Mobile administrators charged with growing a company’s mobile initiatives quickly find that proper management is essential for providing a consistent and predictable experience to mobile users.
However, as a company’s use of mobile technologies grows, mobile administrators need to expand their perception of what constitutes mobile management beyond the device and its configuration. They need to account for the ongoing security, application performance and use costs of these devices as well.
Device management, the most common form of mobile management, also offers the most choices for corporations to investigate. Mobile operating system makers such as Microsoft and Research In Motion have their own MDM (mobile device management) systems, as do device makers Nokia, Motorola and Hewlett-Packard, and third-party ISVs such as Sybase. MDM solutions can be bought for in-house deployment or as a hosted service provided by a carrier or other third party.
eWEEK Labs finds Zenprise eases BlackBerry management. Read the review here.
These MDM systems provide the basic tool set for managing and monitoring a mobile fleet over the air, allowing administrators to remotely track inventory and maintain consistent firmware revisions across the fleet; deploy, update and configure applications on the device; set up, update and maintain access and configuration policies; and monitor basic device statistics such as memory and storage usage. Depending on the platform, administrators may also be able to do some interactive troubleshooting on the remote devices, or devices may be able to autoheal themselves according to policy.
Save for the solutions delivered by the operating system purveyors, MDM systems will likely have the widest levels of device support, as many MDM systems have been designed to work not only with the common smart-phone platforms, but with the lesser-known platforms found on many feature phones as well.
Therefore, enterprise mobile administrators may find they can start supporting a wider variety of consumer-grade devices brought into the network by users demanding the devices be made to work with the corporate e-mail, VPN and Wi-Fi networks. However, letting all these devices on the network piecemeal could be folly, as it will become nearly impossible to deliver that consistent experience across a wide range of devices with varying capabilities and operating systems.
Administrators will find drastically less varied device support as they extend their management frame of reference to encompass other issues equally important to maintaining a consistent mobile experience. To improve the company’s use of mobile devices, administrators will need to ask questions such as: Are my applications working as expected? Are my devices secure? and Am I paying too much for service? Then they will find their MDM systems an insufficient answer. Other solutions are required to tackle these problems, and these solutions typically support a significantly less diverse collection of devices.
Security Management
Security Management
There’s a blurred distinction between the device and security management categories. Most MDM systems enable or implement some security functions such as device lock, remote wipe and certificate management, plus both on-device and VPN encryption.
However, there is also a wealth of mobile security functions that can only be implemented as part of a mobile security platform that includes its own management systems. Security suites that bring anti-virus, firewall or tamper protections to mobile devices have not made much of a dent in the market until now, and data leakage protection at the mobile device remains a far-off concept altogether. However, as these devices continue to gain importance to the enterprise user, and as the threat landscape for these devices continues to evolve, businesses will need to adopt and implement some or all of these security services to protect sensitive data and meet the demands of compliance regulations.
These security suites come with their own management platforms, generally the same ones enterprises use to manage their anti-virus and firewall suites for their laptops and desktops.
Essentially each vendor is relying on the device management systems mentioned both to deliver the security features to mobile devices in the field and to keep the policies and signature databases up-to-date.
Application Management
Application Management
Mobile devices are only as valuable to enterprises as what the users can do with them. To date, mobile devices have gained the most traction in the enterprise because of two applications-e-mail and voice. However, new killer applications will appear in the mobile milieu as mobile device application development increases, mobile Web browsers continue to evolve, and exciting new features-such as location services-become more available and usable. Still, what good are any of these applications if they don’t work as billed?
As mobile devices become more mission-critical, ensuring proper operation and performance levels of the applications will become essential. Unfortunately, these applications do not exist solely on the mobile network. Instead, these applications consist of many different services and must traverse a wide variety of networks, many of which are out of the enterprise administrator’s purview.
Take e-mail, for example. A BlackBerry-based mobile mail environment includes not only the end-user device and an e-mail server, but also the corporate directory; a BlackBerry Enterprise Server for device configuration, management and mail delivery; RIM’s BlackBerry network; and the carrier network to boot. Finding the root cause of problems within such variegated applications can be a herculean effort. That’s why companies such as Zenprise are taking an application-centric approach to managing a mobile mail environment, helping organizations pull together data from all the potential sources of trouble.
As VOIP (voice over IP), mobile unified communications and FMC (fixed mobile convergence) implementations begin to grow, I expect to see similar application-centric management platforms take off for the mobile voice experience. Third-party tools will come to light that monitor VOIP and presence traffic end to end, from mobile device to the infrastructure components.
Service Management
Service Management
I tend to think of mobile service management as financial oversight, or more specifically, paying the least buck for the bang. Each mobile user will have different requirements from-and differing comfort levels with-his or her device. Consequently, the usage totals for both voice and data can vary wildly from user to user. However, organizations will often provision the devices with identical pools of minutes or data plans, so one heavily used device generates a flood of overage charges while the other device sits unused in a desk 29 days a month.
The mobile operators offer some assistance to companies looking to track their usage across their organizations, providing per-user-or perhaps per-group-assessments of costs and usage. However, helping customers efficiently distribute and use their voice minutes and data plans is not really in the operator’s best financial interest. The information operators provide, therefore, may be lacking detailed trending information, or it could be delivered in a form that requires some serious Excel magic before the data becomes useful.
There’s room for an external vendor then to partner with the carriers for access to this kind of usage data and then turn around and sell management solutions to help companies make their mobile plans more efficient. Companies such as Visage Mobile (with its MobilityCentral platform) aim to bridge this gap, providing corporations with the right mix of data and tools to make these accounting decisions.
MobilityCentral is a hosted solution that examines data from the corporation’s enterprise directory and mobile device fleet, and then correlates it with account data from the relevant carriers. This data can help organizations easily spot devices that are being overused when compared with their allocated plans, and see to which user the device is assigned so proper notifications or actions can be taken to avoid the problem in the future. Such action might be a warning against overuse or an increase in available resources to meet the needs of the job.