While the consumerization of IT marches on, in its footsteps lurks the specter of unknown risk. We live in a world of zero-sum games of litigation where suffocating regulations are the norm, and failure to comply can draw millions in fines and lawsuits. Technology diversity multiplies the challenge of maintaining compliance — it’s no wonder so many IT shops take a one-size-fits-all approach to workforce computing and forbid bring-your-own-device (BYOD). But it doesn't have to be this way. It’s possible to craft an approach that brilliantly achieves the conflicting goals of embracing BYOD and consumerization while slashing the risks and costs at the same time. Our recent research on the topic comes from working with lawyers and auditors who specialize in technology law and compliance reveals that it can indeed be done.
You Still Have to Act But the Cure is Often Worse Than the Disease
The technology attorneys we interviewed for this research agree — once you learn that BYOD is happening in your organization, you have a legal obligation to do something about it, whether you have established industry guidance to draw on or not. The answer is seemingly simple: Take action to stamp out the risk. However, the answer isn't that straightforward because:
The more restrictions you put in place, the more incentive people will have to work around them and the more sophisticated and clandestine their efforts will be.
There is no data leak prevention tool for the human brain, so arguably the most valuable and sensitive information walks around on two legs and leaves the building every night. Accepting this is important for keeping a healthy perspective about information risk on employee-owned devices.
This morning Citrix announced the acquisition application mobilization vendor Framehawk for an undisclosed sum as the battle for high performance for corporate Windows apps on mobile devices rages on. Here’s my take:
It's a good acquisition for Citrix and in turn for I&O pros for 3 reasons:
Some of Framehawk's technology will be additive to Citrix's enterprise portfolio. Specifically, Framehawk's framebuffering protocol - called Lightweight Framebuffer Protocol, or LFP - is designed for mobile carrier networks like 4G/LTE where there is often highly variable latency, loss, and jitter. Citrix will add it to their arsenal alongside HDX to improve the end user experience of server-hosted Windows applications on mobile devices for XenDeskop App Edition and XenDesktop.
It will be a boon for DaaS providers' customer experience. Citrix is in the business of building a Desktops-as-a-Service (DaaS) platforms for service providers. One of the barriers to the success of DaaS in the enterprise, and a potential source of value for service providers, is the user experience on mobile devices over mobile networks. Another player to watch the remote desktop/app protocol space for mobile networks is RapidScale.
It's a competitive take-out play as well. Delivering Windows apps from the datacenter to both corporate and employee-owned desktops, laptops and mobile devices is what Citrix does - it's their place in the technology universe. Framehawk's technology approach, while expensive, has some advantages. Citrix was probably starting to see them in more deals as competition.
AirWatch held its EMEA AirWatch Connect customer event in London recently. The event underlined that AirWatch, at the tender age of 10, has become one of the leading global providers of enterprise mobility services. My key takeaways from the event are that:
Secure collaboration forms the center of the connected business. Business productivity and innovation benefit significantly from a workforce that is empowered by mobility. AirWatch has one of the most comprehensive enterprise mobility portfolios in the market to support this drive. AirWatch can play a central role for any organization that is transforming into a connected business.
An integrated platform approach to enterprise mobility has a clear advantage. AirWatch pursues a Lego-block approach, bringing together solutions for email, browser, containerization, content locker, and, of course, device and app management. By building its solution as one platform, customers gain the flexibility of a Lego-style deployment — they can pick only those blocks that they require while ensuring the integration and flexibility of the overall solution.
Building a business case for enterprise mobility must include soft factors. Managers who build ROIs for enterprise mobility solutions usually focus on hard KPIs that support existing ways of doing business. However, this “hard ROI” approach really only compares the present with the past. In reality, it is often the soft KPIs, like new ways of doing business, that matter more. Ultimately, mobility is crucial for greater operational flexibility and business transformation. Both are at the heart of long-term business success.
Information workers in India are increasingly using their personal devices, applications, and web services to accomplish both personal and work-related activities. Results from Forrester’s Forrsights Workforce Employee Survey, Q4 2012 indicate that at least 85% of employees use phone/tablet applications and web-based services for both purposes which is putting corporate information security under serious threat.
My interactions with numerous infrastructure and operations (I&O) professionals from large enterprises in India over the past six months have revealed that there is a high degree of awareness of the need to develop a bring-your-own-technology (BYOT) policy. However, actual implementations aren’t yet common, as I&O professionals are unable to address management’s three key concerns. These are, in order of priority:
How can we ensure that information on employee-owned hardware and software is secure?
Results from Forrester's Q2 2012 Forrsights Workforce Employee Survey show that more than two-thirds of North American and European information workers who use a computer for work an hour or more per day personally choose the smartphones or tablets they use for work, and 46% of information workers personally choose work laptops that are not on the company-approved device list. To address the increasingly complex mobile device landscape, many companies are deploying bring-your-own-device (BYOD) programs to support devices including smartphones, tablets, laptops or desktops. Successfully planning and implementing a BYOD program requires infrastructure and operations (I&O) executives to address the following four key issues.
1. Build Relationships Outside IT
Implementing a successful BYOD program requires cross-functional collaboration across many IT and business groups in the organization. The I&O team should take the lead in BYOD program development. However, I&O executives must collaborate with security and governance, sourcing and vendor management, application development, and enterprise architecture professionals to determine the correct strategy and tool set. It is also critical to include line-of-business executives, as well as legal and finance professionals, to develop corporate BYOD program policies and procedures.
2. Create A Shared, Multi-Year Vision
Proactively working with decision-makers to identify the potential ROI and impacts on corporate business processes enables the I&O team to create a consistent, shared vision of the overall goals and desired outcomes of implementing a BYOD program. This shared vision of the cross-organizational effects of the BYOD program ensures that line-of-business decision-makers and stakeholders understand what investments they must make to support the program.
Information workers in organizations across Asia Pacific (AP) are increasingly using personal mobile devices, applications, and public cloud services for work. Forrester defines this as the bring-your-own-technology (BYOT) trend. This behavior is more prevalent among employees above the director-level (C-level executives, presidents, and vice presidents) than those below that level (individual worker, contractor or consultant and manager/supervisor). Data from Forrester’s Forrsight Workforce survey, Q4 2012 corroborates this trend in AP.
We believe that the BYOT trend will strengthen over the next two years in AP, primarily fueled by employees below the director level. Increasing options, quality and affordability of devices, apps, and wireless connectivity, coverage, and capacity will contribute to this expansion. In order to secure corporate data, organizations will need to:
Develop Corporate Mobile Policies: Organizations must build cross-functional teams to plan their mobile strategies. This should include representatives from different LOBs like finance, HR, legal and sourcing. Moreover, the policy must clearly define guardrails to provide flexibility to employees but within boundaries and in compliance with local regulations.
Identify Technologies To Secure Corporate Data: 29% of business-decision makers in AP report that the rising expectations of younger workers require businesses to push enterprise IT to keep technology current. This is why it is critical to identify both back-end and front-end technologies and suppliers that can optimize mobile device and application management in a secure manner. Focus should be on networking layer security and mobile device management solutions.
A year and a half ago I broke up with Blackberry and started dating iPhone. It was a clean but cruel breakup: AT&T cancelled my T-Mobile contract on my behalf, the equivalent of getting dumped by your girlfriend’s new boyfriend.
This year I’ve been cheating on my laptop with my iPad. But it’s an on-again, off-again relationship. While I tell my iPad it’s the only one, I keep going back to my laptop. When I travel, my iPad is with me meeting clients. Meanwhile my laptop is in the hotel room surfing the online menu for a turkey club.
The iPad beats my laptop on size, weight, connectivity, and battery life. It also improves the human element when I’m having a face-to-face conversation but need to take notes. These are all critically important to me when I'm out of the office visiting clients or at an event.
But my laptop wins when I need to perform other important activities. For example, the larger screen really helps to write and edit research reports (John Rakowski, you’ll have your edits soon!). Or when I need to approve expenses behind the VPN or access files on my hard drive that I haven’t stored in Google Drive (yes, Forrester sanctioned).
Now that I've had a few months of compare both devices, I come back to outcomes . . .
I recently bought myself a Lenovo ThinkPad Tablet 2 running Windows 8 because I want a tablet device that can really run Windows and PowerPoint when I need them, and I have found all the iPad Office solutions to be lacking in some fashion. When I saw the new Lenovo ThinkPad Tablet 2, it was love at first byte.
Like in all relationships, some of the new has worn off, and since it’s “Internet time”, it has only taken a couple of weeks as opposed to years to see my partner in a more realistic light.
So, here is my list of the good and the bad (architecturally, structurally) and bugly (things that can probably be fixed).
The Good – Excellent Hardware, Fluid and Attractive Interface
There are many good things to say about this combination:
It’s the lightest Windows device I have ever owned, and its general performance and usability is light years ahead of a horrible Netbook I bought for one of my sons about two years ago.
“Hello, I’m J. P. Gownder, and I serve Infrastructure and Operations professionals!” That’s my new greeting to Forrester’s clients. (I borrowed – aka “stole” – this opening line from my excellent colleague, Laura Ramos, who recently rejoined the Forrester analyst ranks herself).
After eight years in a variety of roles at Forrester, I’ve joined the Infrastructure and Operations (I&O) team as a Vice President and Principal Analyst. I’ll be collaborating with analyst colleagues (please see below) on I&O’s forthcoming Workforce Enablement Playbook. I&O pros face the constant challenge of empowering their companies’ workers with devices and services to make them successful in their jobs… as well as navigating the growing challenge of employees who choose to bring their own technology to work instead.
More specifically, I’ll be researching at least five issues pertinent to I&O pros:
I’m very excited to kick off survey development for upcoming Forrester Forrsights surveys that will feature security content. Continuing on from previous years will be the Forrsights Security Survey. This is an annual survey of IT security decision-makers from North American and European SMBs and enterprises. New for 2013 is a Workforce Survey that will provide the (also North American and European) employee perspective when it comes to security and devices in use within their workplace.
These surveys will be fielded April through May, and the results will make their way into published research this summer. Survey development starts now, and I would love to hear what you think about the proposed topics. What are some areas where you’d like to see us gather more data?