Tuesday, February 8, 2011

Employee Owned Mobile Devices At Work

The enterprise use of employee-owned mobile devices like iPhone, iPad, Blackberry or Android-OS phones is still in its infancy. The majority of these technical wonders are still bought by end consumers and are used for a broad range of personal activities. My favorite use of the iPad is as a musical instrument (try the Korg iMS-20 app - it's unbelievable).

Wouldn't it be great if you could use these little helpers to do some of your office work? Some of the obvious applications are emails, calendars, task management, managing presentations and spreadsheets. But even these apps are in most companies not allowed to access the intranet with employee-owned devices. I'm sure there are quit a view IT departments who are scared of this thought: "so you are telling me you want to connect your jail-broken Angry Birds toy to my enterprise server? @-*3%@$ ???"

All major mobile OS vendors (Apple, RIM, Google, ...) invested heavily in making their devices fit for the enterprise. Blackberry was certainly the standard in the last years, but the others are catching up fast. Apple for instance made a big step forward with iOS 4 and now 4.2: remote device configuration, data protection, SSL VPN, advanced Exchange support, Mobile Device Management (lock, wipe, compliance policies, deliver apps, ...).

These features allow IT departments to create a dedicated area on employee-owned devices that they can control to deliver Enterprise Apps and add company email accounts to the standard email client. They have many security features which they would expect from a company owned device. Even better: there are solutions out there that handle these features across multiple platforms which allow defining standards ones and deploy them on multiple types of devices.

Bottom Line: It is time for IT Departments to create a mobile enterprise strategy and enable employees to use their own mobile device to access company data. The technology is there today (I talk about affordable standard software not custom written apps) and the value for employees and employers is significant.


  1. What happens in times of conflict and the enterprise needs access to information on the private device, or terminates the relationship and wants to wipe the device. Where do you draw the line and how do you access or wipe info on a personal device? Who decides whats personal and whats work, what about privacy concerns?

  2. Very valid questions. Let me try to answer them from my perspective:

    A company should use software that allows them to manage a defined part of the employee-owned device and not the complete device. An example is Afaria from Sybase: an employee downloads the free client from the App Store. After that the company can remotely (1) push configurations to the device to improve security via VPN, encryption, certificates (2) can install company internal applications that are not in the app store (3) can add mail accounts to the standard email client. All of this can be removed with one click by the administrator. This means the line is drawn based on what was done via Afaria (which is controlled by the company) and everything else (which belongs to the employee). Wipe the device means remove everything that was installed/changed by Afaria. You can even define rules on the device "if the user is not connected to the server for 3 days lock the company apps and after 1 week wipe the Afaria part of the device". This handles situations when an employee leaves and thinks that putting the device in airplane mode protects the company data for him (Sybase calls this fading because this process can have multiple steps).

    Regarding your first question: I don't think that a company should distribute data on these devices without a central copy of the data on a server. Reminds me when my computer crashed and I had to pay $4000 to rebuild the data from the broken hard drive - "you should always have a backup of the data" ... so much about the theory :-)

    Privacy concerns is one of the most complicated topics, because a company needs to define clear governance rules what they are doing and what the company policy does not allow. But who ensures that they are following these rules? We know software can always be used for great things and can always be misused. I would guess that in countries like Germany and France there are even labor/privacy laws that have to be taken into consideration (which is good).

    Bottom line: some of the topics that you mention can be solved with existing software (better than many people are aware of) other topics require transparent rules of engagement and governance (this is the tricky part).