Mobility of employees has increased dramatically over the past several years in response to changes in the workplace and advances in technology. Market categories are continuing to break down, as greater intelligence and network access become available on cellphones. As well, networks are moving toward ubiquitous IP - with increasingly mobile broadband reach through 3G and 4G cellular services, WiMAX, and more powerful wireless LANs.
All of these devices add new applications and new capabilities for the mobile workforce, but they also create new management and security issues. A simple cellphone has few issues, because it contains neither data nor applications, and does not interact with the network. A smart phone, however, might attach to the network, access corporate data, run applications - and be subject to hacker exploits, malware, viruses and the like. Issues of compatibility can also emerge, with different devices using different operating systems and applications to exchange messages and data.
Managing remote devices is going to mean not only looking after security, but also considering access issues, data storage, integration and the like. SaaS applications from the cloud are also becoming important as a way to improve mobility by locating applications outside of the client device - thereby providing uniform access regardless of location or available computing power.
Hewlett-Packard is a leading supplier of notebook solutions and is a global force in smartphone products. “The broader availability and improving affordability of 3G broadband is driving more use of mobile solutions,” says market development manager Simon Molloy. “Mobile users can stay in touch from just about any location. Notebooks with embedded broadband capability are becoming more popular and embedded broadband capability will become an expected feature in medium to high range notebooks in the next few years, in the same way that wireless became a pervasive technology.
Meanwhile, netbook adoption continues to increase. Popular with consumers and students initially, the netbook is quickly being adopted by business often for specific application areas that could not feasibly be addressed by traditional notebook solutions. Cloud computing will further drive the need for anywhere, anytime access to the internet.”
Netbooks have become an important element in many organisations’ mobile strategies. The application of netbooks in business is broad; their lower cost and portability means they can address requirements which are not feasible with more traditional mobile solutions. Many users will look to netbooks as a second device optimised for travel.
The netbook is positioned as a utility device, ideal for information access functions such as email and internet. The latest netbooks offer improved performance and support limited content creation applications as well.
Mobile devices present a number of new security and management challenges for CIOs. “The exposure to data theft increases dramatically when you are mobile,” says Molloy. “Therefore, a strong security policy is essential to safeguard notebooks and handheld devices.”
While the current economic environment has impacted the mobile market, strong organisations continue to look to mobile solutions to enable them to be more responsive and competitive.
“The increasing richness of offerings in the mobile area means that resellers more than ever can offer value to customers, and offer a complete solution,” says Molloy. “Having in-depth knowledge of the devices available and matching these to customer needs is essential. Extending the solution to include enhancements such as docking solutions, communications and application support should result in improved profitability. As always, it is vital resellers understand customer requirements and drivers. They then need to be able to build a suitable solution from all the options available. A good knowledge of the current technologies in the market is essential.”
International storage vendor EMC is concerned with the infrastructure impact of mobility. “Organisations across New Zealand are facing pressure to improve the overall performance of their business as the economic downturn continues to bite,” says marketing CTO Clive Gold. “Today’s business needs to be agile and mobilised to compete on a level playing field with domestic and international counterparts.”
Mobility, however, inherently creates risk. “Organisations that mobilise their businesses effectively extend critical IT infrastructure outside their company walls to mobile devices,” says Gold. “By increasing the risk associated with company data there are some key management issues that need to be considered. The first is security protocols to protect access to the company’s IT infrastructure. This means only the invited get in and those seeking to fraudulently enter the system to access information can’t. Businesses also need to prevent data loss from within and outside the business. This is specific technology that protects each piece of data on the network.”
Gold views the mobile security issue as an information infrastructure problem rather than a device issue.
“When you add the potential for mobile access to all types of business data by all staff, you know you have a problem,” he says. “Hence, where mobile access is concerned, it is important to consider all the potential risks and wrap stringent security protocols around policy decisions. It’s also really important to set a code of compliance for business security and assign someone to direct that. This will ensure that the defined security policies are implemented and when changes are made, such as for upgrades and fault rectification, they are completed to standard and timeframe.”
For resellers, Gold urges those who are working with mobility solutions to consider a broader picture. “Resellers need to understand the impact upon storage infrastructure design of introducing a mobile workforce that will demand 24 by 7 availability and performance,” he says.
High performance networking and security vendor Juniper Networks has been monitoring developments in the mobile cellular area. “As wireless industry is delivering on its 3G broadband promise with growing deployments of HSPA, EV-DO, and WiMAX, an increasing number of end-users are pushing more applications over air as opposed to wires,” says Nikhil Shah, head of the wireless strategic market development for Asia/Pacific. “While wireless operators’ business models are going though transformations, mobile networks are evolving to all-IP architectures. Juniper Networks is closely working with mobile operators across the world in making this transition. ”
Within the industry, Juniper sees two major trends. One is the uptake of smart handsets or terminals and the growing demand for these to be wireless. The second is bandwidth consumption. The security requirements are growing well beyond what was predicted.
“Enterprises are significantly increasing mobile application focus, because such applications improve the efficiency and effectiveness of knowledge workers by providing new or improved accessibility across collaboration applications,” says Shah. “They also optimise line-of-business processes, such as sales forces, field service, manufacturing, operations and logistics. One of the management challenges for enterprises is that they need to look at investment in these applications against longer term horizons rather than viewing them as merely tactical projects. There is lack of awareness of what policies, processes, skills, financial analysis, will be required to justify, development, deployment of and support for mobile applications.”
Proliferation of mobile devices, increased flexibility and the sheer sophistication of services running over next generation networks means it is becoming increasingly difficult for enterprises to effectively secure their networks to the level demanded. The complexity of networks and IT environments is increasing all the time. Increasing use of mobile devices is adding to that burden.
“Next generation networks carrying rich content and functionality might be driving business success, but they are causing enormous pain for the CIO,” says Shah. “As an example, Blackberries open up a TCP session each time they access the network - which is relatively easy to secure and firewall. IPhones, on the other hand, open up 500 sessions each time – neatly illustrating the growth in complexity that these new technologies are bringing. Security threats and the need to manage and control these for mobile applications is a huge focus for Juniper in the Asia Pacific region.”
For the reseller, there are opportunities in services such as security risk assessments, helping customers with best practices around security and compliance, identifying what employees are accessing on the network and developing procedures to manage access are premium services that can be offered. “In the mobile world, security threats are imminent, but there is still lots of work to be done to raise awareness around the seriousness of these threats,” says Shah. “Resellers need to focus on the whole ecosystem – from handset to mobile network gateway nodes.”
International vendor M86 Security (previously Marshal) assists organisations with security tools to proactively secure business networks; protect sensitive information; and maintain employee productivity in an office-based as well as mobile work environment. “Mobile computing and portable storage devices are technological marvels — and security nightmares,” says Asia-Pacific VP Jeremy Hulse. “Plug-in devices and remote connections present a unique challenge to IT administration. Businesses need to meet compliance regulations, ensure remote users adhere to Acceptable Use Policy’s, and ensure that mobile devices ‘don’t walk away’ from the network with any “extra” content.”
Mobile devices are increasing the occurrence of data leakage. It is now easier than ever for employees to share confidential information if the right security controls are not in place. There is a huge issue around data in motion due to the movement of portable devices, but also due to employees leaving and gaining positions with competitors. Mobile storage devices are a major compliance issue and organisations need to realise the potential they hold for data leakage.
“In managing this threat, it is important for businesses to have a clear understanding of what type of information they allow employees to access,” says Hulse. “Most mobile devices are supplied by the company and as such the organisation has the right to set parameters around the usage of this equipment.”
Devices such as netbooks are getting smaller, more powerful and increasingly more connected. The information contained within or accessible through these devices needs to be secured. Devices such as iPhones are “walking, talking PCs”. They have all the functionality of a PC and can allow you to access network folder structures, ERP and CRM systems.
“The last generation of handheld devices were lightweight compared to the current crop,” says Hulse. “Now it is more important than ever for organisations to determine what information can be accessed and from which device, in order to prevent data leakage.”
An important point for resellers to consider is that there is no all encompassing single vendor solution when it comes to mobile security. “Resellers need to continue to expand on their knowledge and understanding of security technology,” says Hulse. “This will give them a good platform to build strong relationships with customers in order to gain an in-depth understanding of their specific needs and provide appropriate solutions.”