Although the exact moment can be debated amongst computer historians, many agree that the introduction of Windows 95 marked the turning point that fueled the transition from a mainframe environment to one in which the PC was no longer the epicenter. The PC attracted a whole new customer base and the sheer numbers of PCs purchased by this new market created a tsunami that attained economies of scale that would bury the mainframe workstation model. The PC pervaded all future innovation for the coming decade and in order to benefit from this massive shift, companies had to transform their network architecture.
Today we are in the midst of another transformation in which the torch is being passed from the PC age to the era of mobile computing. Like the PC movement, mobile computing has created a new customer base that is far larger than its PC predecessor. That’s because the potential market size of mobile is everyone. Predictions are as many as 3 billion people will have access to mobile computing by the year 2025. Already, 70% of Internet traffic is driven from mobile devices and within a few years, mobile devices will be sold at a rate of 10X that of PC sales. Mobile now has the floor and in the same manner that enterprises were forced to adapt their network environments to serve the new kid on the block, the PC, organizations now must transition to a mobile architecture that can scale to meet the needs of a potential audience that is literally everyone. When we talk about an enterprise mobility ecosystem that has the scalability to service “everyone,” what we are essentially talking about is cloud computing.
Except this time the transition must occur much faster, thanks to a cohesion of Moore’s Law and the prevalence of the cloud. Now consider the powder keg called IoT that is going to create both opportunity and disruption on a scale we can’t even imagine.
SECURING MOBILE DEVICES
Before we think about servicing the world, we must think about securing the mobile devices utilized by our internal users. In the PC domain joined world, security was easy. Network admins created a collection of Group Policies which allowed them to completely manage the user desktop. All devices resided behind the security of the perimeter, an ideology with roots back to the medieval days of the castle wall and the surrounding moat. It was a secure world in which hackers had to penetrate the seemingly impenetrable barrier of the network firewall.
Like Camelot, that world is now a fairy tale of yesteryear as users carry devices in and out of the protected perimeter. This brings a host of issues for any IT staff:
- How does IT ensure that devices are regularly patched and updated?
- How does IT provide malware and web filtering protection off premise?
- How does IT protect data on mobile devices?
- How does IT deliver policies to mobile devices?
- How does IT protect the organization from device theft?
There are several approaches to achieving this. The first is to simply extend the corporate network to the Internet through VPN or some other means such as Microsoft Direct Access. By expanding network protection outward to the device itself, mobile devices can be protected with the same level of assurance as if they were on premise. This type of design will assure delivery of Group Policies or SCCM compliance policies, guaranteeing the schedule delivery of updates and patches, as well as desktop and application management capabilities.
This avenue or recourse depends on one big condition, that all of your mobile devices are of enterprise level. This is no longer the case as companies willingly or unwillingly embrace other formats such as iOS and Android. This need to manage multi-platform mobile environments has resulted in what is referred to as Mobile Device Management or MDM. When considering an MDM solution, it is imperative to make sure that the solution services all device platforms utilized by your organization. While some organizations may only require an on premise MDM solution, cloud enabled MDM solutions can assure managed protection of mobile devices wherever they roam.
It is also critical to protect both the device and its residing data in case of theft. Features such as remote locate, lock and wipe can render a device useless. Data encryption should also be considered for any and all users that bring data off premise. In order to protect devices from malware threats such as ransomware, malware and web filtering solutions must extend beyond the breach of the corporate network into the cloud.
BYOD brings another complication into the mobile environment as users are now demanding the use of a single device for both work and personal application. So how does IT enforce the aforementioned issues for devices they aren’t accountable for? These can be addressed through the use of a self-service portal that allows users to add and register new devices for use within the enterprise. This registration process assigns a trusted certificate to the device, allowing for 802.1x authentication. It also requires a thorough inspection of the device to assess its level of compliancy and then provide a means of remediation for the device user as well.
CLOUD ARCHITECTURE FOR MOBILE DEVICES
If securing mobile devices wasn’t daunting enough, providing applications and services for mobile users entails a whole new methodology of delivery. Application delivery for PC users was pretty straight forward. It consisted of a standard assortment of applications such as email and web surfing, a combination that could often be accommodated by a single application suite that shared a common API. Now think of the thousands of apps available today for mobile devices. Most of these applications must support a multitude of devices, form factors and operating systems. Now consider the fact that many of these apps must adapt to not only multiple environments, but geographical locations as well. This unique level of application exigency can only be serviced by a cloud architecture.
Mobile applications are not the stand alone applications of yesteryear. These apps are data driven and are ineffectual without access to backend resources. This not only requires virtual computing resources to service these applications, but requires authentication processes and credential controlled third party services.
In addition, users today demand continuous software delivery in real time. IT must combine Agile and DevOps practices in order to meet this ubiquitous level of deployment. Not only does this necessitate a highly flexible demand driven ecosystem, but compels both developers and IT support to work in cohesion with one another.
SUMMARY
Although we have touched upon many issues and topics that are pertinent to mobile computing environments today, we have barely scratched the surface. What we have laid out is this – enterprise mobility is an entirely new paradigm of which enterprise IT must adapt to, or perish.
