By Art Rosenberg, The Unified-View/ UC Strategies
Expert
“Mobility”
includes the different multi-modal mobile endpoint devices and the “mobile
apps” that are having a huge impact on both consumers and business users who
only want to carry a single, personalized device to do all of the following:
1. Communicate dynamically with people in a variety of
ways for either business or personal contacts
2. Access information and self-service applications as
consumers or employees in various modes
3. Control personalized automated notifications
4. Because mobility requires dynamic flexibility of
interaction, UC enablement will be very important for both contact initiators
and contact recipients
The
technology is still evolving to support all of the above, but the biggest
hang-up seems to be keeping the “separation of church and state” for supporting
the device, the public network access, and the mobile application middleware
that must reside within the different endpoint devices. The big argument is
concerned with security
of any information that can be accessed by the mobile device and most IT folks
think they need to control the whole device to protect their business data.
Several
years ago, when Apple came out with the first “smartphone,” I remember posting
an article that suggested that access security to enterprise data should be
controlled at the application levels, not at the device or network levels. I
still believe this is a viable approach. Obviously, it will be a combination of
authentication and encryption that will enable maximum end-to end security in
the mobile Web environment that smartphones and tablets will exploit.
The
BYOD game is forcing organizations to accommodate user choice of mobile device
for both person-to-person communications and business applications access.
Mobile devices should have thin clients to primarily provide wireless access to
applications that control data access, and not store either applications and data
that will be in ‘private” or “public” clouds. That will minimize enterprise
responsibilities for supporting end user mobile devices for employees, business
partners, and customers to different levels of control on the device for what
my colleague, Michael
Finneran, describes as "Secure Containers" and all the MDM (Mobile Device Management)
platforms have them.
I
used to employ the term “Dual Persona” for describing the above mobile device
management requirement, but if you think about it, every mobile user is not
just an employee of a particular organization, but, as a consumer, in addition
to personal/social contacts, they have business relationships all over the
place, each of which require the same kind of security protection of
authentication and encryption. I suggest that the personal mobile device must
be controlled primarily by the individual end users (especially when it comes
to privacy issues), and supported by the network service provider end users
subscribe to, while specific business application access should be controlled
by the organization that provides such mobile applications for authorized
access by their employees, partners, and customers through their business “app
stores.”
So,
we really can have “separation of church and state” within a mobile device,
except that there really will be many “states,” i.e., online applications from
different service providers that will be personalized for individual mobile
users, employees, partners, or consumers. Enterprise organizations have to
accept the fact that BYOD means they are “sharing” the use of a user’s mobile
device, and therefore should only control the access to business information
that is primarily stored on web portals, not on the mobile device itself. That
means if a mobile device is lost or stolen, every provider of information
access applications to a specific user has to be notified and be able to take
protective action. Mobile services are not a “one-stop shop!”
What
do you think?
Copyright
© 2013 The Unified-View, All Rights Reserved Worldwide
Posts
