Getting a better grip on mobile devices
The increasing use of smartphones and tablet computers as business tools has brought organizations and their employees new levels of productivity, flexibility and mobility. But their use is a double-edged sword, bringing with it new levels of complexity to IT management and security. To cope, organizations need to put into place new policies for business use. Will employees be permitted to use their personal devices, or is there a company-owned standard? What is the most effective management technology, for the environment? What management toolsfull suite or point solutionswill meet IT needs for manageability and availability, as well as business needs for cost-effectiveness? And organizations always need to ensure that devices and data remain secure in an environment where loss and theft are common. On todays fast-moving, highly competitive smarter planet, where data gathering, information sharing and decision making must continue regardless of the users location, the mobile device is destined to continue growing in popularity and importance. And as smartphones and tablet computers expand their roles from personal communications devices to key interfaces for enterprise applications, the accompanying opportunities for business growth and the challenges for IT management will demand the same exacting standards that organizations apply to the rest of their technology environments.
- 1. IBM SoftwareThought Leadership White PaperJanuary 2012Getting a better grip on mobiledevicesSolutions and strategies for managing both employee-owned andenterprise-owned equipment
- 2. 2 Getting a better grip on mobile devicesContents2 Introduction3 The consumerization of IT is changing devicemanagement3 Security is a key driver of mobile device management4 Managing mobile applications is the next big thing5 The management application: Suite vs. point solutions6 Management technology: Agents vs. agentless control7 An emerging focus on the enterprise app store8 IBM solutions deliver a new management paradigm10 Adopting an action plan paves the way for success10 Steps to mobile management success11 Conclusion11 For more information11 About Tivoli software from IBMIntroductionThe increasing use of smartphones and tablet computers asbusiness tools has brought organizations and their employeesnew levels of productivity, flexibility and mobility. But theiruse is a double-edged sword, bringing with it new levels ofcomplexity to IT management and security.To cope, organizations need to put into place new policies forbusiness use. Will employees be permitted to use their personaldevices, or is there a company-owned standard? What is themost effective management technology, for the environment?What management toolsfull suite or point solutionswillmeet IT needs for manageability and availability, as well asbusiness needs for cost-effectiveness?And organizations always need to ensure that devices anddata remain secure in an environment where loss and theftare common.On todays fast-moving, highly competitive smarter planet,where data gathering, information sharing and decision makingmust continue regardless of the users location, the mobile device
- 3. 3IBM Softwareis destined to continue growing in popularity and importance.And as smartphones and tablet computers expand their rolesfrom personal communications devices to key interfaces forenterprise applications, the accompanying opportunities forbusiness growth and the challenges for IT management willdemand the same exacting standards that organizations applyto the rest of their technology environments.The consumerization of IT is changingdevice managementSmartphones, tablet computers and other mobile devices are inthe enterprise to stay. One recent survey of smartphone usersfound that 83 percent of users considered their device moreimportant than their morning cup of coffee. Some 79 percentsaid they use their smartphone more than their office or homephone to conduct business. And 34 percent use it more thantheir computer.1The use in business of a device that began in consumerelectronicssometimes called the consumerization of ITcan significantly empower employees. Allowing employees touse their personal devices for work, as many users prefer inorder to avoid carrying multiple devices, lets them select theplatform and form factor with which they are most comfortable.It enables them to move seamlessly, anytime anywhere, frompersonal to business functions. Allowing employees to use theirown devices can also save organizations the cost of equipmentpurchase.Security is a key driver of mobile devicemanagementEven when used only for email and calendar access, a smart-phone can contain confidential and sometimes regulatedbusiness information. An unsecured device stolen from abriefcase at a meeting or left behind in a taxi can easily putsensitive information into the wrong hands.Worse still, if the device can access even more sensitive businessapplications, any device theft or loss, employee termination,hacking or corruption can mean the loss of unique informationcreated with those applications. And it may give the thief, finder,former employee, hacker or malware purveyor access into theorganizations data stores or centrally managed businessapplications.Security, as a result, is a paramount reason for managingsmartphones, tablet computers and other mobile devices.Effective mobile device management enables IT to deploy,configure, command and control endpoint security technologieson a wide range of devices. It enables integration and manage-ment of best-of-breed mobile security technologies with anenterprise management solution.Similarly, effective management controls enforce securitypolicies, such as a requirement to enter a personal identificationnumber (PIN) before the device can be activated. To guardagainst data theft, IT should be able to remotely wipe thedevice clean of company-related contents.
- 4. 4 Getting a better grip on mobile devicesManaging mobile applications is the nextbig thingFor mobile devices, voice and email were just the beginning.These were followed by the ability to easily download consumerapplications directly from the device. The next step is thedevelopment and deployment of business applications throughenterprise application stores. This will make mobile versions ofthird-party software for functions such as customer relationshipmanagement or software developed for the organizations uniquebusiness or technology needs widely and easily available toauthorized users. An effective mobile device managementsolution will provide IT with the tools to deploy and managethese applications, and it will integrate with other solutionsand services designed to create and support applications.Mobile device management solutions can also support compli-ance with regulatory requirements by ensuring that deviceconfiguration or security solutions are properly deployed andmanaged. Management solutions can help enhance deviceperformance and employee productivity by managing settingssuch as screen resolution. They also can track and assesssoftware use to ensure that the organization has the propernumber of licensesneither too many nor too fewfor itsemployees devices.IT organizations need mobile device management solutions thatcan be integrated with existing management infrastructureenabling smartphones and tablet computers to be treated as partof the overall IT environment and eliminating the need forindependent solutions for mobile device management. Aneffective solution is scalable to support the rapidly growingnumber of devices, cross-platform to manage the diversityof devices, and secure to support device and data integrityin out-of-office environments. Vendor services can includedevelopment of business applications, an enterprise applicationstore for easy distribution of applications to devices, andoutsourcing to relieve the infrastructure requirements and ITworkloads as it speeds and streamlines device management.Solutions for mobility: Application lifecycle managementWhile some aspects of the development of a mobile applica-tion are unique, the application development lifecycle followsthe same pattern as for other kinds of software. Applicationlifecycle management (ALM) is necessary to ensure controlleddevelopment and delivery of high quality mobile applicationswithin the budget constraints and time objectives. Even moreimportant is that lifecycle management functions be inte-grated with each other and also with the tools needed foruniquely mobile development tasks. IBM Rational softwareoffers industry-leading solutions for lifecycle management thatare augmented with mobile-specific capabilities for design,coding, security analysis and testing. By leveraging thepublicly available Jazz technology for tool integration andcollaborative team development, Rational addresses the fullmobile development project lifecycle with traceability frominception to completion.
- 5. 5IBM SoftwareThe management application:Suite vs. point solutionsFrom the users perspective, employing a mobile deviceespecially an employee-owned deviceto support businessapplications and communications can simplify work processes.One major enterprise has reported an average time savings of47 minutes a day, about 10 percent of the typical workday, andincreased productivity when employees were allowed to use thedevices with which they are most familiar and comfortable.2From the IT perspective, however, the proliferation of mobiledevices and the accompanying diversity of operating platformsmost commonly those running Apple iOS and Google Androidoperating systemscreates complexity in management. Thedownside of simplifying users processes with complex anddiverse backend technologies can create heavy IT workloads,management headaches and increased chance of error. Problemscan be compounded when IT attempts to manage diversemobile devices using point solutions that address only specificmanagement tasks, platforms or devices.And while existing device management solutions may beeffective at handing traditional endpoints, they typically arenot well adapted for the special requirements of mobile devices.The lack of solutions for managing both traditional and mobileendpoints, as a result, has forced IT organizations to usestandalone solutions for managing mobile devices. Yet as thenumber and functionality of devices grows, the need for anintegrated suite solution becomes increasingly important.A unified approach with centralized management efficiencies,enhanced visibility into diverse devices and their configurations,and consistent cross-platform reporting can play a key role ingetting under control what can be a mammoth task, if handledpiecemeal.Significantly, a unified approach enhances security and stream-lines reporting for mobile devices. Unified control managesdiverse devices in a consistent manner, eliminating gaps that canoccur with multiple point solutions in the way security is appliedand the way vulnerabilities are reported. The result can simplifyoperations for the user and support greater security for theorganization.Solutions for mobility: IBM Global Technology ServicesIBM Mobile Enterprise Services offers solutions designed toaddress enterprise mobility challenges across the entiremobile device lifecyclefrom procurement and deploymentto mobile device management and security to customapplication development and deployment. Flexible solutionsthat accommodate a variety of mobile devices address awide range of worker requirements, from day-to-day devicemanagement and support to application upgrades andcoordination of deployments, rapid on-boarding of new users,support and problem resolution for end users and assistancewith device configuration, setup and troubleshooting.
- 6. 6 Getting a better grip on mobile devicesManagement technology:Agents vs. agentless controlAny organization that allows employees to use their personalmobile devices for work sooner or later encounters the samequestion: What technology should IT use to manage a devicethat belongs to an individual? The debate continues regardingagent-based versus agentless management, as there are advan-tages and disadvantages to each.Agent-based management places a small piece of agentsoftware on the device itself that interacts with server-basedmanagement software to enable functions such as turning thedevice on or off, changing configurations, managing applica-tions, enforcing encryption or wiping data and applicationsfrom memory. Advantages lie in the significant levels of controland extensive capabilities that this approach enables. Remotemanagement, controlled by IT as needed, can be automatedto ensure all operations are carried out and that they functioncorrectly. The disadvantage lies in the requirement to installthe agent on the mobile device: Users may not want theorganization to place management software on their personalsmartphone or tablet.Agentless management employs a synchronization approach thatrequires users to connect to a central management site to initiatemanagement functions through the corporate email system. Theadvantage lies in the fact that no software from the organizationresides on the device, making this approach more palatable tomany users. Disadvantages lie in the reduced control overdevices: IT has fewer capabilities at its disposal and cannotenforce continuous compliance.A third management technology approach, however, does exist.Balancing different IT organizations needs for control andsecurity with the users preference for a less intrusive approach,the most effective mobile device management solutions enableboth agent-based and agentless capabilities. This approach alsocan reach a larger number of operating platforms than a singleapproacha significant advantage where some operatingsystems do not allow agents to be installed on devices and wheremanagement capabilities also vary with the OS.Solutions for mobility: IBM Cognos softwareIBM Cognos Mobile enables users to interact with trustedbusiness intelligence content on tablet computers, enablingthem to seamlessly view and interact with business reports,dashboards and analysis either offline or online. Supportingtimely and accurate decisions based on up-to-date informa-tion, the solution makes it easy to get to the right level ofinformation when users need it, including location-awareintelligence that provides information based on the userslocation. The ability to leverage existing business intelligencecontent and a single administrative environment helps ITkeep up with the demands of users on varied devices.
- 7. 7IBM SoftwareAn emerging focus on the enterpriseapp storeCapabilities for mobile device management are rapidlyevolvingbut IT preferences are already beginning to emergethat favor suite solutions, combine agent-based and agentlessmanagement, and deliver high scalability, reliable security andcross-platform functionality that integrates with the organiza-tions other IT management solutions to create a unifiedmanagement approach.Security management, inventory management, policy manage-ment and software distribution will be core functions, withcapabilities such as Software as a Service (SaaS), managed andoutsourced services, custom software development and supportfor app stores growing in significance.The enterprise application store, in fact, is central to theevolution of smartphones, tablet computers and other mobiledevices from basic communications to highly functional businesscapabilities. The success of the evolution, however, will require anumber of supporting functionsfrom policies that reinforcebusiness operations and support users, to reporting that deliversinsights for better and expanded functions, to security measuresthat reduce risk. Specific functions available now and anticipatedin the coming years include: Security management to guard against unauthorized use orcorruption of data due to theft, loss, hacking, malware attacksor employees moving to the competition Provisioning applications directly from the app store to themobile device Monitoring of software use and device configurations toensure compliance with industry and government regulations Policy creation and management that integrates mobile deviceswith the technology infrastructure and supports business goalsTo ensure application performance and compliance, manage-ment solutions will automate solutions such as applicationupdating and monitoring, configuration monitoring andremediation, and role-based user access.Solutions for mobility: Managing network expansionSmartphones and tablets are driving increased datavolumesrequiring, as a result, new strategies from ITadministrators. Often, these strategies involve networkexpansion, traffic distribution or network optimization. In thecase of network expansion, IBM Tivoli Netcool tools, withthe highly scalable tiered architecture of Netcool/OMNIbus,can help manage the alarms and events from the largernetworks. Netcool tools can help collect the network statisticsand provide reports and information for capacity planning.
- 8. 8 Getting a better grip on mobile devicesIBM solutions deliver a new managementparadigmIBM Endpoint Manager for Mobile Devices, built on BigFixtechnology, enables organizations to provide security andmanage smartphones, tablet computers and other devicesbased on the Apple iOS, Google Android, Nokia Symbianand Microsoft Windows Phone platforms.Leveraging the IBM Endpoint Manager infrastructure, whichprovides a single platform for managing servers, desktops,laptops and mobile devices running Windows, UNIX, Linuxand Mac operating systems, this solution provides a unifiedapproach for managing diverse devices. Consolidating manage-ment across the infrastructure, IBM Endpoint Manager forMobile Devices: Delivers a flexible and powerful paradigm for managingemployee- and corporate-owned mobile devices using acombination of email-based and agent-based management,while preserving the native device experience Ensures security functions by configuring and enforcingpasscode policies and encryptionand selectively wipingenterprise data when devices are lost, stolen or compromised Automatically identifying non-compliant devices and denyingemail access or issuing user notifications until correctiveactions are implementedIBM Endpoint Manager for Mobile Devices provides real-timevisibility into the state of mobile devices and gives administratorsadvanced functionality for managing those devices. As acomprehensive single source of truth for managing upto 250,000 devices from a single management server,IBM Endpoint Manager for Mobile Devices can shortenupdate cycles, improve the success rates for provisioning,reduce IT and help-desk labor requirements and boost enduser productivity.Solutions for mobility: IBM Maximo softwareThe IBM Maximo Mobile Suite provides remote access toMaximo Asset Management processes, giving IT administra-tors the ability to use mobile devices to support compliance,improve efficiencies, increase productivity and enhancedecision making. The Maximo solution delivers the ability toconduct asset audits, maintain asset configurations, andreceive, track and maintain inventory. IT administrators canexchange data with the application server using real-timewireless, dial-up or docking cradle connections. And theycan store and forward data when continuous connections arenot feasible.
- 9. 9IBM SoftwareSolutions for mobility: IBM Lotus applicationsEmployees today expect to take their desktops with them ontheir mobile device, stay engaged with professional networksthrough collaboration tools and access web content whereverthey work. Customers also expect access to web content frommobile devices. Security-rich IBM mobile software andservices can provide productivity and social collaborationtools on mobile devices. IBM Lotus Notes applications, email,instant messaging, exceptional web experiences, professionalnetworks, business intelligence reports and online meetingsall are supported on a wide variety of smartphones andtablets.Supporting enterprise application stores to serve mobile devices,IBM Endpoint Manager for Mobile Devices provides policy-based installation, closed-loop verification and the ability tomanage software distribution from a single, unified point ofcontrol. It delivers high first-pass success rates with minimalimpact on network performance. And it offers user self-provisioning of authorized applications and software packages.Application management capabilities automatically trackinstalled applications, offer recommended applicationsand detect blacklisted applications. For managing devices,IBM Endpoint Manager for Mobile Devices captures and storesdetailed device data, including inventory data such as devicemodel and serial number, usage data such as last connectiontime, and hardware information such as firmware and memory,as well as operating system version, location information andnetwork details.Support features enable management and troubleshootingof devices that can streamline IT functions and reduce theworkload on the organizations help desk. Remote diagnosticscapabilities put real-time device data at administrators fingertipswith capabilities to assist end users in resolving IT issues,helping ensure that device configurations remain current andcompliant with organizational policies.
- 10. 10 Getting a better grip on mobile devicesSolutions for mobility: Application development anddeploymentIBM is developing a set of capabilities for software developerswho are building visually rich, interactive mobile applicationsthat will work across a variety of mobile devices. Thesecapabilities provide a set of application services, enterpriseconnectors, application and device management features,and accompanying integrated toolingall implemented usingindustry-standard web technologies to maximize existinginvestments in skills and infrastructure. In addition, thecapabilities can help development organizations to controlwho has access to specific applications and updates, getinsight into application use and add security measures toensure that application data and access is safe and secure.The full spectrum of mobile development approachesincluding native, hybrid and web will be supported.Adopting an action plan paves the wayfor successWith the business use of smartphones, tablet computers andother mobile devices continuing to grow rapidly, it is not tooearly for organizations to plan to actively manage these mobileresources. A number of steps are necessary for implementing aneffective mobile device management strategy.Steps to mobile management successInventory devices Locate and identify the devices currently in use in the business environ- ment, including the numbers of employee- and corporate-owned devices.Project the numbers expected to be in use 24 months from now and whichapplications they will be accessingIdentify features Determine which features the organization requires in a mobile device management solutionEvaluate solutions Outside a lab environment, test and evaluate potential solutions, checking scalability to meet the organizations growing needs, time to implementationand ease of operationDevelop policies Create or update relevant policies and training for device and application use and for role-based application and data accessConsider costs In selecting and implementing a solution, take into account the full range of costs, from software licensing to factors that influence the total costof ownership including hardware purchase and maintenance, systemimplementation and related consulting fees, staff training, systemadministration and upgrade costs
- 11. 11IBM SoftwareConclusionAs the business use of smartphones, tablet computers andother mobile devices increases, organizations are facingdevice and application management needs that do not fit thetraditional endpoint management paradigm. To meet theseneeds, organizations are putting into place new policies, deter-mining the most effective management technologies for theirrespective environments and selecting management productsfor their unique needs.In the face of the complexity that huge numbers of devicesand multiple operating systems bring, however, the traditionalreliance on point solutions that manage mobile device manage-ment separately from the rest of the IT infrastructure is provingto be inadequate. The need to speed and streamline manage-ment, avoid ballooning IT workloads, integrate mobile devicemanagement with management of the full IT infrastructure,and more efficiently serve users is driving adoption of a morecomprehensive and unified management approach.IBM Endpoint Manager for Mobile Devices gives organizationsan effective and efficient way to manage the growing numberof mobile devicesowned by employees as well as theorganizationused in business today. Eliminating the need toimplement a separate infrastructure solely for mobile devices,this unified solution provides high levels of application andsecurity management across diverse mobile devices, includingthose utilizing the Apple iOS, Google Android, Nokia Symbianand Microsoft Windows Phone operating systems.Leveraging IBMs leading ability to manage complex technolo-gies and business environments, IBM Endpoint Manager forMobile Devices provides comprehensive coverage from mobiledevice management to application development, support forapp store development, outsourcing and security management.For more informationTo learn more about IBM Endpoint Manager for MobileDevices, contact your IBM representative or IBM BusinessPartner, or visit: ibm.com/tivoli/solutions/endpoint/mdmbetaAbout Tivoli software from IBMTivoli software from IBM helps organizations efficientlyand effectively manage IT resources, tasks and processes tomeet ever-shifting business requirements and deliver flexibleand responsive IT service management, while helping to reducecost. The Tivoli portfolio spans software for security, compli-ance, storage, performance, availability, configuration, operationsand IT lifecycle management, and is backed by world-classIBM services, support and research. For more informationon Tivoli software from IBM, visit: ibm.com/tivoliAdditionally, IBM Global Financing can help you acquire the ITsolutions that your business needs in the most cost-effective andstrategic way possible. Well partner with credit-qualified clientsto customize an IT financing solution to suit your business goals,enable effective cash management, and improve your total costof ownership. IBM Global Financing is your smartest choice tofund critical IT investments and propel your business forward.For more information, visit: ibm.com/financing
- 12. Copyright IBM Corporation 2012IBM Corporation Software GroupRoute 100Somers, NY 10589U.S.A.Produced in the United States of AmericaJanuary 2012IBM, the IBM logo, ibm.com, BigFix, Cognos, Lotus Notes, Maximo,Netcool, Rational, and Tivoli are trademarks or registered trademarks ofInternational Business Machines Corporation in the United States, othercountries, or both. If these and other IBM trademarked terms are marked ontheir first occurrence in this information with a trademark symbol ( or ),these symbols indicate U.S. registered or common law trademarks owned byIBM at the time this information was published. Such trademarks may alsobe registered or common law trademarks in other countries. A current listof IBM trademarks is available on the web at Copyright and trademarkinformation at ibm.com/legal/copytrade.shtmlMicrosoft and Windows are trademarks of Microsoft Corporation in theUnited States, other countries, or both.Linux is a registered trademark of Linus Torvalds in the United States, othercountries, or both.UNIX is a registered trademark of The Open Group in the United Statesand other countries.Other company, product and service names may be trademarks or servicemarks of others.References in this publication to IBM products and services do notimply that IBM intends to make them available in all countries in whichIBM operates.Product data has been reviewed for accuracy as of the date of initialpublication. Product data is subject to change without notice.THE INFORMATION PROVIDED IN THIS DOCUMENT ISDISTRIBUTED AS IS WITHOUT ANY WARRANTY, EITHEREXPRESS OR IMPLIED. IBM EXPRESSLY DISCLAIMS ANYWARRANTIES OF MERCHANTABILITY, FITNESS FOR APARTICULAR PURPOSE OR NONINFRINGEMENT. IBM productsare warranted according to the terms and conditions of the agreementsunder which they are provided.The customer is responsible for ensuring compliance with legal require-ments. It is the customers sole responsibility to obtain advice of competentlegal counsel as to the identification and interpretation of any relevant lawsand regulatory requirements that may affect the customers business and anyactions the customer may need to take to comply with such laws. IBM doesnot provide legal advice or represent or warrant that its services or productswill ensure that the customer is in compliance with any law or regulation.Please RecycleTIW14127-USEN-00