This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe.
If you want to get some insight to the trends of mobility in the enterprise, the guy to talk to is Ojas Rege, vice president of strategy for MobileIron. I caught up with him recently and he talked about four major trends that will have a big impact in the years ahead.
The first trend is what is happening from the application security perspective. Enterprises started to get interested in mobile apps about five or six years ago. The larger screen real estate of the Apple iPad really opened companies' eyes to what could be done with mobile apps. The earliest applications were rather ad hoc, usually project-based. Then organizations began building apps around their business workflow, and security became a bigger issue.
With this in mind, a new security initiative was launched at Mobile World Congress this year. The newly formed AppConfig Community has a mission to streamline the adoption and deployment of mobile enterprise applications by providing a standard approach to app configuration and management, building upon the extensive app security and configuration frameworks available in the mobile OS. The members of the AppConfig Community are making it simpler for developers to implement a consistent set of controls so that enterprise IT administrators can easily configure and manage apps according to their business policies and requirements.
Apple is behind the effort, as are several companies from the enterprise mobility management space (including MobileIron). It's getting good traction from the app developer community already because it's the first time developers have had one place to go to get the tools, the schema and best practices to build secure enterprise mobile apps. The first mobile platform to be supported is Apple iOS, but there are tools for Google Android and plans to support Microsoft Windows as demand picks up.
The second trend is the move to cloud when a mobile device is the front end. Much of the discussion on cloud security has been focused on securing the back end – the cloud itself – and then authenticating user access to the cloud. This primarily assumes a web interface to the cloud, with no data being stored on the local PC client.
This model doesn't work when you consider mobile, because no one uses a web browser on a mobile device to access cloud applications. Instead they use native mobile apps, and just managing the authentication of the user is not enough. Now you have to have device trust and app trust, because there is now data that is local to the device.
MobileIron is addressing this need with a new product called MobileIron Access. It sits between the cloud service and the authentication service, and before the authentication request is given to Active Directory Federation Services or any other authentication broker, MobileIron first checks to make sure the device is secure and the application is secure. Only if both are secure does the authentication request get passed on to the identity and access management system. If there is an issue with either an unauthorized device or an unauthorized app, the user is prohibited from bringing enterprise data from the cloud service down to the device until the problem is remediated. MobileIron Access completes the security model for cloud services.
A third mobility trend is the convergence of desktop and mobile, which is being accelerated by Windows 10. Later this year, Microsoft is scheduled to release a final set of capabilities that will really blur the distinction between a desktop OS and a mobile OS.
Rege points to a move that Gartner is making to emphasize this new direction in client management. Gartner is discontinuing its Magic Quadrant on traditional PC lifecycle management tools. Gartner says this industry is mature and there's little innovation left, and in the future enterprises will manage and secure their endpoints using enterprise mobility management (EMM) tools. From a Gartner perspective, they are moving their focus of how security will evolve post Windows 10 to the EMM model. Rege says MobileIron expects that legacy devices will continue to be managed by traditional lifecycle management tools while newer devices, mobile or otherwise, will move entirely to the EMM model.
Rege believes the more interesting aspect of this shift will have to do with people, not technology. Enterprises typically have a distinct desktop support group and a mobile support group. As operating systems like Windows 10 close the gap between the two styles, companies will want to streamline their support teams as well. Rege says the support will shift to the mobile team, and be done at a much lower cost than traditional desktop support. Given the fiefdom of the current desktop team, this might not sit well, but companies have a few years to work through the organizational changes.
A fourth trend affecting mobility has to do with the regulatory environment, largely led by the state of California. This past February, the attorney general of California released a report indicating that the CIS Critical Security Controls are now considered the minimum security requirements for companies that operate in California. In addition, the Center for Internet Security released a companion document to the 20 controls that is basically a mobile version of the controls. What seems to be happening now, at least in California, is the baseline for security is going to be moving from discretionary to being a core part of the governance and compliance model.
These four trends mean that enterprises have a lot to think about and work on where mobility computing is concerned.