A mobility project without a clear device management strategy is a short-sighted approach,” says Gene Signorini, wireless enterprise solutions director with The Yankee Group. In a report titled “Successful Mobility Projects Must Include a Clear Device Management Strategy,” he explains, “The first challenge in creating a successful mobility project is building a business case justifying the investment and understanding user requirements. An often-overlooked challenge is the management and administration of wireless applications once deployed.”
A clear device management strategy can help make the business case for mobility by instating a plan to keep the total cost of ownership within reasonable limits by reducing the number of IT support personnel dedicated to managing a mobile solution, reducing device downtime and support or replacement costs and possibly reducing the number of lost, stolen or compromised devices in the field. A good device management strategy can also improve internal and external service with quicker problem resolution, better device restore capabilities and improved uptime through reliable support. According to Signorini, “ensuring high levels of service to workers using the solution is paramount to guarantee user adoption and success of the solution.”
Also, companies with comprehensive management solutions in place are better equipped to handle the constantly changing landscape of mobile devices and applications. The ability to rapidly configure and deploy new devices allows enterprises to more flexibly and easily pilot new devices in the field. Given the untethered and rapidly changing nature of mobile devices, management requires more than just an IT visit to make sure everything’s up to speed.
Signorini lists five mobile-specific factors to consider when planning a device management strategy: The physical dispersion of devices means even routine IT maintenance can be a challenge; mobile devices are almost always mission-critical, as the time a device is down translates almost directly to decreased productivity and “underutilization of critical assets”; the varying needs of mobile workers requires a variety of different tools; the increased turnover and refresh rate of mobile devices means constant change and upgrading; and finally, mobility greatly increases security concerns.
It’s the last point that seems to shape the current market in many ways. “I think there’s a bit of confusion in the market,” says Stephen Drake, program director at IDC. “It’s a question of where does mobile security end and where does device management begin. As enterprises begin to think, ‘Do we really need to have this other vendor?’ you will begin to see some convergence in the market.”
Dave Taylor, VP of worldwide marketing with device management company Landesk, says the issue of where security ends and device management begins is more complicated than people think. “I’d love to be sitting down over a nice dinner having a two-hour conversation about this, because it really speaks to a convergence that’s been happening in the market in general,” he says. “I think a lot of people realize that there’s two sides to security issues. Yes, there’s malicious code or malware that’s actively attacking our systems, but there’s also a huge amount of security that just has to do with the configuration of your machine. Take this Zotob worm that’s been out recently as an example. What it did was take advantage of a mis-configuration on Windows 2000 systems. Windows 2000 left something open on machines called a null session share, which makes it easy for an administrator to monitor a machine, but it also made it possible for a hacker to go and exploit the machine to propagate itself throughout an environment. Now, this was not a case of a malicious bug—[null session share] was put there on purpose—but a smart network administrator would have shut that off in their environment. So we look at that and think, what is that, is it a security issue? Is that a configuration issue? Really it’s both; it’s a mis-configuration that leaves you vulnerable to an attack. And there’s a lot of things like that in this space.”
Narrowing the Field
Security/management convergence certainly can confuse the options when shopping around for a solution, and with all mobility strategy pieces, it’s crucial to understand how your team will be using the mobile devices and applications to really understand what you’re looking for.
According to Drake there are two good places to start: “There are two key groups who play in this space: the existing management providers, such as IBM Tivoli, Novel, Landesk, CA and HP. These are big management guys who manage everything from the mainframe to the desktop and can continue to manage laptops and all of these devices by adding mobile components. And the other side are the mobile middleware players, who have included [management] technology. Sybase would be one of those, Intellisync is another.”
According to Drake, the mobile middleware player’s entrance in the market is a natural fit. As it’s deploying a mobile solution to maybe 1,000 users involving 100 different applications and carriers and a handful of different devices and operating systems, it wouldn’t be difficult for iAnywhere or Intellisync to say, ‘We’ve got a management product to help address this going forward.’ Also, vendors such as iAnywhere and Intellisync brag about being able to manage the widest variety of devices because they are already familiar with the myriad form factors and operating systems needed to deploy mobile solutions.
From the management end you can also imagine that “you’re managing your mainframes and desktops with an IBM Tivoli product, and they offer to just add mobile management on. The value being you’re getting an all-in-one console, not to say that the other companies can’t plug into that, but one console and one company to buy it from is pretty attractive,” says Drake.
Whether you choose to go with a management provider that includes security, or with a security vendor that’s tacking on management, Gartner’s Signorini recommends IT decision makers make sure solutions they consider include these minimum management requirements: software installation, inventory and updating; hardware inventory and asset management; backup and restore capability; security policy management and enforcement; remote over-the-air file and policy administration and push update capability; and remote data wipe and/or device lockdown.
Signorini also recommends that enterprises consider a separate systems management application or toolset. Not that the mobile application vendors who include management components aren’t capable of including good tools, but as “mobile deployments become more complex and multiple applications are supported for a wide array of mobile users, a diverse application and user environment requires a more robust, dedicated solution.”
A good place to begin the search for a device management provider is to ask carrier partners, mobility solution providers, device manufacturers or application providers you already work with to refer you to potential systems management vendor partners.