Enterprises of all sizes are deploying wireless networks, investing in devices and extending application access to their mobile workers at an increasing rate. This growing popularity of mobile computing can be attributed to several key factors. Devices are getting smaller and more powerful. The amount of information they can store and the number of applications they can run is growing. Declining prices for this hardware, along with increased standardization of operating systems and protocols is also making mobile computing solutions economically viable to a wide range of organizations.
Its clear these factors are making mobility more attractive. According to IDCs October 2005 report, Worldwide Mobile Worker Population Forecast and Analysis 20052009, the mobile worker population will account for more than one-quarter of the global workforce by 2009. Thats an increase from more than 650 million workers worldwide in 2004 to more than 850 million.
As mobile computing grows in popularity, the benefits of maintaining a mobile enterprise are becoming more accepted. Encouraged by the promise of increased responsiveness to customers and enhanced productivity and work/life balance for employees, enterprises are finally recognizing the strategic importance of mobile workers.
Implementing a mobile computing policy is an essential element to ensuring these deployments go smoothly and promote worker productivity. While the benefits of a mobile workforce are clear, many enterprises have delayed their mobility initiatives due to concerns about security. As a result, most mobile computing policies that do exist revolve around security guidelines many of which actually impede an organizations ability to reap the productivity and efficiency benefits that prompted a wireless roll-out in the first place.
Today, although security is a critical part of managing a mobile workforce, organizations are realizing that its important to consider several other key factors, such as performance and ease-of-use. While exact requirements may vary depending on the size of each individual organization, there are five things enterprises must consider when devising a mobile computing policy:
5. Cost, control, and management.
The physical boundaries between public and private networks are blurring, increasing the already critical need for security. Its obviously important to ensure that mobile workers cant be snooped on while accessing the corporate network remotely, or that key data and access privileges cant fall into the wrong hands if a device is lost or stolen. Because mobile workers often roam across multiple networks, including some that the enterprise does not own or control, such as WiFi hotspots, security policies need to be tailored according to the network in use. A mobile computing policy should also take into consideration the need to comply with government or industry regulations. This may include data encryption or user authentication. The policy should also make provision for regular backups.
Mobile workers are often on the frontlines of the business, working directly with customers on mission-critical tasks. They do not have the time to cope with application crashes and slow connections. When setting access policies, consideration should be given to bandwidth and device-type so that users can enjoy optimum performance and customers can benefit from maximum effectiveness. For example, consider limiting access to bandwidth-intensive applications when workers are using a slower connection, but increasing their access privileges when they switch to a higher-performance network.
By the same token, higher security precautions and usage limitations traditionally associated with mobile devices must not impact the convenience of mobility. If users have to re-authenticate or reconfigure or, worse, recover lost data every time they lose a connection, an application crashes, or they suspend their mobile devices to conserve battery life, their dissatisfaction with the network will increase, while their productivity decreases. If these problems occur, they will either find a way to bypass security precautions altogether or simply refuse to use the device. Consider making the process as seamless as possible for the user by maximizing application persistence.
An organization must also consider its policy on user support: mobile workers may need to be given priority over stationary or remote workers. Equally, ergonomic and health considerations should be factored in here, as they affect user effectiveness both short- and long-term.
As with any policy, a degree of control is given to the user. With that control comes responsibility, so a mobile computing policy should include guidelines on acceptable and appropriate use bearing in mind security, productivity and etiquette.
Cost, Control, & Management
A mobile computing policy should also consider aspects such as asset tracking and standard software distribution, to prevent use of unauthorized applications and devices, ensure mobile assets are utilized effectively, and minimize the management burden.
Mobile devices are difficult to manage. It is frustrating to troubleshoot, since there is no physical connection and problems can be intermittent. In the mobile computing policy it is, therefore, important to consider policy management features that let IT managers prevent or restrict mobile workers from using designated applications or networks based on the type, speed or name of a network to which a user or device is connected.
With these five factors in mind, here are the steps involved when drafting a mobile computing policy:
1. Map the territory
Consider whom the policy affects, where they are located, and what devices and networks they will be using. This may include networks (such as hotspots) and devices (kiosks) that are beyond your control, so any default settings should assume that all networks are untrusted.
2. Draw up the wish list
Consider to what information those users need access, how frequently and when they need it. Do they require simple e-mail and Web access or do they need to upload information to a central database in real-time?
3. Compare against existing policies
The governing principles of who has access to what should be laid out in an existing security policy; the mobile computing guidelines should reflect this.
4. Access and acceptable use
Next, its time to lay out the mobile computing guidelines themselves focusing on access privileges, permitted activities, and acceptable use for each type of device, user and location/network. Consider not just what makes the action secure, but also how to optimize network and application performance. For example, it might be necessary to limit access to high-bandwidth applications from low-bandwidth connections, or to minimize authentication procedures for non-confidential data when users are roaming across several networks. Outline here the technologies that will be used to enforce policy compliance.
5. Incident response plan
Any mobile computing policy needs to include an incident response plan in case of a security breach. IT also needs to include a corporate policy towards unacceptable use, whether deliberate or through negligence.
If a wireless solution is doing its job well, no one should know its there. For the mobile worker, this means real-time, continuous access to the right data and applications whenever and wherever they need it. For IT professionals, this means a mobile computing solution that offers users what they need and want. It also means a solution that has the least drain on IT resources in regards to deployment, administration, and management.
Consequently, a successful mobile computing policy is essential to ensuring that the needs and expectations of mobile workers and IT professionals are fulfilled. The policy should not only ensure mobile workers are safe and compliant, but also that they are productive and able to do their jobs without frustration, interruption, or inconvenience. Ultimately, the net result should be a faster return on any mobile investment through enhanced productivity and increased customer satisfaction. IT
Andy Willett is senior VP of sales at NetMotion Wireless, a provider of remote secure access solutions that allow users to connect to mission-critical applications over wireless networks. For more information, please visit the company online at www.netmotionwireless.com (news - alerts).
If you are interested in purchasing reprints of this article (in either print or PDF format), please visit Reprint Management Services online at www.reprintbuyer.com or contact a representative via e-mail at [email protected] or by phone at 800-290-5460.