IBM Software January 2012Thought Leadership White PaperGetting a better grip on mobiledevicesSolutions and strategies for managing both employee-owned andenterprise-owned equipment
2 Getting a better grip on mobile devicesContents Introduction The increasing use of smartphones and tablet computers as 2 Introduction business tools has brought organizations and their employees 3 The consumerization of IT is changing device new levels of productivity, flexibility and mobility. But their management use is a double-edged sword, bringing with it new levels of 3 Security is a key driver of mobile device management complexity to IT management and security. 4 Managing mobile applications is the next big thing To cope, organizations need to put into place new policies for business use. Will employees be permitted to use their personal 5 The management application: Suite vs. point solutions devices, or is there a company-owned standard? What is the 6 Management technology: Agents vs. agentless control most effective management technology, for the environment? What management tools—full suite or point solutions—will 7 An emerging focus on the enterprise app store meet IT needs for manageability and availability, as well as 8 IBM solutions deliver a new management paradigm business needs for cost-effectiveness?10 Adopting an action plan paves the way for success And organizations always need to ensure that devices and10 Steps to mobile management success data remain secure in an environment where loss and theft are common.11 Conclusion On today’s fast-moving, highly competitive smarter planet,11 For more information where data gathering, information sharing and decision making11 About Tivoli software from IBM must continue regardless of the user’s location, the mobile device
IBM Software 3is destined to continue growing in popularity and importance. Security is a key driver of mobile deviceAnd as smartphones and tablet computers expand their roles managementfrom personal communications devices to key interfaces for Even when used only for email and calendar access, a smart-enterprise applications, the accompanying opportunities for phone can contain confidential and sometimes regulatedbusiness growth and the challenges for IT management will business information. An unsecured device stolen from ademand the same exacting standards that organizations apply briefcase at a meeting or left behind in a taxi can easily putto the rest of their technology environments. sensitive information into the wrong hands.The consumerization of IT is changing Worse still, if the device can access even more sensitive businessdevice management applications, any device theft or loss, employee termination,Smartphones, tablet computers and other mobile devices are in hacking or corruption can mean the loss of unique informationthe enterprise to stay. One recent survey of smartphone users created with those applications. And it may give the thief, finder,found that 83 percent of users considered their device more former employee, hacker or malware purveyor access into theimportant than their morning cup of coffee. Some 79 percent organization’s data stores or centrally managed businesssaid they use their smartphone more than their office or home applications.phone to conduct business. And 34 percent use it more thantheir computer.1 Security, as a result, is a paramount reason for managing smartphones, tablet computers and other mobile devices.The use in business of a device that began in consumer Effective mobile device management enables IT to deploy,electronics—sometimes called the “consumerization of IT”— configure, command and control endpoint security technologiescan significantly empower employees. Allowing employees to on a wide range of devices. It enables integration and manage-use their personal devices for work, as many users prefer in ment of best-of-breed mobile security technologies with anorder to avoid carrying multiple devices, lets them select the enterprise management solution.platform and form factor with which they are most comfortable.It enables them to move seamlessly, anytime anywhere, from Similarly, effective management controls enforce securitypersonal to business functions. Allowing employees to use their policies, such as a requirement to enter a personal identificationown devices can also save organizations the cost of equipment number (PIN) before the device can be activated. To guardpurchase. against data theft, IT should be able to remotely wipe the device clean of company-related contents.
4 Getting a better grip on mobile devicesManaging mobile applications is the next independent solutions for mobile device management. Anbig thing effective solution is scalable to support the rapidly growingFor mobile devices, voice and email were just the beginning. number of devices, cross-platform to manage the diversityThese were followed by the ability to easily download consumer of devices, and secure to support device and data integrityapplications directly from the device. The next step is the in out-of-office environments. Vendor services can includedevelopment and deployment of business applications through development of business applications, an enterprise applicationenterprise application stores. This will make mobile versions of store for easy distribution of applications to devices, andthird-party software for functions such as customer relationship outsourcing to relieve the infrastructure requirements and ITmanagement or software developed for the organization’s unique workloads as it speeds and streamlines device management.business or technology needs widely and easily available toauthorized users. An effective mobile device managementsolution will provide IT with the tools to deploy and manage Solutions for mobility: Application lifecycle managementthese applications, and it will integrate with other solutionsand services designed to create and support applications. While some aspects of the development of a mobile applica- tion are unique, the application development lifecycle followsMobile device management solutions can also support compli- the same pattern as for other kinds of software. Applicationance with regulatory requirements by ensuring that device lifecycle management (ALM) is necessary to ensure controlledconfiguration or security solutions are properly deployed and development and delivery of high quality mobile applicationsmanaged. Management solutions can help enhance device within the budget constraints and time objectives. Even more important is that lifecycle management functions be inte-performance and employee productivity by managing settings grated with each other and also with the tools needed forsuch as screen resolution. They also can track and assess uniquely mobile development tasks. IBM Rational® softwaresoftware use to ensure that the organization has the proper offers industry-leading solutions for lifecycle management thatnumber of licenses—neither too many nor too few—for its are augmented with mobile-specific capabilities for design,employees’ devices. coding, security analysis and testing. By leveraging the publicly available Jazz technology for tool integration andIT organizations need mobile device management solutions that collaborative team development, Rational addresses the fullcan be integrated with existing management infrastructure— mobile development project lifecycle with traceability fromenabling smartphones and tablet computers to be treated as part inception to completion.of the overall IT environment and eliminating the need for
IBM Software 5The management application: A unified approach with centralized management efficiencies,Suite vs. point solutions enhanced visibility into diverse devices and their configurations,From the user’s perspective, employing a mobile device— and consistent cross-platform reporting can play a key role inespecially an employee-owned device—to support business getting under control what can be a mammoth task, if handledapplications and communications can simplify work processes. piecemeal.One major enterprise has reported an average time savings of47 minutes a day, about 10 percent of the typical workday, and Significantly, a unified approach enhances security and stream-increased productivity when employees were allowed to use the lines reporting for mobile devices. Unified control managesdevices with which they are most familiar and comfortable.2 diverse devices in a consistent manner, eliminating gaps that can occur with multiple point solutions in the way security is appliedFrom the IT perspective, however, the proliferation of mobile and the way vulnerabilities are reported. The result can simplifydevices and the accompanying diversity of operating platforms— operations for the user and support greater security for themost commonly those running Apple iOS and Google Android organization.operating systems—creates complexity in management. Thedownside of simplifying users’ processes with complex anddiverse backend technologies can create heavy IT workloads, Solutions for mobility: IBM Global Technology Servicesmanagement headaches and increased chance of error. Problemscan be compounded when IT attempts to manage diverse IBM Mobile Enterprise Services offers solutions designed tomobile devices using point solutions that address only specific address enterprise mobility challenges across the entiremanagement tasks, platforms or devices. mobile device lifecycle—from procurement and deployment to mobile device management and security to custom application development and deployment. Flexible solutionsAnd while existing device management solutions may be that accommodate a variety of mobile devices address aeffective at handing traditional endpoints, they typically are wide range of worker requirements, from day-to-day devicenot well adapted for the special requirements of mobile devices. management and support to application upgrades andThe lack of solutions for managing both traditional and mobile coordination of deployments, rapid on-boarding of new users,endpoints, as a result, has forced IT organizations to use support and problem resolution for end users and assistancestandalone solutions for managing mobile devices. Yet as the with device configuration, setup and troubleshooting.number and functionality of devices grows, the need for anintegrated suite solution becomes increasingly important.
6 Getting a better grip on mobile devicesManagement technology: many users. Disadvantages lie in the reduced control overAgents vs. agentless control devices: IT has fewer capabilities at its disposal and cannotAny organization that allows employees to use their personal enforce continuous compliance.mobile devices for work sooner or later encounters the samequestion: What technology should IT use to manage a device A third management technology approach, however, does exist.that belongs to an individual? The debate continues regarding Balancing different IT organizations’ needs for control andagent-based versus agentless management, as there are advan- security with the users’ preference for a less intrusive approach,tages and disadvantages to each. the most effective mobile device management solutions enable both agent-based and agentless capabilities. This approach alsoAgent-based management places a small piece of “agent” can reach a larger number of operating platforms than a singlesoftware on the device itself that interacts with server-based approach—a significant advantage where some operatingmanagement software to enable functions such as turning the systems do not allow agents to be installed on devices and wheredevice on or off, changing configurations, managing applica- management capabilities also vary with the OS.tions, enforcing encryption or wiping data and applicationsfrom memory. Advantages lie in the significant levels of controland extensive capabilities that this approach enables. Remote Solutions for mobility: IBM Cognos softwaremanagement, controlled by IT as needed, can be automatedto ensure all operations are carried out and that they function IBM Cognos® Mobile enables users to interact with trustedcorrectly. The disadvantage lies in the requirement to install business intelligence content on tablet computers, enablingthe agent on the mobile device: Users may not want the them to seamlessly view and interact with business reports,organization to place management software on their personal dashboards and analysis either offline or online. Supportingsmartphone or tablet. timely and accurate decisions based on up-to-date informa- tion, the solution makes it easy to get to the right level of information when users need it, including location-awareAgentless management employs a synchronization approach that intelligence that provides information based on the user’srequires users to connect to a central management site to initiate location. The ability to leverage existing business intelligencemanagement functions through the corporate email system. The content and a single administrative environment helps ITadvantage lies in the fact that no software from the organization keep up with the demands of users on varied devices.resides on the device, making this approach more palatable to
IBM Software 7An emerging focus on the enterprise ●● Provisioning applications directly from the app store to theapp store mobile deviceCapabilities for mobile device management are rapidly ●● Monitoring of software use and device configurations toevolving—but IT preferences are already beginning to emerge ensure compliance with industry and government regulationsthat favor suite solutions, combine agent-based and agentless ●● Policy creation and management that integrates mobile devicesmanagement, and deliver high scalability, reliable security and with the technology infrastructure and supports business goalscross-platform functionality that integrates with the organiza-tion’s other IT management solutions to create a unified To ensure application performance and compliance, manage-management approach. ment solutions will automate solutions such as application updating and monitoring, configuration monitoring andSecurity management, inventory management, policy manage- remediation, and role-based user access.ment and software distribution will be core functions, withcapabilities such as Software as a Service (SaaS), managed andoutsourced services, custom software development and support Solutions for mobility: Managing network expansionfor app stores growing in significance. Smartphones and tablets are driving increased dataThe enterprise application store, in fact, is central to the volumes—requiring, as a result, new strategies from ITevolution of smartphones, tablet computers and other mobile administrators. Often, these strategies involve networkdevices from basic communications to highly functional business expansion, traffic distribution or network optimization. In the case of network expansion, IBM Tivoli® Netcool® tools, withcapabilities. The success of the evolution, however, will require a the highly scalable tiered architecture of Netcool/OMNIbus,number of supporting functions—from policies that reinforce can help manage the alarms and events from the largerbusiness operations and support users, to reporting that delivers networks. Netcool tools can help collect the network statisticsinsights for better and expanded functions, to security measures and provide reports and information for capacity planning.that reduce risk. Specific functions available now and anticipatedin the coming years include:●● Security management to guard against unauthorized use or corruption of data due to theft, loss, hacking, malware attacks or employees moving to the competition
8 Getting a better grip on mobile devicesIBM solutions deliver a new management IBM Endpoint Manager for Mobile Devices provides real-timeparadigm visibility into the state of mobile devices and gives administratorsIBM Endpoint Manager for Mobile Devices, built on BigFix® advanced functionality for managing those devices. As atechnology, enables organizations to provide security and comprehensive “single source of truth” for managing upmanage smartphones, tablet computers and other devices to 250,000 devices from a single management server,based on the Apple iOS, Google Android, Nokia Symbian IBM Endpoint Manager for Mobile Devices can shortenand Microsoft Windows Phone platforms. update cycles, improve the success rates for provisioning, reduce IT and help-desk labor requirements and boost endLeveraging the IBM Endpoint Manager infrastructure, which user productivity.provides a single platform for managing servers, desktops,laptops and mobile devices running Windows, UNIX, Linuxand Mac operating systems, this solution provides a unified Solutions for mobility: IBM Maximo softwareapproach for managing diverse devices. Consolidating manage-ment across the infrastructure, IBM Endpoint Manager for The IBM Maximo® Mobile Suite provides remote access toMobile Devices: Maximo Asset Management processes, giving IT administra- tors the ability to use mobile devices to support compliance,●● Delivers a flexible and powerful paradigm for managing improve efficiencies, increase productivity and enhance decision making. The Maximo solution delivers the ability to employee- and corporate-owned mobile devices using a conduct asset audits, maintain asset configurations, and combination of email-based and agent-based management, receive, track and maintain inventory. IT administrators can while preserving the native device experience exchange data with the application server using real-time●● Ensures security functions by configuring and enforcing wireless, dial-up or docking cradle connections. And they passcode policies and encryption—and selectively wiping can store and forward data when continuous connections are enterprise data when devices are lost, stolen or compromised not feasible.●● Automatically identifying non-compliant devices and denying email access or issuing user notifications until corrective actions are implemented
IBM Software 9Supporting enterprise application stores to serve mobile devices, capabilities put real-time device data at administrators’ fingertipsIBM Endpoint Manager for Mobile Devices provides policy- with capabilities to assist end users in resolving IT issues,based installation, closed-loop verification and the ability to helping ensure that device configurations remain current andmanage software distribution from a single, unified point of compliant with organizational policies.control. It delivers high first-pass success rates with minimalimpact on network performance. And it offers user self-provisioning of authorized applications and software packages. Solutions for mobility: IBM Lotus applicationsApplication management capabilities automatically track Employees today expect to take their desktops with them oninstalled applications, offer recommended applications their mobile device, stay engaged with professional networksand detect blacklisted applications. For managing devices, through collaboration tools and access web content whereverIBM Endpoint Manager for Mobile Devices captures and stores they work. Customers also expect access to web content fromdetailed device data, including inventory data such as device mobile devices. Security-rich IBM mobile software andmodel and serial number, usage data such as last connection services can provide productivity and social collaborationtime, and hardware information such as firmware and memory, tools on mobile devices. IBM Lotus Notes® applications, email,as well as operating system version, location information and instant messaging, exceptional web experiences, professional networks, business intelligence reports and online meetingsnetwork details. all are supported on a wide variety of smartphones and tablets.Support features enable management and troubleshootingof devices that can streamline IT functions and reduce theworkload on the organization’s help desk. Remote diagnostics
10 Getting a better grip on mobile devices Adopting an action plan paves the waySolutions for mobility: Application development and for successdeployment With the business use of smartphones, tablet computers and other mobile devices continuing to grow rapidly, it is not tooIBM is developing a set of capabilities for software developers early for organizations to plan to actively manage these mobilewho are building visually rich, interactive mobile applications resources. A number of steps are necessary for implementing anthat will work across a variety of mobile devices. These effective mobile device management strategy.capabilities provide a set of application services, enterpriseconnectors, application and device management features,and accompanying integrated tooling—all implemented usingindustry-standard web technologies to maximize existinginvestments in skills and infrastructure. In addition, thecapabilities can help development organizations to controlwho has access to specific applications and updates, getinsight into application use and add security measures toensure that application data and access is safe and secure.The full spectrum of mobile development approachesincluding native, hybrid and web will be supported. Steps to mobile management success Inventory devices Locate and identify the devices currently in use in the business environ- ✓ ment, including the numbers of employee- and corporate-owned devices. Project the numbers expected to be in use 24 months from now and which applications they will be accessing Identify features Determine which features the organization requires in a mobile device ✓ management solution Evaluate solutions Outside a lab environment, test and evaluate potential solutions, checking ✓ scalability to meet the organization’s growing needs, time to implementation and ease of operation Develop policies Create or update relevant policies and training for device and application ✓ use and for role-based application and data access Consider costs In selecting and implementing a solution, take into account the full range ✓ of costs, from software licensing to factors that influence the total cost of ownership including hardware purchase and maintenance, system implementation and related consulting fees, staff training, system administration and upgrade costs
IBM Software 11Conclusion Leveraging IBM’s leading ability to manage complex technolo-As the business use of smartphones, tablet computers and gies and business environments, IBM Endpoint Manager forother mobile devices increases, organizations are facing Mobile Devices provides comprehensive coverage from mobiledevice and application management needs that do not fit the device management to application development, support fortraditional endpoint management paradigm. To meet these app store development, outsourcing and security management.needs, organizations are putting into place new policies, deter-mining the most effective management technologies for their For more informationrespective environments and selecting management products To learn more about IBM Endpoint Manager for Mobilefor their unique needs. Devices, contact your IBM representative or IBM Business Partner, or visit: ibm.com/tivoli/solutions/endpoint/mdmbetaIn the face of the complexity that huge numbers of devicesand multiple operating systems bring, however, the traditional About Tivoli software from IBMreliance on point solutions that manage mobile device manage- Tivoli software from IBM helps organizations efficientlyment separately from the rest of the IT infrastructure is proving and effectively manage IT resources, tasks and processes toto be inadequate. The need to speed and streamline manage- meet ever-shifting business requirements and deliver flexiblement, avoid ballooning IT workloads, integrate mobile device and responsive IT service management, while helping to reducemanagement with management of the full IT infrastructure, cost. The Tivoli portfolio spans software for security, compli-and more efficiently serve users is driving adoption of a more ance, storage, performance, availability, configuration, operationscomprehensive and unified management approach. and IT lifecycle management, and is backed by world-class IBM services, support and research. For more informationIBM Endpoint Manager for Mobile Devices gives organizations on Tivoli software from IBM, visit: ibm.com/tivolian effective and efficient way to manage the growing numberof mobile devices—owned by employees as well as the Additionally, IBM Global Financing can help you acquire the ITorganization—used in business today. Eliminating the need to solutions that your business needs in the most cost-effective andimplement a separate infrastructure solely for mobile devices, strategic way possible. We’ll partner with credit-qualified clientsthis unified solution provides high levels of application and to customize an IT financing solution to suit your business goals,security management across diverse mobile devices, including enable effective cash management, and improve your total costthose utilizing the Apple iOS, Google Android, Nokia Symbian of ownership. IBM Global Financing is your smartest choice toand Microsoft Windows Phone operating systems. fund critical IT investments and propel your business forward. For more information, visit: ibm.com/financing