White Paper:

Mobility Management in a BYOD World

Tangoe, Inc. 35 Executive Blvd. Orange, CT 06477 Phone: 203-859-9300 www.tangoe.com

White Paper: Mobility Management in a BYOD World

Executive Summary
The days of a single mobile platformsomething that was de rigueur just a few short years agois quickly coming to an end. Organizations are being forced to find new ways to manage disparate devices while maintaining the security of corporate networks. Because of the speed at which new devices are entering the market and the number of employees demanding access, the old device-by-device approval strategy cannot possibly scale fast enough to get ahead of the curve. Enterprises need to adopt a mobility management strategy that allows different types of devices to enter the network while enforcing policies that give them the control and security needed to meet standard requirements.

The best path for an enterprise is to focus on allowing access to many different types of devicesas long as there is insight into the mobile operating systems capabilities. A good mobile device management (MDM) solution will include automatic rule enforcement to enable visibility into all networked devices, in addition to providing the ability to control what data is available and what applications are being deployed, as well as provide visibility into which devices or applications are out of compliance.

The bottom line is that despite the huge wave of innovation, there are options available that will enable your organization to get ahead of the curve to take and maintain complete control over enterprise mobility. This white paper will examine some of those options.

Its a BYOD World

For years, BlackBerry and the BlackBerry Enterprise Server dominated the enterprise mobility space. In the years following the advent of IOS devices (iPhone, iPads), Android, and Windows 7 operating systems, however, there has been an enormous shift away from the single device shop. The consumerization trend was unforeseen by many: the willingness of an individual employee to purchase their own device, pay for their own data plan, and simply walk into the IT organization and ask to be connected. Previously employees would have taken the corporate device they were handed and that was that.

Employees want corporate access on the device of their own choosing and are more than willing to find workarounds to make that happen. A 2011 Forrester Research report confirms that that 37 percent of those surveyed state they have used their own PC or smartphone for work. Furthermore, 26 percent have used their own money to buy software or other technologies.1

Forrester Forrsights Workforce Employee Survey, Q1 2011

2011 Tangoe, Inc.
2

White Paper: Mobility Management in a BYOD World

The fact that people form emotional attachments to their device of choice is fueling this BYOD wave. In fact, a survey conducted by Kelton Research says that 71 percent of the 500 U.S. and UK employees polled would be willing to give up at least one thing in the workplace in order to use their preferred mobile device. (At 58 percent, free coffee topped the list, although 20 percent were willing to give up a vacation day.)

It is this employee demand for access to their device of choice that has led most organizations to enable access to the corporate network. Setting aside security issues, its difficult to argue the point: an employee is willing to pay for his/her own device in order to be more productive in performing the work of the company.

According to a February 2011 report by Aberdeen, more than half of U.S. and European businesses already allow personally owned devices to access a secure corporate network. 27% provide full support to at least some personal devices 29% provide at least limited support 23% of personal device workers claim their device was personally selected and purchased, and is not on their companys list of IT-supported devices.

According to a 2011 survey by Information Week, only 35 percent of organizations responding put strict limits on consumer-centric technology accessing corporate email or other applications.2

Smartphones and Tablets: Impact to Your Business

By 2013, according to IDC, the global workforce will have 1.19 billion mobility workers.3 It is expected that a large percentage of those workers will be smartphone and tablet users. Numbers like this clearly confirm that the volume of mobile devices entering the workplace is not temporary. In fact, this is just the beginning. The impact of this latest chapter in mobilization on IT departments has already begun to be made clear in the form of the ever increasing demand for multi-platform device management.

In 2011, it is widely expected that smartphone and tablet unit volume will outpace PCs and notebook computers. The sales volume of devices and new form factors (different screen sizes, device thinness, and capabilities) will continue to increase. Other device changes include the device SoC (System-on-aChip) increasing in processing power but operating longer with lower power requirements and battery
2 3

Information Week 2011 End User Device Management Survey IDC Worldwide Mobile Worker Population 2009 2013 Forecast, June 2010
2011 Tangoe, Inc.
3

White Paper: Mobility Management in a BYOD World

technology improvements, and increasingly ubiquitious network access (cellular or WiFi over broadband), with greater connectivity speeds, support anytime/anywhere access to an ever increasing number of applications.

2011 Tangoe, Inc.

4

White Paper: Mobility Management in a BYOD World

So how does an organization embrace this new dynamic? What strategies are enterprises putting into place to deal with this latest technological shift? What devices will your organization grant network access?

iPad or Android Phone? Neither or Both? It seems everyone wants or has an iPad, Android, or the hot new device of the moment. You find yourself asking, Should I allow these new devices to access to my network? Is there a difference between managing smartphones and managing tablets?

The simple answer is no. Tablets are very close to smartphones; in many cases, they run the same, or very similar, operating systems. The differences are in the mobility management strategy and policies, and not just the device management.

Who Pays for What Device? If your company has a mobility management strategy, with the respective policies for corporate liable (CL) and individual liable (IL) devices, as well as a mobile device management (MDM) platform that supports custom, granular polices and default policies across device classes, than an IL device is not a threat but a productive tool.

Unfortunately, there is a modest-to-wide disparity gap in the management of CL versus IL devices. The gaps result in higher costs, increased risks, and decreased productivity from IT staff not able to effectively management the device fleet.

2011 Tangoe, Inc.

5

White Paper: Mobility Management in a BYOD World

Corporate liable devices are more tightly managed than individual liable devices. The number of IL devices are going to outnumber CL devices very soon. In fact, by 2014, IL devices will outnumber CL devices 99 million to 62 million units, according to IDC.4 The threat is not having a mobility management strategy in place ahead of time to accommodate multiple device types. The risks are a lack of policy creation and management, and an MDM solution platform for policy enforcement.

And in May, Gartner analyst Laurence Orans estimated that about 80 percent of companies adopting a BYOD policy will see their rate of IT security incidents double by 2013 as more consumer PCs make their way into the workplace5.

Why All the Attention on Tablet Security? The biggest risk to mobile platforms is potentially malicious mobile applications. Moblity is an open marketplace with small entry barriers for mobile application developers. To understand the security threats, its important to understand the what people are using the tablets to access.

Applications and Social Media Platforms Employees are using social networking tools on both IL and CL devices. The demarcations are fading between what is personal and what is business use. Without question, at some point, someone will share, say, or sendwillingly or mistakenlysomething that another person considers confidential.

The Internet is expanding from a website where information is presented (which may or may not require interaction) to integrated platforms delivering mobile experiences and multiple engagement models. According to Morgan Stanley Research6 , there are three major platforms types:

1. Mobile Platforms: Mobile platforms are not merely devices. These are computing platforms with significant processing power with applications integrated as part of the user interface, designed for the end-customer to easily customize his or her experiences for the purchase of services and goods (both physical and digital). The mobile application marketplace is the biggest marketplace in human history, (CBS Marketplace, 1Q11). In other words, the more applications you use, the larger your security risk.

4 5

IDC, Worldwide Converged Mobile Device 20102014 Forecast and Analysis, March 2010 Gartner, Predicts 2011: Infrastructure Protection Is Becoming More Complex, More Difficult and More BusinessCritical Than Ever, 16 November 2010 6 Morgan Stanley Research, Global is Mobile, February 2011
2011 Tangoe, Inc.
6

White Paper: Mobility Management in a BYOD World

Facts and Figures: There are over 130M iOS users growing at 103% YoY (year over year). iTunes has 350,000 applications for a download total of 10 billion.

2. Social Media Platforms: Social media platforms are not websites. These are web properties that integrate search, communication, applications, and commerce. These platforms are integrated into your phone, importing your address book into its native features.

Facts and Figures: Facebook has 662M users and is growing 41 percent YoY. By next year, there will be over 1B users. There are 550K applications that have been downloaded 500M times. Other social platforms include communication (Twitter: 253M users, 85 percent YoY growth), commerce (Groupon: 51M subscribers, 25 percent YoY growth) and gaming (Zynga: 130M users, growing 15 percent YoY)

Computerworld (February 2011) discovered that many information professionals might not be doing enough to manage the threats associated with social media, despite sites being widely used by the business: 39 percent set and enforce policy around the use of social media sites 57 percent control access through content filtering and website blocking 31 percent had no restrictions on the use of social media

3. Search Platforms: More and more, mobile and social media platforms are integrating with search platforms. For example, with Facebook you can search and select physical venues, browse, select and check into a hotel, or choose among competing offers in your general vicinity or within 20 feet of where you stand. Will you call your friends to tell them where to meet you? No. Youll send a Twitter announcement or communicate via Facebook using a text message to one or many friends.

Facts and Figures: Google has 972M users, growing at 8 percent YoY. Local search applications such as Yelp and OpenTable integrate Google Maps and GPS tracking to offer recommendations for where to eat or attractions to visit.

2011 Tangoe, Inc.

7

White Paper: Mobility Management in a BYOD World

The bottom line is that people are using their devices, be they CL or IL, to communicate, purchase, and share what they are doing and where, via applications that can cost money and increase security risks. The right solution not only controls the device but also controls cost avoidance, security, and application policies.

With the appropriate MDM solution, you can control website access, application availability, how those applications are used, as well as track voice, text, and data. And you can turn functionality on or off proactively based on the thresholds that you set. The critical path is having insight into the mobile operating systems capabilities to be managed; the right tool set will provide both granular and default policies so that you can have similar and different policies respective to mobile operating system and device. You also need to take into account what location these devices are being used in, who is using them, and for what purpose.

BYOD Impact on the Enterprise

Since Gartner predicts that by 2014, 90 percent of firms will support corporate applications on personal devices, IT departments should consider a tiered mobility management strategy model in managing personal devices and controlling access to enterprise application servers. What are the keys to determining this model?

1. First things first: consider your BYOD strategy. Gartner recommends that you choose your approach among these options: Progressive: support many mobile platforms and applications M.O.R. (Middle-of-the-Road): try new mobility models among trusted workers Restrictive: extensive device and data control

In each of the above BYOD strategies, consider a comprehensive device management and security platform to enforce policies for device usage and security, application deployment, authenticated network access, and cost control.

2. Next, consider whether you will opt for a server-based or client-based approach to managing and controlling your devices et al: Server-based approach manages and controls the device, including network access. The MDM server is in constant contact with the device via an agent. Unfortunately, it requires constant communication for device control.

2011 Tangoe, Inc.

8

White Paper: Mobility Management in a BYOD World

Client-based approach manages and controls device functions and secure communication. The thick client monitors and enforces all IT policies on the device in real-time. Unlike the serverbased approach, continuous communication with the device is not required.

3. Determine how you will implement control. IT staff often focus on the device itself. (Should the device be allowed or not?) Since the diversity of devices will continue to increase sharply, along with the potential to overload IT staff working in a device-by-device management model, Tangoe recommends a tiered approach for policy management across mobile platforms. Employees are not going to have the patience to wait for approval of the device they want to use. With the right MDM solution, you can accommodate many different types of devices and apply standard policies as well as granular policies. For instance:

First Tier: Trusted (Corporate Liable) Complete IT policy management and enforcement Application management and control Encrypted corporate data, white and black list enforcement, multiple certificates for access and feature/function enable/disable, limited social media access Full help desk support for the mobile platform Self-service provisioning portal

Limited Trust (BYOD / IL) Key IT policies are managed and enforced Application management and control Corporate white list enforcement, blacklist monitoring and enforcement, certificate authentication, password strength, device lock, remote wipe Self-directed help desk only (voice/data/email) Self-service provisioning portal

Not trusted Not supported or allowed to access the firms network or store enterprise data

Device management and security are important components in ensuring that your company employees are utilizing smartphones and tablets effectively. However, they are tactical responses to overwhelming market pressure and employee demands. The mobile marketplace is in its early stages of growth. To get ahead of the growth curve, you will need more tools than just device management. You need a mobility management strategy that controls the devices, their applications, provisioning, security, policies (default and custom), expense management, support, and device retirement and replacement.

2011 Tangoe, Inc.

9

White Paper: Mobility Management in a BYOD World

Summary
Risk equation has shifted. When it comes to the world of mobility, it is not a hacker seeking information. The biggest risk may be a well-intentioned employee with an unmanaged personal device. Horizontal and fundamental change is moving with astonishing speed across our global information ecosystem. Overwhelming market forces in the mobility space are building daily. There are hundreds of thousands of mobile applications available and millions of opportunities to spend money via a mobile device. A best-inclass device management product MUST scale effectively to provide global mobility management. An enterprise solution MUST scale to offer your company the policy scope required by location, groups, device profiles, and people. Your business should not have to change how it operates to accommodate a tactical, short-term solution. The right MDM platform enables the unique ways that you operate your business with effective device management, security and mobility management.

Organizations are leveraging the productivity benefits of anytime, anywhere access to the information ecosystem. Implementing a mobility management strategy and policy across multiple mobile OS platforms is the critical path to harness the transformative nature of interconnected mobility devices and application platforms.

Managing a device is only the first step. Managing and enforcing your mobility management strategy across multiple mobile operating systems, with effective polices that enhance your business and service models, is the end-game.

About Tangoe
Tangoe is a leading provider of global enterprise communications lifecycle management software and related services. Tangoes solution encompasses the entire fixed and mobile communications lifecycle including device management, contract sourcing, asset procurement, services provisioning, invoice processing, expense allocation, bill payment, policy enforcement, usage management, inventory tracking, and device decommissioning.

Additional information about Tangoe can be found at www.tangoe.com. Tangoe is a registered trademark of Tangoe, Inc.

2011 Tangoe, Inc.

10