inevitably around the corner. How they execute their Application Readiness Strategy and implement appropriate automation will determine for how long sanity and order will prevail.