iPad, iPhone Challenge Management Orthodoxy

The mobile landscape is moving so quickly that strategy and tactics are merging.

One of the more surprising results of the mobile revolution is the way that IT departments have lost their role as the providers of the technology. It's now just as likely that people will be doing business with personally owned devices, as they are to use devices issued by their employers.

As recently as five years ago, it was still expected that if an employee needed a mobile phone, the employer would provide it. If there was any integration with corporate systems, one would probably have had a BlackBerry and the IT department would have run one or more instances of its supporting platform, the BlackBerry Enterprise Server. The only exceptions to this model were those shops that had embraced other platforms, such as devices running Symbian or Windows Mobile. But in all these cases, the device was a phone with some e-mail and calendar features. Although third-party applications existed, they were at best cumbersome to install.

Today, that's no longer the case. It's increasingly common for people to bring their own devices into the business, and then expect IT to make them work with back-end systems. The credit-or blame-for this sea change in attitudes and expectations rests with Apple, thanks to the resounding success of the iPhone, and more recently, the iPad.

Chip Pearson, managing partner of JAMF Software, believes that iOS devices "are one of the most disruptive technologies that's come on, quicker than anything. We're seeing, really for the first time, the business driving the conversation, versus IT driving the conversation."

Although Apple's phones were more of a novelty than a business tool when first introduced in 2007, the application ecosystem that has grown up in just under three years, since the debut of the iPhone 3G, has made the iOS platform a force with which to be reckoned. It's no longer a big deal when someone walks into the office with an iPad or iPhone and expects that it can be connected to corporate e-mail or a Salesforce.com deployment. IT is presumed to be able to support an employee's iOS device as well it does company-issued systems. This pattern has become so commonplace that the term "employee-liable" has emerged for such cases; the business doesn't bear the cost of the device, but gets the benefit of its capabilities.

It's become clear that the old relationship of end-user to IT is being turned on its ear by the new generation of mobile devices. As Chris Clark, chief operating officer of Fiberlink, put it, "The contract, the relationship between employee and company, has to be rewritten in this mobile, new-normal [world], where 9-to-5 is no different than 5-to-9, and you're going to bifurcate your data while you unify your personal and professional tool."

Ojas Rege, vice president of products and marketing at MobileIron, went a step further, pointing out how quickly the tide has turned. "In 2009, it was... IT saying -No.' [In] 2010, users forced the issue; they forced iOS into the enterprise, and IT had to be very reactive, and put in place the basic security and management," he explained. "In 2011, we're seeing a shift, which is IT becoming more proactive, and a lot of folks in these organizations are seeing the potential of these devices."

Ahmed Datoo, chief marketing officer for Zenprise, noted: "The [IT] world yesterday was built around standardization: -You will get a Dell laptop, running Windows XP, this Service Pack version. Here are the things we will allow you to install.' People who are still clinging to that world are going to be unsuccessful." What people are seeing, he added, is completely new. "Someone is saying, -I [have] this device; I want you to support it.'"

JAMF Software's Pearson pointed out that the initiative has shifted, perhaps forever: "The business will say -We're going to do X with iPads' or -[do] X with iPhones' and there's this destination that's set by the business. The route to get there is often unclear to the IT department, because it's so new."

Ownership Equals Control

No matter who is driving the conversation, the employee-liable model has its attractions for many companies-perhaps the most notable being the lack of capital expenditure by the business. For IT, managing these employee-owned devices is a bit of a puzzle; it's no longer possible to assume that all the applications and data on a mobile phone or tablet belong to the company, as is the case with conventional computers in the workplace.

That complicates the landscape, especially for shops that lack a management infrastructure for mobile devices. Although it's true that iPads and iPhones that are connected to a Microsoft Exchange e-mail server can be remotely disabled by taking advantage of the ActiveSync console's ability to wipe the device's encryption key (in iPhone 3GS and later devices), that's a perilous step to take when an employee owns the device in question.

Mobile-device management, or MDM, vendors agree that one advantage to Apple's tight control over the iOS platform is that third parties are all starting from the same place. There are no "most favored" vendors in Apple's world-except, of course, Apple itself.

Brian Reed, vice president of products and chief marketing officer at BoxTone, pointed out that, "we're all basically equal in terms of physical MDM features," but vendors have a chance to differentiate themselves in "how those are implemented, and how those interact with existing systems in the enterprise."

With Apple being the sole supplier of iOS hardware, the only fragmentation comes from the differing capabilities of one generation of iPhone compared with another, or the differences between an iPad and an iPhone. This contrasts with the situation faced by vendors wishing to support Android devices, where Google leaves many of the decisions regarding device management to the hardware manufacturers.

As Mark Jordan, senior product manager for Sybase Afaria, put it, "We're wholly beholden to [Apple] on the capabilities they provide. After that, it's just a question of style." There is an intricate dance between the MDM vendors and the device manufacturers, he said. "You want to make sure when you're investing in capabilities for a particular ecosystem, that you're aligned with that particular vision of the vendor, because if you're not, they can turn you off very easily."

Mixing Tactics and Strategy

The mobile revolution is happening so quickly that IT really has no choice but to simultaneously perform first aid and major surgery when it comes to incorporating iPhones and iPads into their management environments.

One advantage that Apple and its customers have, said Dimitri Volkmann, vice president of product management for Good Technology, is that iOS is ahead of the competition in terms of management features. "There are different levels of management you can do, depending on the devices, and some are more advanced than others; clearly, iOS is more advanced than others right now." In contrast, he said, "Android is lagging behind, because they [only] started to add some whole-device management capabilities with [Android 2.2]."

BoxTone's Reed explained that many of his company's customers are trying to play the short game and the long game at the same time. "What we're finding in a lot of midsize companies is that they're trying to do the quick tactical thing, but still define a strategy around it," he explained.

Fiberlink's Clark agreed: "They plug the hole, and they're going to work back, into a broader, more visionary kind of way to do best practices, and [work] in a more efficient manner."

Sybase's Jordan advised, "Make sure the infrastructure is more strategic than tactical. You really want to set a foundation for your ecosystem that's going to be enterprise-grade, scalable, and that's going to be... an infrastructure to provide that level of security and management that you're going to need across the board."

A pitfall to avoid is doing management on the cheap, said AirWatch chairman Alan Dabbiere. "You see so many companies trying to manage these with ActiveSync, and it's just such a limited tool," he said. "It's certainly better than nothing, but it wouldn't manage an employee-liable [device], where the legal status of being able to truly wipe someone's personal device is very unclear."

Reactive management is another trap, he added. "We have so many companies that have developed applications on iOS and all of a sudden realize they need a way to distribute those apps. All of a sudden it becomes a fire drill."

The slope isn't just slippery, concurred MobileIron's Rege. He said, "The moment that IT thinks they're starting to get caught up on the policy front, suddenly the usage of the device increases [or changes]. Keeping up with the use cases and keeping up with the user is maybe the... biggest challenge that IT organizations are facing."