Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

[Report] Building a Solid Platform for Enterprise Mobility: Introducing the Mobile Control Plane, by Chris Silva

Managing mobile devices proactively depends on more than the tools — such as mobile device management — that offer a “silver bullet” for the onslaught of mobile support requests. IT has two choices: 1) work to patch and fix by continually amending policies and myopic infrastructure or 2) establish a stance rooted in control over the devices in place today and those likely to be requested tomorrow and well into a multi-device, connected future.

Solving this problem and establishing control is an issue not only of the proper technology but key relationships across the organization, informed and enforceable policy, and a multi-part technology stack to operationalize said policy. We call this the mobile control plane, a complex but critical layer of support that serves as the foundation for enterprise mobile rollouts that’s lacking in most companies today.

[Report] Building a Solid Platform for Enterprise Mobility: Introducing the Mobile Control Plane, by Chris Silva

  1. 1. Building a Solid Platform forEnterprise Mobility:Introducing the Mobile Control PlaneSeptember 19, 2012 By Chris Silva With Charlene Li and Jon Cifuentes Includes input from 23 ecosystem contributors
  2. 2. Executive SummaryEnterprise users have changed the landscape of enterprise mobility through their own device choice. As of late2011, data from SAP’s Enterprise Mobility Survey was showing that 9 out of every 10 employees were carrying asmartphone, and 3 out of every 10 were carrying a tablet at the end of 20111. Smartphone proliferation has onlycontinued to grow, while many companies are maintaining that mobile email, contacts, and calendaring are acomprehensive mobile solution. But in a world of multi-tasking smartphones and tablets with hundreds of thousandsof tools in their application stores, this is no longer the case. Companies’ unwillingness or refusal to improve theirvisibility across device types and build a governance-backed technology stack for managing mobility will hamperusers’ productivity and potentially expose the company to risk as users “backdoor” consumer solutions to fill the voidbetween the tools they need and what’s offered.Managing mobile devices proactively depends on more than the tools — such as mobile device management — thatoffer a “silver bullet” for the onslaught of mobile support requests. IT has two choices: 1) work to patch and fix bycontinually amending policies and myopic infrastructure or 2) establish a stance rooted in control over the devices inplace today and those likely to be requested tomorrow and well into a multi-device, connected future.Solving this problem and establishing control is an issue not only of the proper technology but key relationshipsacross the organization, informed and enforceable policy, and a multi-part technology stack to operationalize saidpolicy. We call this the mobile control plane, a complex but critical layer of support that serves as the foundation forenterprise mobile rollouts that’s lacking in most companies today. Attribution-Noncommercial-Share Alike 3.0 United States | © 2012 Altimeter Group | 1
  3. 3. Table of ContentsThe Out-of-Control Mobile Enterprise ...............................................................................................................................................3Proliferation of Devices Decreases IT Visibility into Enterprise Mobility ............................................................................................3Data Access, Applications, and Roles Multiply the Control Issues ...................................................................................................3Putting IT Back at the Control Switch With a Control Plane ...................................................................................................5Governance Sets the Stage for Mobile Technology Management ....................................................................................................6A Deep Technology Stack Follows Governance .....................................................................................................................................8Recommendations .................................................................................................................................................................................... 11Ecosystem Input ........................................................................................................................................................................................ 13Endnotes ........................................................................................................................................................................................................ 13About Us ........................................................................................................................................................................................................ 15 Attribution-Noncommercial-Share Alike 3.0 United States | © 2012 Altimeter Group | 2
  4. 4. The Out-of-Control Mobile EnterpriseThanks to the introduction of desirable smartphones, like the iPhone, the landscape of enterprise mobility haschanged significantly. Gone are the days when one platform (primarily BlackBerry) was purchased and distributedby the company to employees. Today, a mix of platforms, data, applications, and user roles, coupled with peoplewho “bring your own device” that mixes work and personal purposes, creates a tempest that defies being controlled— and in the process, creates tremendous risk for the organization. The IT department is charged with managingenterprise mobility, but the task is complicated by two factors: 1) a motley crew of devices and 2) heavily fragmenteddata on these mobile devices — detailed below.Proliferation of Devices Decreases IT Visibility into Enterprise MobilityThe number and diversity of devices has proliferated over the past few years, with smartphones now representing55% of all mobile phones users in the US.2 Among enterprise mobile users, 9 out of every 10 employees carrya cellphone, while 3 out of 10 have a tablet.3 This trend has been accelerated by the emergence of desirablesmartphones, like the iPhone and Android platform. And over the course of 2012–2013, we will see at least twonew mobile platforms hit the market in the form of Windows 8 and BlackBerry 10, bringing the likely total number ofplatforms to support up to four at a minimum, the latter two as yet unseen and untested platforms to manage.This is a trend that is impossible to reverse, and the push for employees to use corporate-owned assets isincreasingly an uphill battle. One major health insurance organization shared this challenge in attempting to retaincontrol of device choice:“We’re seeing a need to sweeten the pot for users by extending corporate discounts on devices with major carriers inorder to entice them to use company-owned and provided smartphones.”Gone are the days of one-single platform “of record” with a single tool to manage it. Companies seeking to hang onto this model of simplicity find themselves at odds with a growing number of users. Fewer than 5% of employeescarry two different devices, one for work and a different one for personal use.4 By some estimates, more than half ofbusiness executives and IT managers are unaware of all personal devices used for business purposes, and lack anemployee personal device policy. This trend of “bring your own device” (BYOD) has no end in sight, and with the pushto cut enterprise spending will likely never be reversed.Data Access, Applications, and Roles Multiply the Control IssuesOrganizations are finding that in addition to managing the device, they also need to think about what is actually doneon those devices as another layer of control that’s needed. Over the past few years, mobility has moved from arelatively simple issue of connecting devices to email servers to provide extended access to mission-critical data —beyond email, contacts, and calendar tools — across the organization. Add to this the seemingly endless progressionof top-rated applications — over 900,000 on iOS alone — that can be downloaded onto these devices.5 Finally,consider the complexity of managing roles — where different sets of applications and data are used depending on amobile worker’s role within the organization — and the multiplicative force of what IT must contend with as enterprisemobility quickly becomes hard to fathom.One way to understand the complexity and the risk is to look at it as a journey, on which organizations are only in themiddle of today (see Figure 1): Attribution-Noncommercial-Share Alike 3.0 United States | © 2012 Altimeter Group | 3
  5. 5. Figure 1: Mobile Device Penetration & Use Case Case MaturityFigure 1: Mobile Device Penetration & Use Maturity Ubiquitous Connnectivity: We move beyond smartphones and tablets into a connected world. By 2016, smartphones account for over 67% Rise of of all cell phones Consumerization: worldwide Consumer choice yields more (IHS) device types and apps.  49.7% Penetration of Mobile Devices Connected U.S. smartphone Devices: penetration as of A single, enterprise-chosen device for mobile email.  February 2012 (Nielsen) 29% U.S. smartphone 3.5 mobile devices penetration as of per business user October 2010 in 2012 (Nielsen) (Nielsen) Mobility Ecosystem MaturityData source: Nielsen, iPass, IHS Attribution-Noncommercial-Share Alike 3.0 United States | © 2012 Altimeter Group | 4
  6. 6. Putting IT Back at the Control Switch With a Control PlaneThere are two paths that IT leaders can take, adopting the “hero” model we see in many IT shops, sprinting tosave the day in reaction to crises, or the operator model, maintaining control from a single position, always onestep ahead. The best analogy is a rail yard where the IT manager can play the “hero” persona mentioned above,constantly struggling to mend tracks and switches as the train of user mobile demand bears down on him or her. Incontrast, the proactive IT manager acts as the operator at the switch, handling all of the traffic in the yard from a safedistance, his or her platform providing a vantage point and controls to respond to any changes in demand.To do this, organizations must create the Mobile Control Plan, which is defined as: A platform made up of two parts: 1) governance for informed policy, and 2) a modular technology stack that takes into account devices, data, and users.The Mobile Control Plane, when properly executed, provides a solid platform that can be deployed — comprisedof modular “bricks” of technology and leadership — which accommodates firm footing for mobile tools thatdirectly impact users day-to-day. Figure 2 illustrates the major elements of the Mobile Control Plane, when fullydeployed as needs dictate.Note that Rome was not built in a day and neither will your mobile control plane. As illustrated in the growth ofmobility maturity above, as our needs change so too should the tools we use to facilitate mobility change. Theidea behind the control plane is that it can evolve from an existing investment in mobile device management ormobile application management, adding data security tools as use cases for sensitive information sharing on mobiledevices emerge or identity and authorization tools as single-sign on is extended to the growing number of tools andapplications on users’ devices.Figure 2: The Mobile Control Plane Governance Technology HR Legal & Risk Data Security Tech Leadership Identity/Authorization DLP Policy Design Mobile Device Management NAC Content Strategy Ongoing Training P.I.M. Sync App Management Legal Ongoing Education Service Management SMSSource: “Power to the People: Identify and Empower Your Mobile Workforce” Altimeter Group, June 7, 2012 Attribution-Noncommercial-Share Alike 3.0 United States | © 2012 Altimeter Group | 5
  7. 7. Governance Sets the Stage for Mobile Technology ManagementMost organizations looking to get a handle on mobility have been on their proverbial back foot for the past few yearsas they focused on device management. As demand for emerging platforms, like iOS and Android, eroded thecontrol offered by BlackBerry, many managing mobile platforms took a patch-and-fix approach. These managerswere “on the tracks” as the mobility train gained steam. In fact, where most organizations should begin is byestablishing governance, because the level of control, ownership, and methods that are best to operationalize optimalcontrol, vis-à-vis risk, HR, and legal requirements, will dictate which “bricks” in the control plane need to be built outinitially and added over time. The control plane is constantly growing and evolving, adding modules along the way.Organizations need to define mobility governance in three areas: 1. Data: Classifying information inside of an organization is an onerous task, requiring multiple man- hours and investment in technologies to track and secure data according to its level of confidentiality. Sidestepping this process, however, provides endless opportunity for data to be mishandled, compromised, and lost. Every two days we now create as much information as we did from the dawn of civilization up until 2003.6 This astonishing rate of data creation necessitates a flexible scheme for classifying information as it is generated. This is at the heart of a solid data security and retention policy 2. Policies: Once data is classified, parameters must be established around how that information should be handled; which users and groups have access to which data and tools; and how breaches, misuse, and abuse will be handled. In most organizations, fair use and sometimes even mobile guidelines exist and will not require too much updating as the control plane is built out. Technology use policies and involving HR in determining appropriate use, data ownership, and policy enforcement can help jumpstart policy creation. 3. Training: An ongoing effort both pre- and post-launch of the mobile control plane is educating users in why certain policies and tools are being introduced. Because many of the governance and technologies that make up control plane reign in user features, educating mobile users on the risk and exposure these tools limit will ensure user buy-in. A key element to build into training is clearly illustrating the trade-offs between usability and risk control.An open and ongoing dialogue between IT, Risk Management (if applicable), Legal, and HR should inform everygovernance decision. The table below outlines key areas of governance that must be in place in order to back thetechnology elements of the control plane that will be discussed in the next section.Governance can be applied in a modular fashion similarly to technology. In most organizations that we havespoken with, mobile policy begins as a simple guideline on types of devices and costs that are acceptable toeither pass on to the organization or the expected partners from which additional expense will be accepted. As theorganization begins to contemplate the handling of data in mobile and other connected applications, the complexwork of categorizing data and policy expands beyond simple T&E to include definitions of access tiers and dataportability restrictions. Attribution-Noncommercial-Share Alike 3.0 United States | © 2012 Altimeter Group | 6
  8. 8. Figure 3: Core Governance and Policy Considerations for MCP Function Description Issues to Consider Department: The Legal and Risk Management While Legal and Risk play a key role in Legal & Risk departments are the arbiters of risk inside informing and perhaps approving policy, any organization and should be the lead to their role should be as collaborator in policy inform policy design decisions to ensure design, not leader. protections meet any compliance needs but do not overreach employee rights. Leadership: Having a central leadership role that can Altimeter expects the role of the dedicated Technology coordinate all of the various moving parts “mobility strategist” to take time to evolve Ownership of mobility from device, data, and software as the control plan that this specialist management to interfacing with external maintains comes together. The three-year entities for governance guidance is a much horizon shows this role coordinating not needed — and often nonexistent — role in only internal-facing but also external-facing most organizations. mobile strategy to ensure resources are shared and used effectively. Strategy: Taking into account not just devices but Starting with basic levels of access Access and also identity and roles, access to data and inherited from Active Directory or another Use Guidelines applications and use cases is critical for identity and access system of record is creating an informed and adaptable mobile a reasonable starting point. It is not until policy. One-size-fits-all approaches will not tools such as data protection, NAC, and work for managing mobile users, as each service management come on board that a role requires varying levels of data access, materially different management style will be separate application suites, and varying attainable for various roles. levels of security controls. Strategy: Content strategy in the context of In many organizations, a broad data Data Guidelines mobile management is centered on data classification effort has taken place, classification efforts. Organizations must dictating that certain sets or types of data is work with risk and security teams to have classified and cannot be shared. Companies clear delineation around what information that have compliance burdens, like HIPAA is confidential, sensitive, and public in order and PCI, have a clear guidance on what to craft mobile policies — informed by DLP data can never be put in a position to be tools — to ensure that the former two types shared or lost; however, most organizations of information remain secure inside the lack such clear-cut guidance. organization and off of mobile devices as dictated by policy. Leadership: As features and capabilities are rolled out in Adding a feature to geofence access to Ongoing the control plane, keeping users informed apps and data, with no education, for Training of the functions, as well as their intended example, could result in a slew of mobile and Education purpose, is critical not only to assist users device support calls. but to keep support load well managed. Department: Paired with Legal, the HR team will bound Ensure that HR is not writing checks IT Human the reach of enterprise controls and oversee cannot cash; good policy is only as valid as Resources use of mobile devices regarding what can the tools to implement it. Refine the HR “wish and cannot be enforced upon users and the list” into items the technology stack can devices they own. control.Source: Altimeter Group Attribution-Noncommercial-Share Alike 3.0 United States | © 2012 Altimeter Group | 7
  9. 9. A Deep Technology Stack Follows GovernanceOnce governance is rounded out to account for the mobility needs of workers today, as well as the ubiquitouslyconnected future, technology must be applied to put policy into action. Sourcing the tools to accomplish this froma single partner is near impossible and, as previously discussed, one tool such as MDM won’t accomplish the taskalone or provide the flexibility to manage future devices. Altimeter has noted a trend among mobility vendors to growtheir platforms horizontally through partnerships and integration, and this approach where a single tool offers hooksinto subordinate technologies is a solid indicator of a partner that will scale with business needs.An example of how this integration ideally works includes using a single system as a policy enforcement vehicle ofrecord. Start with a policy engine in a tool, such as a mobile-device-management system, and provide hooks intoData Loss Prevention (DLP) and Systems Incident Event Management (SIEM) tools to invoke data security based onhow data is being used or a correlation of events, respectively. Additional inputs from service monitoring and expensemanagement tools will augment IT visibility beyond just what’s being done with devices but adding information onwhen and how devices are being used. This information can be used dynamically altering how devices fundamentallywork in different scenarios, providing access to data when it’s safe, reporting when devices are being usedinappropriately and shutting down or reporting devices that are being abused or underutilized.Here is an example of how the technology plane might work: • An organization that has allowed for BYOD among its field technicians team puts a policy into place identifying the users in this group as the only allowable users of Apple’s iOS. • An enterprise installation of the Box file-sharing tool is available for document sharing and offline use. However, any documents with customer information can only be accessed inside company headquarters to reduce risk of data loss. These documents and their use are monitored by an installed DLP tool. • An employee on the field team brings his or her device into the office, in this case, an iPad. Upon attempting to connect to the wireless network, a Network Access Control (NAC) tool polls the devices for user credentials. During the initial setup, the user is directed to a secure site via a browser, where they must enter their Active Directory credentials. Once verified against the allowed group, a certificate is downloaded to the device and the device configuration task is kicked off, led by the MDM server. The employee sets up a complex PIN, and device data security is enabled. • Mobile application management tools, triggered by the provisioning requests of the MDM initiate a connection with the device, installing the Box application for file-sharing. Back-end orchestration allows for the user to automatically access documents stored in the Box cloud, as back-end orchestration is allowing for single-sign-on re-using the entered Active Directory credentials to access the cloud service. • With access to information and a connection to the email server (brokered automatically as part of the MDM provisioning process), the user sets out for the field. Seeking to access documents downloaded and synced for offline use earlier, the field tech notes that only product spec files have been left resident on the device, with all customer information removed via autonomous policy enforced by the MDM server when disconnecting from the corporate WLAN. • At the end of the device’s useful life, the field tech turns it over to his or her family for use in the home, replacing it with a new device. Once the new device is added to the system through the same provisioning process as before, the old device is contacted, its applications revoked by the MAM, corporate data wiped by the MDM, and it is automatically reconfigured for use without a PIN code and the requirement for data security. Service is automatically terminated, and “active” asset lists are updated for risk management audit purposes. The lifecycle begins again. Attribution-Noncommercial-Share Alike 3.0 United States | © 2012 Altimeter Group | 8
  10. 10. Many technologies are involved in the lifecycle portrayed above, and still more exist in the potential stack oftechnology for many organizations. The table below presents detail on the various elements of technology that shouldbe considered in building a control plane, though their relative utility and need will vary among organizations.Figure 4: Vendor Landscape — Technology Providers Core Description Example Technology/ Vendors Function Data Security As company data moves into pre-packaged applications and Citrix, Mocana, those built by the enterprise, the need for third-party cryptographic Nukona/ libraries or application “wrappers” that secure app content emerges. Symantec, Approaches may involve placing unique code in an application, Veracode, wrapping an application with encryption, or testing publicly available Appthority apps for vulnerabilities. Identify/ Third-party authorization and identity management tools can tie Okta, Oracle, Authorization together a web of disparate apps with a single sign-on. In addition, Microsoft (Active services in this category will extend the role of identity for internal Directory) systems into triggers for certain policy or management tools. Mobile Device A foundational element of mobile control, Mobile Device Management AirWatch, Management (MDM) centers on management of the device as a physical asset and BoxTone, Citrix, (MDM) application of some policy for its connectivity and function, often the Fiberlink, Good policy enforcement engine of record. Technology, MobileIron, SAP/ Sybase, Zenprise Personal The base-level functionality for connected mobile devices, a conduit IBM, Microsoft, Information between the device and email, contact, and calendar resources, Research In Management either through a standalone server or natively in the email server. Motion Sync (P.I.M. Sync) Mobile Managing the lifecycle of applications from deployment to update and App47, Application ultimately retirement, while keeping them up-to-date and accessible AppCentral, Management is a category unto itself. Enter Mobile Application Management (MAM) Apperian, Citrix, (MAM) which provides application provisioning through a private app store, Verivo Software the management of updates to those applications, and any controls to recall or restrict access to applications from mobile devices. Service The role of service management is understanding how well a device is BoxTone, Management working given access to resources, how often it’s being utilized, and MobileIron, Visage what it costs. This is the job of service management, and this function Mobile, Zenprise can be a complement to or a component of MDM. Digital Loss Outside of the control plan but critical to its function is a hook into McAfee, RSA, Prevention DLP infrastructure to actively scan information against policies for Websense improper usage or against signatures for active defenses against sensitive materials, leaving the enterprise thorough mobile devices or other avenues. Attribution-Noncommercial-Share Alike 3.0 United States | © 2012 Altimeter Group | 9
  11. 11. Core Description Example Technology/ Vendors Function Network Access Network Access Control (NAC) provides a set of rules for profiling Barracuda, Cisco, Control (NAC) endpoint devices in order to provide network access. NAC plays a Juniper role in mobile by orchestrating the policies for network rights across users’ various devices, whether personal or company owned, and provides access to autonomous devices in the future based on static device characteristics, like MAC address. Systems Systems Management Solutions (SMS) are in place in most IT BMC, Citrix, Tivoli/ Management departments as a way to manage company-owned systems, such as IBM, Microsoft, Solutions (SMS) servers, desktops, and laptops. These SMS tools provide visibility into Symantec/Altiris active systems and facilitate patching and updating of those systems. While the latter tasks have not expanded to mobile in large part, these systems may represent the “gold standard” of visibility for which an organization should strive for its mobile devices.Source: Altimeter Group Attribution-Noncommercial-Share Alike 3.0 United States | © 2012 Altimeter Group | 10
  12. 12. RecommendationsTaking control of mobility means accounting for an ever-evolving user and device population that requires more thana single system of control over devices, data, and users. All three points must be addressed, and a governance-informed technology stack that includes device, application, and data management is the only way to scale for theseamlessly connected enterprise.In building these governance and technology platforms, organizations should take into account the followingapproaches in order to remain at the controls and not be tied to the tracks of a runaway enterprise mobility train: • Begin with governance. Focus first on governance to avoid the fate of turning into a reactive IT organization that is constantly patching and fixing the wrinkles in management and security brought about by the evolving mobility landscape. A clear classification of data, strong policies vetted by Legal and HR, and an ongoing commitment to training are all essential starting points. A key element to beginning these conversations is to paint the picture of risk that exists and that inaction will precipitate. Metrics around risk can be elusive, though a reliable fallback can look to sanctions for lack of compliance. Reporting requirements around loss or compromise of customer data is another operating cost metric that may pave the way for interdepartmental cooperation. • Begin or continue to involve a larger swath of the organization. If bridges to HR and Legal have not yet been built, approach the dialogue with a common goal of information protection, an effort that the entire organization will benefit from. In organizations where a Chief Risk Officer or similar role has been put in place — common in compliance-centric industries — a coordinated effort with this function is absolutely required if IT hopes to retain a say in how mobile is managed. If you face resistance from the departments to engage, paint the risk in terms they will understand, quantify the risk factors into dollars and sense, say you will write the rules without their input, etc. • Implement technologies as needed, but avoid overreliance on one. We’ve evolved past the one- device, one-server model of mobility, but a complete control plane as outlined above may not be in order for every organization. Focus initially on critical components that: 1) handle device management; 2) address application and data management; and 3) federate users and allow central user management. As other needs present themselves — again, driven by governance first — add on technology that will support these new governance areas. • Mobile should be managed as an extension of the existing IT infrastructure. Regardless of who owns the device and pays for service, organizations should seek parity of control over BYOD and company-issued devices. One place to look for guidance is within your existing PC and laptop policies. Are users permitted to install any app on their corporate PC? Are corporate PCs using full-disk encryption? A detailed policy engine that enforces beyond the basic Exchange ActiveSync policies is likely in order, as are tools to encrypt application data or “wrapper” applications. • Choose a holistic platform and partner(s). Many strong players exist in various technology categories in the mobile control plane, but a best-of-breed approach works best when backed by a tool that can orchestrate across the many pieces of technology that make up a solid control plane. Looking for a vendor that has taken an open approach to integrating other technologies in the control plane will yield an extensible partner. Vendors such as BoxTone in the MDM space and Apperian in the MAM space have continued to cultivate a best-in-breed network of control plane specialist technologies to extend their capabilities. As modules of technology are added in accordance with need, the base solutions these and other holistically minded vendors offer can address greater portions of the control Attribution-Noncommercial-Share Alike 3.0 United States | © 2012 Altimeter Group | 11
  13. 13. plane. The downside of this partner approach is that as the market constricts, the network of playersmay shrink due to acquisition of some partners, as is already beginning to take place now. For instance,Nukona, a partner to many in this space, has been acquired by Symantec, calling into question thepartnerships it has with existing vendors.But the most important thing to keep in mind during this process is to press potential technologypartners on their partnerships and alliances with other vendors. Make bets on platforms and partnersthat have plenty of hooks into other MCP elements that exist today and are not “in development.”Without that integration, your organization has to rely simply on the policy engine in your mail serverfor mobile management. Extensibility is key, and open integration with adjacent technologies is a markof extensibility for the future. Attribution-Noncommercial-Share Alike 3.0 United States | © 2012 Altimeter Group | 12
  14. 14. Ecosystem InputThis report includes input from market influencers, vendors, and end users who were interviewed or briefed by Altimeter Group during the courseof this research. Input into this document does not represent a complete endorsement of the report by the individuals or companies listed below.Vendors (23)Air PatrolAirWatchAntenna SoftwareAppceleratorApperianApplication CraftAppthorityARMBitzer MobileBoxtoneCitrix SystemsFiberlinkFormotus, Inc.InstallFreeMocanaMokiMobilityOktaPure Oxygen Labs (c/o TwURL)SenchaSymantec/NukonaTrend MicroVerivo SoftwareVisage MobileEnd Notes1 E nterprise Mobility Survey. SAP, September 2011. “ Two Thirds of New Mobile Buyers Now Opting for Smartphones.” Nielsen, July 12, 2012. thirds-of-new-mobile-buyers-now-opting-for-smartphones3 E nterprise Mobility Survey. SAP, September 2011. T he iPass Global Mobile Workforce Report. iPass, March 2012. App Store Metrics. 148Apps. “Eric Schmidt: Every Two Days We Create as Much Information as We Did up to 2003.” Techcrunch, August 4, 2012. Attribution-Noncommercial-Share Alike 3.0 United States | © 2012 Altimeter Group | 13
  15. 15. Open ResearchThis independent research report was 100% funded by Altimeter Group. This report is published under the principleof Open Research and is intended to advance the industry at no cost. This report is intended for you to read, utilize,and share with others; if you do so, please provide attribution to Altimeter Group.PermissionsThe Creative Commons License is Attribution-Noncommercial-Share Alike 3.0 United States at trust is important to us, and as such, we believe in being open and transparent about our financial relationships.With permission, we publish a list of our client base on our website. See our website to learn more: THE INFORMATION AND DATA USED IN THIS REPORT HAVE BEEN PRODUCED AND PROCESSED FROM SOURCES BELIEVEDTO BE RELIABLE, NO WARRANTY EXPRESSED OR IMPLIED IS MADE REGARDING THE COMPLETENESS, ACCURACY, ADEQUACY, ORUSE OF THE INFORMATION. THE AUTHORS AND CONTRIBUTORS OF THE INFORMATION AND DATA SHALL HAVE NO LIABILITY FORERRORS OR OMISSIONS CONTAINED HEREIN OR FOR INTERPRETATIONS THEREOF. REFERENCE HEREIN TO ANY SPECIFIC PRODUCT ORVENDOR BY TRADE NAME, TRADEMARK, OR OTHERWISE DOES NOT CONSTITUTE OR IMPLY ITS ENDORSEMENT, RECOMMENDATION,OR FAVORING BY THE AUTHORS OR CONTRIBUTORS AND SHALL NOT BE USED FOR ADVERTISING OR PRODUCT ENDORSEMENTPURPOSES. THE OPINIONS EXPRESSED HEREIN ARE SUBJECT TO CHANGE WITHOUT NOTICE. Attribution-Noncommercial-Share Alike 3.0 United States | © 2012 Altimeter Group | 14
  16. 16. About Us Chris Silva, Industry Analyst, Mobile Chris Silva is an Industry Analyst focusing on Mobile, where he helps end-user organizations understand how to effectively manage mobile strategies in their organizations for increased brand impact, worker efficiency, and revenue. A 10+ year veteran of the research industry, Chris has led research, events, and consulting operations for IANS Research, Forrester Research, IDC, and two other small boutique research firms. Chris blogs at Charlene Li, Analyst and Founder Charlene Li (@charleneli) is Founder of the Altimeter Group and the author of the New York Times bestseller, Open Leadership. She is also the coauthor of the critically acclaimed, bestselling book Groundswell, which was named one of the best business books in 2008. She is one of the foremost experts on social media and technologies and a consultant and independent thought leader on leadership, strategy, social technologies, interactive media, and marketing. Jon Cifuentes, Researcher Jon Cifuentes works closely with Charlene Li and Susan Etlinger to support their research in disruption on leadership, organizational change in the enterprise, and analytics. Jon joined Altimeter Group after spending 2 years with a Boston-based digital agency, Overdrive Interactive. Jon led social media efforts at Overdrive for many large-scale B2B and B2C organizations. He graduated with degrees in Communications and Philosophy from Boston College. Altimeter Group is a research-based advisory firm that helps companies and industries leverage disruption to their advantage. Contact Us Advisory Opportunities Altimeter Group Email: 1875 S. Grant Street, Suite 680 San Mateo, CA 94402-2667 Attribution-Noncommercial-Share Alike 3.0 United States | © 2012 Altimeter Group | 15