What you need to know about using tablets as clients for enterprise applications

The flurry of new mobile devices continues.  Consumers (who look a lot like your employees) love them.  And they naturally want to use them in their (er, your) enterprise IT environment.  And that’s where the problems start.

It seems like it would be simple to introduce tablets and other mobile devices into the enterprise.  But here’s the worst-kept secret in IT today: it’s not.

And this is a huge problem.  Tablets, which should be a boon to productivity and flexibility for employees, are instead causing IT headaches.

The new mobile realities for application architecture, or: what’s changed thanks to tablets

As we here at Framehawk have been focusing our efforts to help enterprises make tablets productive with enterprise applications, the first thing we see companies struggling with are their long-standing application architecture assumptions.  The tablet is a different animal and many of IT’s assumptions about how clients work with their enterprise apps are no longer valid.

Here’s a quick list of what’s changed in moving from only traditional PCs to a list of application clients that includes tablets.  I’m calling this a list of the “new mobile realities”:

The networks are now varied and unreliable.  Existing applications expect a high-quality, consistent corporate LAN to communicate between clients and servers.  When you use an iPad, you replace that LAN with WiFi or an unreliable mobile network.  Add in the complexities of latency from large geographic distances and network security concerns, and the network becomes a major source of uncertainty.

Client devices now have very constrained – or completely unknown – computing capabilities. iPads, Android tablets, Microsoft Surface, and other mobile devices all have processing and memory constraints connected to size, weight, and battery life trade-offs.  This means that relying on the edge device to take on any of the processing load for applications will put a severe drag on the performance of those applications on that device.  In a BYOD environment, you also have no idea which device will actually be the client at any given time, since by definition you are leaving the choice up to the employee.

The new user interaction model – touch – is drastically different.  Enterprise applications in use today were built to receive input from a mouse and keyboard. The touch and gesture interface of tablets, however, is a very different interaction approach, and the difference is going to have to be accounted for when trying to work with existing applications via a tablet.  In addition, tablet users have an expectation that their interaction on the device will be very simple, specific, and easy – a situation that, putting it nicely, may be at odds with the way an existing enterprise application is designed.

The new client device usage model is quite varied.  With the introduction of tablets as a client in the enterprise application environment, applications need to support a variety of different usage models.  They must be able to handle the short-duration, quick-interaction style usage from tablets at multiple times throughout the day.  They must also still be able to handle the long-lasting, consistent-connection usage from the traditional desktop and laptop PC clients.  And, in some cases, they also need to be able to handle the very dynamic, get-in/get-out usage pattern of smartphone users.  Because employees aren’t (generally) giving up their PCs, enterprise applications must support all of these different patterns at different times from the same user.  IT has to be ready for all possibilities.  The business processes must support all these possibilities as well – no business process silos allowed.

Cloud computing means new deployment options.  At any given time, an application’s servers might be in an organization’s data center, in a hosted virtual private cloud, or in a public cloud – the answer depends upon cost, load, time of day, security, or other business requirements.  Or, the enterprise may be using Software as a Service (SaaS) applications provided by a third party. All of these scenarios add complexity in attempting to provide access to those applications via tablets – and even more so when accessing multiple applications in an enterprise’s portfolio.

Security for mobile devices has many more moving parts – and some different assumptions.  By allowing new devices not owned by IT access to applications from outside the corporate network, the bad guys could have more attack options.  IT’s traditional approach to dealing with unknown or untrusted devices is to say no or lock everything down.  This approach with tablets or other mobile devices results in either unacceptable user experience trade-offs (such as multiple, repeated log-ins and challenges) or draconian legal requirements to control devices that they do not own (such as requiring agreement to remote wipe and the like), putting personal information and assets at risk to somehow meet the enterprise requirements.  And, some of the approaches that IT has used in other situations (like VPN) open up more security holes themselves.

What can IT do about these new mobile realities to accommodate tablets?

So what do you do about this?  There are a number of existing approaches to application mobilization.  But these New Mobile Realities I’ve been talking about are the very things that give the existing approaches fits.  Whether you use VDI, HTML5, or develop some native apps, there are some unavoidable and painful trade-offs.

Of course, here at Framehawk, we look at this as a huge opportunity in need of a solution (we have a white paper you can download that tells a bit more about how we handle a lot of this).

But regardless of what you think of our solution, step 1 for an enterprise is to figure out where the moving parts are and begin to consider solutions that address (or at least understand) the issues.  Hopefully, this list starts you in the right direction.  Stay tuned for a follow-on blog about new ways to think about a solution.

This post also appears on the Framehawk blog.

Want to avoid data leakage from mobile enterprise apps? Use the cloud

You know the conventional wisdom:  if you’re using mobile devices, the best way to secure enterprise application data is some combination of locked-down devices and strong data security measures.

However, both IT and users know the truth that comes with these approaches:  they ratchet up hidden costs while killing user experience and productivity, all in the name of avoiding data leakage.

So what are the better options for mobile access to enterprise applications?

The problem is that there haven’t been too many.  But there is one you might not have thought of:  use cloud computing.

Hold on, you say, isn’t the cloud inherently insecure?  Plus, why would I add another wrinkle in communicating back and forth with tablets -- something that's already pretty iffy over mobile networks. Isn’t that a big gamble?  Actually, it's not -- if you do it right.  With a smart approach (and a technology partner who can deliver on a couple key components), cloud computing can be a surprisingly effective technique to solve the security, performance, user experience, and cost issues plaguing enterprises in providing mobile access to enterprise applications.

Intrigued?  We’re doing a free webcast on the topic with InformationWeek at 10 a.m. Pacific on Tuesday, Jan. 29, 2013.  Join us and we’ll walk you through what I’m proposing here.

The speaker, our CTO and co-founder Stephen Vilke, will look at existing approaches and the trade-offs that enterprises are currently making in application mobilization. He’ll detail the architectural components (both pros and cons) of a cloud-based approach.  And, he’ll show how IT can deliver both secure application data and a UX that employees rave about through the use of a cloud-based architecture.

Stephen will discuss:

• New architectural ideas that mean you don’t ever put any data on the mobile device
• A way for applications to communicate with tablets that’s fast and secure – even over unreliable mobile networks
• How smart use of the cloud can enable the security and usability required by enterprise mobility
• How IT can enable BYOD and still maintain control
• A way to future-proof your development and cost structure

If you're interested in hearing more about this approach, especially given existing application investments and tight application development budgets, join us on Tuesday.  We’ll cover how to pull it off.

Stephen will also leave time to take live questions during the event.  And we promise to keep the vendor sales pitch (yes, Framehawk can help you solve a lot of these issues) to a bare minimum.

Hope you can join us.

Click here to register for our InformationWeek webcast "How to Avoid Data Leakage from Mobile Enterprise Applications: Use the Cloud" at 10 a.m. Pacific (1 p.m. Eastern) on Tuesday, Jan. 29, 2013.  The event will be moderated by Erik Sherman (@ErikSherman), blogger for CBS MoneyWatch and Inc.com.

This post also appears on the Framehawk blog.

What last year tells us about enterprise mobility in 2013

People turn to vastly different sources to predict the future.  A crystal ball.  Tea leaves.  The Mayan calendar.  Industry analysts.  Those sorts of things.

For IT trends, I like to look at patterns from the past year.  It may not be 100% foolproof, but we all know how the predicted Mayan end-of-the-world thing turned out, so I figure it’s worth a shot.

Here are some things we wrote about in 2012 that I think are going to play a big part in shaping enterprise mobility in the year we’ve just started.

In 2013, I think:

Mobile device innovation will be marked by incrementalism.  Tablets and touch-based smartphones already exist as categories, and they now seem to be evolving, rather than shaking the industry to its foundations with every new announcement.  The iPhone 5 announcement didn’t revolutionize the phone.  The iPad Mini filled in a form factor that someone else had tried first.  Neither shocked the world.  In fact, they both drew some collective yawns at the time.

This trend will continue.  Devices won’t create new categories, but rather fill in all the holes and niches in the market that look like they might work.  Some actually will.  Given some of the sales numbers I’ve heard, the iPad Mini is already proving this to be true.

New ways of looking at enterprise mobility will get increased visibility. The existing approaches weren’t built with mobility in mind.  It’s going to be rough to retrofit.  Application development for new platforms isn’t free.  So, organizations will look for compelling new alternatives.

For example, Gartner helped coin a term for a new category last year – workspace aggregators – for one of the new software approaches to mobilizing applications.  It’s still very early days, but 2013 should see a bit uptick in interest and attention for new alternatives to things like VDI and existing attempts at enterprise mobility.  I'm betting workspace aggregators will be one of the innovations in the center of that discussion.

Microsoft will begin to make its mark on mobile, but not necessarily how the market – or they – expect.  The folks from Redmond announced and delivered the Surface last year to a bit of fanfare as well as a bit of skepticism (including from some of us here at Framehawk – though not our CTO).

It’s a pretty tricky offering.  It’s certainly not as simple as the iPad, but maybe that’s the point.  2013 will be the year that Microsoft has a real impact on this space.  We’ll start to find out whether they are playing the right game, or whether it’s going to be rough going.  I’ve seen at least one glowing review of the Surface Pro coming out of CES already.  I’m betting on a slow but steady bit of progress into enterprise mobility for them, as they try to weave mobile into their existing business model.

Actual usage of the new iPad, iPad Mini, Microsoft Surface, and others will begin to make some waves -- industry-shifting waves.  While the tablet category isn’t brand new, it’s having a real impact:  PC sales are down.  And, tablets are causing workers themselves to evolve and change the requirements for how they want to use their devices and do their work.  IT is facing a choice as to whether they want to just “pave the cow paths” by simply letting things happen, or do a strategic re-think about what these devices mean – and how they can best be included in the enterprise environment, regardless of whether they are corporate- or personally-owned.

Speaking of ownership, BYOD will continue as a red-hot topic.  Enterprises will have to give up ignoring it or going through bizarre contortions.  IT will have to address BYOD head-on.  Phones are one thing, but it will become especially important to sort out BYOD policies for tablets.   It might take lawyers.  But IT will be best served making the answer low-touch for the employee and non-disruptive.  These employees of theirs are just trying to do their work in new, more effective ways, after all.

The question for 2013 will be how to make untrusted devices secure enough.  “Trust” for mobile devices was certainly on peoples’ minds last year (and definitely goes hand-in-hand with BYOD), but some clear paradigms will likely shake out this year.  Mobile device management (MDM) in its current form will be seen as only an early step into mobile-enabling an enterprise.  Eventually.  I’m betting the MDM vendors will still have a great year, but enterprises will start to realize that a broader answer would be better.  The MDM vendors already realize this.

When it comes to mobile application development, there will still be lots and lots of questions.  Organizations will continue to question whether they should re-build or modify existing apps for mobile access.  And what approach they should take for brand-new applications.  There are lots of options that need evaluating still.

Oh, and the  HTML5 honeymoon will be over.  Facebook very publically turned its back on HTML5 this year and decided to build their system as a native app.  Salesforce did the opposite.  Many, many enterprises will be able to get a lot of benefits out of HTML5.  They certainly would like to.  They just have to realize it’s not the silver bullet they crave for mobile application development.

As for Framehawk in particular, we have big things planned.  In 2012, we came out of stealth, picked up a “Peoples’ Choice Award” at the Under the Radar event, and one of our customers (UBS) had some great recognition for the work we’re doing together.

Hopefully, this is all just the beginning.  We have big plans for 2013 and expect that when it comes to mobility, most enterprises do, too.  Watch this space for more details about us, and commentary on the fast-moving enterprise mobility space as the year progresses.

And check back next year at this time to see if we were at least more accurate in our predictions than the Mayans.

This post also appears on the Framehawk blog.

A BYOD Christmas Carol: "Bah humbug" is not an option

The ghost suddenly appeared from behind the bed curtains, rattling the old Ethernet cables dangling from its arms.

“Wh-who-who are you?” Scrooge gasped.

“I am your old IT guy, Jacob Marley.  The one who left to take a job at that hot start-up…”

“What are you doing here?”

“I’m here to warn you, Scrooge,” the ghost moaned emphatically.  “You must see the error of your ways.  Your hardworking employees must not be chained to their desks over Christmas or any other time.  Including that Bob Cratchit guy.  Enterprise mobility is your business.  And that means BYOD is your business!”

“Bah, humbug!” scoffed Scrooge.

“You will be visited by 3 spirits this night!  Beware…”

As the clock struck one, the Ghost of Mobility Past clunked around the corner, wrapped in Palm Pilots and dragging Blackberry chargers and belt attachments.

“Scrooge!  Look at these happy scenes from your past.  You and the IT department are in control of employees’ mobile devices.  People can pick any one they want – as long as it’s a Blackberry.”

“Those were happy times,” sighed Scrooge.

“But your employees left you, Scrooge.  You chose to ignore what they loved: Apple products.”

“But I just wanted to save a little more money…I wanted us to be secure and happy…!” rationalized Scrooge, as the ghost faded away.

As the clock struck two, the Ghost of Mobility Present swiped into view, sleek and shiny with aluminum trim, black glass touch screens from head to toe.  An eerie yet friendly white light shone from an Apple logo on the ghost’s back.

“Scrooge!  Employees are bringing iPads, iPhones, and now even iPad Minis.  They want to use these devices today, right now…with your existing enterprise applications!”

Scrooge covered his eyes.  “No, I can’t look!”

“You must look, Ebeneezer:  over the holidays, all of those employees of yours are trying to get work done remotely, out of their offices.”  The Ghost pointed here and there as they flew over home offices and vacation sites.  “They want to get things done when they have a free minute using these wondrous, beautiful new devices.”

“It’s not possible!”  Scrooge insisted, grasping his sleeping cap tightly.  “These applications aren’t built for touch interfaces!  And we don’t have a BYOD policy…”

“Oh, but it is possible, Scrooge,” countered the Ghost of Mobility Present.  “I’ve seen companies big and small starting to do this…but like those from your past, your employees –and now your competitors – are leaving you behind.

“In fact,” the 2nd Ghost continued, “I hear that Bob Cratchit fellow is actually doing quite well.  He even has a financial advisor from UBS who uses an iPad to access wealth management tools and client portfolio information.”

“Bah, humbug!” insisted Scrooge.

And this ghost, too, faded away.

As the clock struck three, the Ghost of Mobility Yet to Be arrived amid a swirl of phablets, styluses, and a rainbow of neon Microsoft Surface covers.  With every wave of an arm, cheap $25 Android tablets tumbled from the ghost’s robes.

“Speak to me, ghost!” implored Scrooge.  “I know I must learn to avoid my terrible fate!  I see more tablets, everywhere!”

The 3rd Ghost was silent, so Scrooge continued, desperate to find the answer himself:  “I…I see the true cyber-Monday – the day everyone gets back to the office after Christmas break.  That’s the day we in IT truly dread!  It’s the day everyone tries to log into the corporate network using the brand new mobile devices they found under their trees Christmas morning.  I see chaos!  Anger!  Does it have to be so, spirit?"

The ghost shook its head.

“And…and…I see a very messy application development and infrastructure budget.  With all these many, many devices, I see that trying to do native development for every individual mobile platform for every enterprise application – it will just be too costly and too time-consuming!  I was wrong, Ghost!  I see that now!  I know what I must do!”

With a flash, the Ghost of Mobility Yet to Be returned Scrooge to his bedroom.

Scrooge burst into the snow-covered city street and dashed to the Cratchit home.  He arrived out of breath, his arms overflowing with presents, including tablets of all shapes and sizes, perhaps even including a Kindle Fire.

“Cratchit, I’ve seen the light!  I’d like you to help me take on a new mobility strategy for our enterprise applications.”

“Oh, Mr. Scrooge,” said Cratchit.  “It’s about time!  You know...we need to think this through carefully.  We’ll need a way to enable mobile access without rewriting all those existing applications.  And, we’ll need a way to make sure we don't but any data on the mobile device – no matter which device people pick.  And, of course, we need to make sure this has the performance and user experience that people will love the whole year through.”

“Yes, yes…I see all that now,” said Scrooge.  "I've had a busy night, you know."

“True," said Cratchit.  "Now…Tiny Tim says there’s this start-up company named Framehawk that is worth checking out…”

“Let’s give ‘em a ring, Cratchit,” said Scrooge.  “Without it, I think it's safe to say that BYOD is frightening enough to scare the Dickens out of anyone.”

Amusing note:  when I was about to post this, I saw that Palador's Benjamin Robbins (@PaladorBenjamin on Twitter) had just gone live with a very similar idea.  Nicely done.  They obviously thought of this far enough in advance to shoot a video with multiple locations, multiple actors, and a script that extensively quotes Charles Dickens.  You can go here to see A Connectivity Carol.  Happy holidays, every one.  If you are interested in an e-Guide on BYOD we did with Computerworld, you can register here.  And, be sure to let us know if you are interested in that solution Scrooge was talking about...

[This post also appears on the Framehawk blog.]

Impact of iPad Mini: Apple as follower and the new shape of BYOD

Apple announced exactly what everyone thought they would a few weeks back: the iPad Mini.  But what does it mean for the iPad to suddenly have a new little brother on the block?

Apple’s marketing materials don’t call it a “shrunken-down iPad,” but rather a “concentrated” version – everything you had before, but in a smaller package.  One industry pundit, Rob Enderle, said the price and size puts Apple in the “worst of all possible worlds.”  Despite comments like that, Apple seems to have had a pretty successful debut weekend, selling 3 million of the new devices.

So what does the iPad Mini mean for Apple – and for the enterprise?

One place it definitely puts Apple is into the role of form-factor follower.  That’s something new.  As Tom Kaneshige mentions, Apple has so often been the opposite: the idea creator.  They are usually the ones so far ahead of everyone else that their ideas themselves send everyone else scrambling to catch up.  And that goes for the actual implementation of the device as well.

Not so this time.  They are now filling in the gaps.

As Simon Bramfitt noted on Twitter during the iPad Mini announcement event, maybe Apple is becoming "what it once set out to overthrow."  The question is:  how close are they to succeeding at becoming just like everyone else?

This was a major question for Apple following the loss of Steve Jobs.  Would they lose their product design and idea creation mojo as well?  It’s easy to throw stones, but it’s certainly safe to say that the iPad Mini (and iPhone 5) announcements were not ones that re-defined the industry.

This seems to feed into something I wrote about a little while back: it feels like we have entered an era of mobile device incrementalism, in which there are lots of new devices, but no game-changers.  The market-defining moves (like the creation of the tablet in the first place) have already been made.  The “next big thing” is actually a collection of pretty small and relatively minor changes.

Now, there are plenty of very powerful new use cases that this smaller iPad enables (@derek32smith tweeted some good ones).  And having seen the iPad Minis that have already shown up here in the Framehawk offices, it may not be a new form factor, but it seems to be a useful one.

Enterprises: getting a handle on BYOD with so many different (yet similar) devices

How does this current incrementalism affect what IT must do to mobilize its enterprise application environment?  And here’s an even more profound question: what if tablets become cheap and even more ubiquitous?  Reports of $45 Android tablets coming out of China or $20 tablets coming out of India make me pretty convinced that tablets will be everywhere.  And not all of them will be Apple’s.

The trouble for the enterprise is dealing with employees who want to work on this increasing variety of devices.  And, generally, the answers that IT has pursued have been device-specific, sometimes looking to provide limited “official” BYOD options (with IT saying “you can bring your own device – as long as what you bring is an iPad”).

But, there has been a huge number of new devices of note (no pun intended) released recently:  the iPad Mini, the new Galaxy Note, the Kindle Fire, and Microsoft Surface.  And more are on the way.

More and more devices from more and more manufacturers means a device-centric approach to BYOD is not feasible now, if it ever really even was.

Instead, the enterprise approach to BYOD needs to be something that allows device independence, but also allows quick delivery of access to existing applications without having to start from scratch.  And without requiring armies of device-specific developers to write code that you might have to throw away.

One other thing for IT to consider is finding a way to test what users need (and want) for accessing enterprise applications via mobile devices.  It would be ideal to be able to get something started quickly, and then measure user adoption.  This goes for particular applications as well as the support for specific devices.  (Who wants to put effort into supporting the Surface, for example, until we know whether it will be a phenomenal success or a dismal failure?)

Sure, there may well be things your enterprise wants to rewrite fully from scratch or specifically for one device.  But wouldn’t you want to know some usage patterns help you make those choices?

As you might guess, the Framehawk solution takes these issues into account.  You don’t have to rewrite your applications for each new device as it appears.  In fact, you don’t change your applications at all.  Ping us if you want to know more.

In the meantime, brace yourself for another wave of new devices to hit the enterprise.  Especially after the holidays.  Consider all this a message to enterprise IT:  a device-based BYOD approach is getting to be a worse and worse idea with each new device.

This post also appears on the Framehawk blog.

What are your dos & don’ts for bringing enterprise apps to the iPad?

In technologies areas that are as new as the push to use iPads with enterprise applications, the experiences of peers are often the best guide to success.  Or at least in helping you steer clear of strategic errors.  And chances to share those experiences are sometimes few and far between.

I'm expecting Wednesday to be one of those chances.

With the help of InformationWeek, Wednesday's the day that we here at Framehawk are holding a live webcast based around sharing useful IT experiences in delivering enterprise mobility.  The speaker is our CTO and co-founder, Stephen Vilke, who has spent the past 2 decades not as a vendor, but as an IT guy, including a stint as a CIO.

Stephen collected his thoughts about the move to mobility that enterprises are undergoing currently and will be presenting them during the first part of Wednesday's webcast.  Then, in the second half, he will take questions and comments from the audience about their experiences and issues to feed the discussion.

The goal is to continue the conversation that we’ve started here on the blog about what IT departments are learning as they work to incorporate tablets and other mobile devices into their enterprise application environments.  The topics will very likely range quite broadly, and Stephen is planning to hit some very relevant insights and war stories from his past, including:

• How to adapt the lessons enterprises learned (good and bad) from managing laptops to the world of mobility
• How mobile user experience, if done right, can drastically decrease support costs
• How the threat of data leakage compares to other security concerns and how they impact BYOD policies
• What is the "killer app" for enterprise mobility, and how can IT deliver it?

The title of the whole event is “Confessions of a CTO: 7 Dos & Don’t for Bringing Existing Enterprise Applications to the iPad.”  Registration is free, so join us if you can.

Even more importantly, if you have your own “confessions” or real-world experiences that you’d like to share, leave a comment here for others to see and learn from.  Or contribute during the live Q&A session on Wednesday’s webcast.  I’ll be tweeting interesting questions and commentary (from Stephen and the audience) during the session (hashtag #CTOconfess), and I'll summarize the more intriguing and useful comments we received here on the blog afterwards.  We're looking forward to some quality discussions Wednesday and beyond.

The InformationWeek Framehawk webcast “Confessions of a CTO: 7 Dos & Don’t for Bringing Existing Enterprise Applications to the iPad” is being held at 10 a.m. Pacific on Wed., Oct. 24.  Go here to register.

This post also appears on the Framehawk blog.

Does the new Amazon Kindle Fire mean the end of BYOD?

Amazon set the tablet market buzzing last week with the announcement of its new line of 7-inch and 9-inch Kindle Fires.  As with the Microsoft Surface announcement earlier in the year, the news got me thinking about the impact of these new devices on the enterprise.

The logical answer is that the more devices there are, the more different devices that consumers are going to have.  And, since iPad-toting employees have been pressuring IT to help them access enterprise resources with those devices, they are very likely to try the same thing with any device they have.

So, the more types of tablets and other mobile devices there are, the more likely that Bring Your Own Device (BYOD) becomes the norm in corporations.  And IT will have to figure out a strategy to keep up.

Or maybe not.

I saw a post by Galen Gruman of InfoWorld on Friday that actually posited that exact opposite.  If the Kindle Fire is successful against the iPad at home, he suggests, it might actually decrease the likelihood that BYOD carries the day in enterprises.

Intrigued?  Here’s his logic:

The new Kindle Fire, which Galen notes is “aimed squarely at the iPad's home users,” is part of Amazon’s effort “to supplant the iTunes-centric Apple ecosystem with an Amazon-centric one.”  If the Kindle Fire picks up steam and consumers prefer that device as their “home” tablet, “that could reshape the iPad's role in business.”

And, since the Kindle Fire isn’t really enterprise-ready, the iPad would continue to fill the that role.  In fact, the iPad might become only your “work” tablet, perhaps even become company-issued devices the way PCs used to be.

The difference is this:  if people use the Kindle Fire at home and the iPad at work, the iPad is no longer that single, unified platform someone would use for both across both worlds.  Galen called this single platform “the fundamental enabler of the consumerization and BYOD phenomena.”

Given this, despite a great proliferation of new devices, the iPad would become the only corporate tablet that everyone optimizes and plans for.  Good-bye, BYOD.

Sure, these are all big “if"s, but they are (as Galen notes) “plausible enough to contemplate.”

IT would probably cheer the death of BYOD.  Ironically, IT normally prefers a situation where they have choice.  However, the BYOD scenario represents too much of a good thing – and it results in options over which they have no control at all, despite the serious security and cost concerns for the enterprise.  Choice, at least in the case of BYOD, is pricey for IT.

However, I don’t think enterprise IT should toss out those half-written BYOD policy papers quite yet.

As much as IT would love to only have to architect and plan for the iPad, I think the BYOD genie is already out of the bottle.  Now that employees realize they can choose their own tablet or mobile phone (or both) and it's just part of IT's lot in life to figure out how to make a wide range of devices productive in an enterprise environment, I don’t think there’s any going back.

Not that enterprises have BYOD completely figured out yet, but users have tasted this control thing– and they like it.  A lot.  Even the teams we are working with at large financial firms (including UBS) are certainly planning for the iPads that employees own, but also other multiple other types of devices, too.

On Twitter, Galen also noted some good news for fans of the freedom that BYOD brings: iPad/iPhone, Windows 8, and Android “all are BYOD-supporting. Maybe WinPhone8 will join in.” Kindle, Windows Phone 7, and Blackberry?  Not so much.

Either way, it looks to be a pretty heated Battle of the Network Stars (er, Ecosystems) for the home entertainment mindshare for Amazon and Apple.  Google plus Android and Microsoft are in the mix, too.

I have to say that the iPad’s monstrous marketshare and popularity make me think that Apple doesn’t have much to worry about.  For the moment, anyway.

However, the fact that this is even an interesting question in the first place is a testament to the impact of consumerization on IT.   For the first time, these battles over the home market could have very serious implications on enterprise IT investment strategies, planning, and even hiring.

No question:  that genie is definitely out of the bottle.

This post also appears on the Framehawk blog.

UBS garners CIO 100 Award for FA Mobile iPad project with Framehawk

Congratulations are definitely in order for Framehawk customer UBS.

At CIO Magazine’s annual recognition event last week, that publication honored UBS with a 2012 CIO 100 Award for its groundbreaking FA Mobile iPad project. And we’re proud to note that Framehawk is playing a key role in that project.

The CIO 100 Awards themselves are kind of a big deal, established to “showcase the transformative power of IT-business innovation.” Tony Pizi and the project team at UBS were honored for their work designing and rolling out the project for their Wealth Management Financial Advisors.

Enabling mobility for those advisors was a big driver for the project in the first place. The short project summary on CIO.com noted the importance that mobility has taken on for both the UBS financial advisors and their clients. The UBS Wealth Management business recognized that investing in a mobile platform would “help attract and retain financial advisor talent and better serve current and new clients.” People want to work for and work with companies investing in mobility.

The project is a great example of how the BYOD trend is making its mark on event the largest financial institutions. The initial release made it possible for financial advisors to “answer client questions about accounts and markets and to give paperless client presentations anytime and anywhere, using their personal iPads,” CIO.com reported in the describing the project.

As for Framehawk, our software is part of the enabling platform that lets advisors access and work with their existing tools on those iPads, while maintaining the high performance and security UBS requires.

CIO.com also underscored the importance of the mobile user experience, something also the Framehawk Platform also helps enable.

“Navigating the platform is simpler than a traditional desktop,” said the CIO.com write-up, “and all proprietary data is safe because nothing is saved on the device.”

For a bit more detail about the UBS FA Mobile project, we have a short write-up on our website.

And, of course, big kudos go to the UBS project team for the well-deserved recognition.

Mobile document and data security: avoiding the Big Work-Around

A week or two back, the Ponemon Institute released some survey data about just how frequently employees in large enterprises are using external, cloud-based services to store and send critical data.

The answer?  Quite a lot.

Penny Crossman of American Banker termed the usage of these services a “huge security hole” in her article on the survey (with the slightly unsettling headline: “Are your bank’s secrets floating in the cloud?”).

After BYOD comes…BYOA

Some folks are calling this the “BYOA” era.  You see, first there was BYOD – Bring Your Own Device.  The logical follow-on is that employees then start using those personal mobile devices to access non-approved -- or at least non-managed -- applications (that’s the “A” in BYOA).  These could be services like Dropbox, Evernote, and Yousendit!, which they’ve downloaded onto their device or can access in the cloud.

In describing this BYOA trend in a Forbes article, Matt McIlwain of Madrona Venture Group saw this as a great way for small start-ups – the ones selling these applications – to get a foothold in the enterprise by finding a balance being “alluring to individual users and small teams” while making themselves “palatable to IT departments.”

While McIlwain thinks these innovative apps that are capturing the attention of users will usher in an era of greater transparency for IT, folks responding to the Ponemon survey I mentioned earlier see it as a big problem.

"These file sharing and file transfer technologies are very convenient," says Larry Ponemon, chairman of the research group. "The take-up rate of these technologies in the workplace is enormous.”

However, Ponemon cautions, “a lot of company confidential information exists in documents — PowerPoints, Word documents, email and such. If you're a cybercriminal, that's where you're going to find the company's crown jewels."

Nobody makes sure employee work-arounds are secure

Some companies are practically forcing their employees to use such services because they don't provide remote access to documents that their staff needs when they're traveling or working from home or a remote office.  Faced with a brick wall, employees who just want to get their work done will find a work-around.  Those work-arounds often become a big part of their day-to-day processes.

With sensitive corporate data involved, what seems like an insignificant compromise becomes the Big Work-Around -- a serious deal.  By definition, nobody’s in charge of making sure those Big Work-Arounds are secure.

There's a war going on around document and data security, says Ponemon. "You are constantly battling the issue of convenience," he says. "The traditional security model is, we'll just turn it off. What we've seen over the last 20 years or more is a move to empowering the end user through things like cloud computing, virtualization, remote devices and the ability to do your work from remote locations. The issue is, can you create solutions that are convenient and allow the users to do the things they need to do? Security has a voice, but there's a bigger voice called productivity and profitability."

Exactly.  So, how do you strike the balance?

To me, it sounds like the description of a strong potential solution is in the problem statement:  give your employees a way to access documents when they’re using their mobile devices that passes the security sniff-test, but doesn’t require unnatural acts by the employee.

OK, but how?  I’ll give you the Framehawk suggestion for doing this as one potential solution:  don’t have employees pull the documents or data onto their devices at all.  Instead, leave everything behind the firewall, but enable very fast, very secure remote access.  It took a bit of product development investment on our part, but it’s working.

How customers are keeping data off the mobile device

In fact, we’re seeing some of the early customers of Framehawk do exactly this.  With Framehawk, they keep their applications and documents behind their firewall, even if their users are accessing them on a mobile device like an iPad or other tablet.  We create a disposable browser stack in our cloud.  Customers get trusted access to those browsers.  Our mobile-optimized protocol delivers only images from these browsers to the tablet, while handling high-speed, secure communications back and forth between the device and the employee’s documents or applications. Nothing is downloaded onto the edge device.

One Framehawk customer sees this as a great way to keep their field team’s mobile usage of salesforce.com in compliance with their security rules.  Their reps can interact with salesforce.com from their iPads, but none of the names, phone numbers, or other sensitive data from the application (or its reports) finds its way onto those devices.

Of course, one of the big potential stumbling blocks that you’d expect in a scenario like this where everything is remote is performance.  That’s a place where our communication protocol shines (thanks to a strong bit of NASA heritage).  The protocol doesn’t rely on TCP/IP (the wait times to make sure information arrived are just too long) and is optimized for mobile networks and the security requirements of enterprises.  Those design points mean this nothing-on-the-device architecture I described actually becomes feasible.

OK, enough of the infomercial.  The point is this: with BYOD comes a very real temptation to use un-secured apps.  Corporate data is at risk, even in corporate-approved applications like salesforce.com, when tablets are involved.  And IT must somehow deal with this.  And like, the Ponemon survey respondents, we think it’s a real issue.

So real, in fact, that we architected an enterprise-focused solution for it.  Ping us if you want to see a demo or start a more detailed discussion.

This post also appears on the Framehawk blog.

On the Surface, Microsoft has good news enterprise

There are plenty of reasons to question Microsoft’s move this week to launch a tablet – and to launch their Microsoft Surface tablet the way they did.  But likely enterprise interest is not one of them.

You could definitely question why they would decide to go against their normal ecosystem of partners – those who provide hardware while Microsoft provides the software.  You could also question whether they have the design point right (landscape, eh?).  And you certainly could nitpick about launching without a delivery date.  Or pricing.

However, as a device, the Surface looks intriguing.  And, a lot of the “typically Microsoft” approaches to lock customers in…er, keep customers coming back aren’t going to work this time around, given their lack of control in the cloud.

Analyst Dana Gardner has a good post on ZDNet about how he thinks some of this will play out. “Microsoft will try to keep this a Windows Everywhere world, but that won’t hold up,” said Gardner. “What makes mobility powerful is the escape from the platform, device, app shackle. Once information and process flow and agility are the paramount goals, those shackles can no longer bind.”

Another big deal with the delivery of the Microsoft Surface, that Dana also noted, is probably the most significant one:  enterprises are deeply wedded to Microsoft, its operating system, and its productivity tools.  We here at Framehawk see this every time we ask customers and potential customers what they want to use from their iPads.  Some very likely initial answers?  Outlook, PowerPoint, Word, and Excel.  SharePoint, too.  A tablet that helps you make the most of those previous investments is a big positive for the enterprise.

Gardner actually thinks the larger implications are pretty profound.  As he said in his post, “with Surface and the Windows PC-tablet hybrid it defines, Microsoft is showing a way to enterprise mobility.”

But will the Microsoft Surface be a winner? Pundits, as always, are mixed (there’s a good SF Chronicle summary here).  I saw comments about the Surface ranging from “rather fantastic” to “not a threat to Apple.” Farhad Manjoo from Slate.com was already “deeply smitten.”  And as Apple fan boys griped a bit about how Microsoft ripped off Apple, I was amused by the alternative view from Lucas Mearian in Computerworld: in fact, Microsoft came up with the tablet PC first (in 2002).  It’s just that nobody cared.

I’m not necessarily convinced that Surface will be a winner, but its appearance (whenever it actually happens) and any adoption it does get in the enterprise, adds to the diversity of devices that IT needs to think about.

A successful Microsoft Surface will increase the need to consider BYOD policies and strategies that are effective, regardless of which device an employee ends up bringing and using for work purposes.  iPads are dominant today.  Android is a player, though still small in the business world.  And, this new entrant from Microsoft will surface an increased need to be device agnostic.  For IT, that means it’s time to really focus on those BYOD issues – and to do so now to get ahead of the curve.

In the meantime, Stephen Vilke, our CTO at Framehawk, tweeted that he “can’t wait” to get his hands on Microsoft’s new tablet.  He expects it, plus Framehawk-delivered applications to be, in his words, “wow.”

And I agree with Jason Hiner of TechRepublic & CNET: “I'll say this about Microsoft Surface... the more I read, write, and think about it, the more genuinely curious I am to get my hands on it.”

I think that’s as good of a start as Microsoft could have asked for at this point.

This article is also posted on the Framehawk blog.

With tablets, do you 'pave the cow path' or rethink IT?

I just saw a nice think piece by Dion Hinchcliffe posted at ZDNet talking about the profound impact of tablets on IT. His premise is that these devices are so revolutionary that IT shouldn’t keep doing things the same way.

In fact, he believes that the rise of the tablet means that we actually can’t, even if we tried.

It’s an interesting thought, for sure. I think the real question that Hinchcliffe’s commentary brings up, though, is whether or not there’s room for doing something fundamentally different while also solving some immediate issues. For example? Like finding a way to make tablets immediately useful in an enterprise.

For starters: making enterprise IT “tablet-ready”

Hinchcliffe talks through the many ways that IT must think about making their capabilities “tablet ready,” especially since “employees are using their tablets for work now.” On the list: requiring a way to handle different OSes and devices, how to service-enable existing IT for tablets, demanding certain enterprise-class features like policy control over apps, cloud-resident data, and location-based services. Not to mention plans for which things to deliver using your inside IT staff v. outsourcing – and how you should take a very close look at security.

The list is definitely complicated and painful to implement. And the suggestions are similar to some we’ve mentioned in discussing BYOD issues we’ve discussed here previously.

Are incremental IT changes enough?

However, in thinking through all this, Hinchliffe comes to the conclusion that simply enabling tablets isn’t going to be enough. Instead of “paving the old cow path” that IT has already been following (I love his bucolic visual), tablets require us to rethink IT.

“Tablets are fundamentally different computing devices with entirely new capabilities,” says Hinhcliffe in his post. “To get the real competitive advantage of the next-generation of end-user computing will require rethinking how tablets and their innate capabilities and strengths can be used to transform business processes. Location-awareness, always-connectedness, augmented reality, pervasive video/audio, and more can create highly situational and context-aware apps that hold the potential to provide hard business benefits.”

All true statements. However, their truth doesn’t negate an immediate-term need that we here at Framehawk are seeing right now. That immediate need is all about enabling those employees that are indeed “using their tablets for work now.”

We have very forward-thinking customers like UBS that are building applications and an IT world that is all about mobility and tablets. But we also have talked to many, many others who need something much simpler. Something like: “I want my employees to be able to use our current apps from their iPad.”

It’s not as revolutionary, but hey, it’s useful.

A bit of a continuum

So it seems like there’s a continuum of mobile needs when it comes to enterprise applications. We’ve started to describe it as a bit of a mobile maturity curve (sounds like a great blog topic to come back to, in fact).

Step one is to get your folks the access they need to do their jobs, with the security and performance required, making use of their mobile devices. The next couple steps after that would include more native-influenced look, feel, and gestures for particular applications. And beyond that: more complex mash-ups as experience warrants – and business demands.

I’m betting that no matter how forward-thinking and revolutionary tablets should enable us to be, there’s a smart way to navigate through the normal incrementalism that comes with enterprise IT, while also preparing yourself for the brave new world where iPads and Android tablets are part of the every-day picture inside a major corporation.

The trick, then, is to find a “step one” approach that lets you also take a “step two” and a “step three” toward the world that Hinchcliffe is a proposing – one where tablets are the inspiration and driver for a new way of doing IT.

And to switch metaphors from cows to hawks for a moment, we think we’re a pretty good example of this. Our customers are beginning to use us as a way to take those incremental steps. We’ll share examples as more customers are able to talk publicly.

In the meantime, pay attention to where those IT cow paths lead: they’re the telltale signs of what’s useful today inside the enterprise. And they’re a great place to start.

This blog is also posted on the Framehawk blog.