What you need to know about using tablets as clients for enterprise applications

The flurry of new mobile devices continues.  Consumers (who look a lot like your employees) love them.  And they naturally want to use them in their (er, your) enterprise IT environment.  And that’s where the problems start.

It seems like it would be simple to introduce tablets and other mobile devices into the enterprise.  But here’s the worst-kept secret in IT today: it’s not.

And this is a huge problem.  Tablets, which should be a boon to productivity and flexibility for employees, are instead causing IT headaches.

The new mobile realities for application architecture, or: what’s changed thanks to tablets

As we here at Framehawk have been focusing our efforts to help enterprises make tablets productive with enterprise applications, the first thing we see companies struggling with are their long-standing application architecture assumptions.  The tablet is a different animal and many of IT’s assumptions about how clients work with their enterprise apps are no longer valid.

Here’s a quick list of what’s changed in moving from only traditional PCs to a list of application clients that includes tablets.  I’m calling this a list of the “new mobile realities”:

The networks are now varied and unreliable.  Existing applications expect a high-quality, consistent corporate LAN to communicate between clients and servers.  When you use an iPad, you replace that LAN with WiFi or an unreliable mobile network.  Add in the complexities of latency from large geographic distances and network security concerns, and the network becomes a major source of uncertainty.

Client devices now have very constrained – or completely unknown – computing capabilities. iPads, Android tablets, Microsoft Surface, and other mobile devices all have processing and memory constraints connected to size, weight, and battery life trade-offs.  This means that relying on the edge device to take on any of the processing load for applications will put a severe drag on the performance of those applications on that device.  In a BYOD environment, you also have no idea which device will actually be the client at any given time, since by definition you are leaving the choice up to the employee.

The new user interaction model – touch – is drastically different.  Enterprise applications in use today were built to receive input from a mouse and keyboard. The touch and gesture interface of tablets, however, is a very different interaction approach, and the difference is going to have to be accounted for when trying to work with existing applications via a tablet.  In addition, tablet users have an expectation that their interaction on the device will be very simple, specific, and easy – a situation that, putting it nicely, may be at odds with the way an existing enterprise application is designed.

The new client device usage model is quite varied.  With the introduction of tablets as a client in the enterprise application environment, applications need to support a variety of different usage models.  They must be able to handle the short-duration, quick-interaction style usage from tablets at multiple times throughout the day.  They must also still be able to handle the long-lasting, consistent-connection usage from the traditional desktop and laptop PC clients.  And, in some cases, they also need to be able to handle the very dynamic, get-in/get-out usage pattern of smartphone users.  Because employees aren’t (generally) giving up their PCs, enterprise applications must support all of these different patterns at different times from the same user.  IT has to be ready for all possibilities.  The business processes must support all these possibilities as well – no business process silos allowed.

Cloud computing means new deployment options.  At any given time, an application’s servers might be in an organization’s data center, in a hosted virtual private cloud, or in a public cloud – the answer depends upon cost, load, time of day, security, or other business requirements.  Or, the enterprise may be using Software as a Service (SaaS) applications provided by a third party. All of these scenarios add complexity in attempting to provide access to those applications via tablets – and even more so when accessing multiple applications in an enterprise’s portfolio.

Security for mobile devices has many more moving parts – and some different assumptions.  By allowing new devices not owned by IT access to applications from outside the corporate network, the bad guys could have more attack options.  IT’s traditional approach to dealing with unknown or untrusted devices is to say no or lock everything down.  This approach with tablets or other mobile devices results in either unacceptable user experience trade-offs (such as multiple, repeated log-ins and challenges) or draconian legal requirements to control devices that they do not own (such as requiring agreement to remote wipe and the like), putting personal information and assets at risk to somehow meet the enterprise requirements.  And, some of the approaches that IT has used in other situations (like VPN) open up more security holes themselves.

What can IT do about these new mobile realities to accommodate tablets?

So what do you do about this?  There are a number of existing approaches to application mobilization.  But these New Mobile Realities I’ve been talking about are the very things that give the existing approaches fits.  Whether you use VDI, HTML5, or develop some native apps, there are some unavoidable and painful trade-offs.

Of course, here at Framehawk, we look at this as a huge opportunity in need of a solution (we have a white paper you can download that tells a bit more about how we handle a lot of this).

But regardless of what you think of our solution, step 1 for an enterprise is to figure out where the moving parts are and begin to consider solutions that address (or at least understand) the issues.  Hopefully, this list starts you in the right direction.  Stay tuned for a follow-on blog about new ways to think about a solution.

This post also appears on the Framehawk blog.

Want to avoid data leakage from mobile enterprise apps? Use the cloud

You know the conventional wisdom:  if you’re using mobile devices, the best way to secure enterprise application data is some combination of locked-down devices and strong data security measures.

However, both IT and users know the truth that comes with these approaches:  they ratchet up hidden costs while killing user experience and productivity, all in the name of avoiding data leakage.

So what are the better options for mobile access to enterprise applications?

The problem is that there haven’t been too many.  But there is one you might not have thought of:  use cloud computing.

Hold on, you say, isn’t the cloud inherently insecure?  Plus, why would I add another wrinkle in communicating back and forth with tablets -- something that's already pretty iffy over mobile networks. Isn’t that a big gamble?  Actually, it's not -- if you do it right.  With a smart approach (and a technology partner who can deliver on a couple key components), cloud computing can be a surprisingly effective technique to solve the security, performance, user experience, and cost issues plaguing enterprises in providing mobile access to enterprise applications.

Intrigued?  We’re doing a free webcast on the topic with InformationWeek at 10 a.m. Pacific on Tuesday, Jan. 29, 2013.  Join us and we’ll walk you through what I’m proposing here.

The speaker, our CTO and co-founder Stephen Vilke, will look at existing approaches and the trade-offs that enterprises are currently making in application mobilization. He’ll detail the architectural components (both pros and cons) of a cloud-based approach.  And, he’ll show how IT can deliver both secure application data and a UX that employees rave about through the use of a cloud-based architecture.

Stephen will discuss:

• New architectural ideas that mean you don’t ever put any data on the mobile device
• A way for applications to communicate with tablets that’s fast and secure – even over unreliable mobile networks
• How smart use of the cloud can enable the security and usability required by enterprise mobility
• How IT can enable BYOD and still maintain control
• A way to future-proof your development and cost structure

If you're interested in hearing more about this approach, especially given existing application investments and tight application development budgets, join us on Tuesday.  We’ll cover how to pull it off.

Stephen will also leave time to take live questions during the event.  And we promise to keep the vendor sales pitch (yes, Framehawk can help you solve a lot of these issues) to a bare minimum.

Hope you can join us.

Click here to register for our InformationWeek webcast "How to Avoid Data Leakage from Mobile Enterprise Applications: Use the Cloud" at 10 a.m. Pacific (1 p.m. Eastern) on Tuesday, Jan. 29, 2013.  The event will be moderated by Erik Sherman (@ErikSherman), blogger for CBS MoneyWatch and Inc.com.

This post also appears on the Framehawk blog.

Making mobile user experience ‘tablet-y’ for enterprise applications

We’ve been checking off the various dos & don’t for bringing enterprise applications to iPads and other mobile devices.  There are a lot of them.  So many that our CTO Stephen Vilke did an entire webcast about the topic (summarized in this white paper).

Last week I brought up mobile security.  The issue that goes hand-in-hand with that is user experience (UX).  In fact, mobile user experience is usually what suffers when IT operations and corporate compliance get their way.

Stephen, however, is not one to just say, “Oh, well, the users are just going to have to deal with it.”  In fact, avoiding that mistake is core to his CTO tip this time around:

DON’T underestimate the importance of building a rich user experience.

From Stephen’s perspective if security is king for tablets in the enterprise, then user experience is certainly next in line for the throne.  IT departments simply must deliver a strong user experience, says Stephen. If the (albeit brief) history of mobile has taught us anything, it’s that if people don’t like it, they won’t use it.

"How many times have you heard, 'our sales team, managers -- insert group here -- are not using a new system because it’s not easy to use'? Or 'the users hate using the application because it’s hard to do anything with it'? 

"The more time you spend at the beginning of a project making sure there is a rich user experience, the more user satisfaction will increase. This does not have to mean a full re-write for your legacy applications, but rather it is about researching how your audience interacts with applications on their current hardware (PC and laptop) and adding some iPadness to that application when you deliver it on a tablet.  Make it tablet-y!  No one wants a PC experience replicated exactly on a tablet. 

"In fact, at the core of this 'consumerization of IT' revolution inside the enterprise is user experience -- employees asking to use their own iPad at work because it’s easy to use, and easy to be productive with. The only reason employees use the IT systems at work is because their job depends on it. If workers weren’t forced to execute expense reports with scanners, scissors, and tape, and instead could execute it faster with an iPhone app, they would likely opt for the quick route and actually spend a little more time doing their job. Moreover, they might even enter information into a CRM system more frequently if they could do it from their iPad wherever they happen to be."

User experience drives user adoption. And, as Stephen has noted more than a couple times in his career, good news travels fast. The more people use something, the more they will share their experiences with others, and the faster the rate of adoption.

Moreover, building a strong user experience is going to drive productivity across your range of use cases. Technology should not get in the way of a user’s productivity. Virtual desktop infrastructure (VDI) solutions are notorious for letting the user down when it comes to the user experience. A salesperson, physician, investment advisor, or whatever the role, does not want the mobile version of their virtual app to slow them down. Conversely, creating native applications unique to the user’s job can increase their productivity as well as their effectiveness, but can also be time consuming and very, very expensive.  Says Stephen:

"Try to make it simple. If done right, UX can drastically decrease support costs. Leveraging a simple user experience, one that is intuitive and user-friendly means that there will be fewer knots to untangle down the line. The up-front costs distributing applications to tablets are one thing, sustaining their upkeep and performance is something else. 

"Companies with successful implementations spend roughly 25 percent of their implementation costs on delivering user adoption – for things like training, communications, and change management. Larger implementations can spend roughly 30-35 percent on user adoption. Spending time at the beginning of a project on the user experience can lower these costs."

Think about it.  Says Stephen: “no one trained you to use Google, Craigslist, or CNN.com.”  He’s not saying to just drop all of those mobile security concerns.  But remember this:  UX is worth more time and effort than IT has been used to devoting to it.  And in this more tablet-y world, that’s going to have to change.

This post also appears on the Framehawk blog.

What last year tells us about enterprise mobility in 2013

People turn to vastly different sources to predict the future.  A crystal ball.  Tea leaves.  The Mayan calendar.  Industry analysts.  Those sorts of things.

For IT trends, I like to look at patterns from the past year.  It may not be 100% foolproof, but we all know how the predicted Mayan end-of-the-world thing turned out, so I figure it’s worth a shot.

Here are some things we wrote about in 2012 that I think are going to play a big part in shaping enterprise mobility in the year we’ve just started.

In 2013, I think:

Mobile device innovation will be marked by incrementalism.  Tablets and touch-based smartphones already exist as categories, and they now seem to be evolving, rather than shaking the industry to its foundations with every new announcement.  The iPhone 5 announcement didn’t revolutionize the phone.  The iPad Mini filled in a form factor that someone else had tried first.  Neither shocked the world.  In fact, they both drew some collective yawns at the time.

This trend will continue.  Devices won’t create new categories, but rather fill in all the holes and niches in the market that look like they might work.  Some actually will.  Given some of the sales numbers I’ve heard, the iPad Mini is already proving this to be true.

New ways of looking at enterprise mobility will get increased visibility. The existing approaches weren’t built with mobility in mind.  It’s going to be rough to retrofit.  Application development for new platforms isn’t free.  So, organizations will look for compelling new alternatives.

For example, Gartner helped coin a term for a new category last year – workspace aggregators – for one of the new software approaches to mobilizing applications.  It’s still very early days, but 2013 should see a bit uptick in interest and attention for new alternatives to things like VDI and existing attempts at enterprise mobility.  I'm betting workspace aggregators will be one of the innovations in the center of that discussion.

Microsoft will begin to make its mark on mobile, but not necessarily how the market – or they – expect.  The folks from Redmond announced and delivered the Surface last year to a bit of fanfare as well as a bit of skepticism (including from some of us here at Framehawk – though not our CTO).

It’s a pretty tricky offering.  It’s certainly not as simple as the iPad, but maybe that’s the point.  2013 will be the year that Microsoft has a real impact on this space.  We’ll start to find out whether they are playing the right game, or whether it’s going to be rough going.  I’ve seen at least one glowing review of the Surface Pro coming out of CES already.  I’m betting on a slow but steady bit of progress into enterprise mobility for them, as they try to weave mobile into their existing business model.

Actual usage of the new iPad, iPad Mini, Microsoft Surface, and others will begin to make some waves -- industry-shifting waves.  While the tablet category isn’t brand new, it’s having a real impact:  PC sales are down.  And, tablets are causing workers themselves to evolve and change the requirements for how they want to use their devices and do their work.  IT is facing a choice as to whether they want to just “pave the cow paths” by simply letting things happen, or do a strategic re-think about what these devices mean – and how they can best be included in the enterprise environment, regardless of whether they are corporate- or personally-owned.

Speaking of ownership, BYOD will continue as a red-hot topic.  Enterprises will have to give up ignoring it or going through bizarre contortions.  IT will have to address BYOD head-on.  Phones are one thing, but it will become especially important to sort out BYOD policies for tablets.   It might take lawyers.  But IT will be best served making the answer low-touch for the employee and non-disruptive.  These employees of theirs are just trying to do their work in new, more effective ways, after all.

The question for 2013 will be how to make untrusted devices secure enough.  “Trust” for mobile devices was certainly on peoples’ minds last year (and definitely goes hand-in-hand with BYOD), but some clear paradigms will likely shake out this year.  Mobile device management (MDM) in its current form will be seen as only an early step into mobile-enabling an enterprise.  Eventually.  I’m betting the MDM vendors will still have a great year, but enterprises will start to realize that a broader answer would be better.  The MDM vendors already realize this.

When it comes to mobile application development, there will still be lots and lots of questions.  Organizations will continue to question whether they should re-build or modify existing apps for mobile access.  And what approach they should take for brand-new applications.  There are lots of options that need evaluating still.

Oh, and the  HTML5 honeymoon will be over.  Facebook very publically turned its back on HTML5 this year and decided to build their system as a native app.  Salesforce did the opposite.  Many, many enterprises will be able to get a lot of benefits out of HTML5.  They certainly would like to.  They just have to realize it’s not the silver bullet they crave for mobile application development.

As for Framehawk in particular, we have big things planned.  In 2012, we came out of stealth, picked up a “Peoples’ Choice Award” at the Under the Radar event, and one of our customers (UBS) had some great recognition for the work we’re doing together.

Hopefully, this is all just the beginning.  We have big plans for 2013 and expect that when it comes to mobility, most enterprises do, too.  Watch this space for more details about us, and commentary on the fast-moving enterprise mobility space as the year progresses.

And check back next year at this time to see if we were at least more accurate in our predictions than the Mayans.

This post also appears on the Framehawk blog.

One thing enterprises can't compromise on: mobile security

The latest in our series of 7 dos & don’ts for bringing enterprise applications to iPads is likely so self-evident – and important – that it probably should have been listed first.

The topic is mobile security.  No surprise.  In fact, not thinking about how to avoid unauthorized access and data breaches would indeed be a serious (and job-threatening) confession from anyone in IT related to a mobile project.

Here’s what our CTO and co-founder Stephen Vilke recommended in our recent webcast:

DON’T even think about it if it’s not secure.  That goes for both hardware and data.

While IT is often driven by end user expectations – especially when dealing 
with mobile devices – security is still an
 IT mandate. Naturally, enterprises wanting to make use of tablets, smartphones, and the like will
 have more stringent security requirements than those provided automatically by consumer devices.

Stephen went to great lengths to emphasize that it is an absolute must for IT to properly secure both an organization’s data at rest and data 
in motion.
 Ideally, no data should be stored on the mobile device itself. Instead, newer technologies can ensure that no data leaves your data center. Sophisticated communication protocols should be leveraged to provide a mobile connection to enterprise systems without the physical transfer of data between device and network.

On the hardware side, because most tablets lack USB ports and DVD drives, at least
 one element of security is easier to manage than for conventional laptops (although this may change in the future). However, in addition to being easier to misplace, tablets’ portability and desirability make them obvious targets for theft.

As a result, robust encryption and password enforcement are critical to ensure data security, and tracking and remote wipe can be important to make sure that lost or stolen devices do not lead to major breaches of confidentiality or disclosure of sensitive information. And given the rate of change, IT has to be on top of the latest, while remembering a few of the things from the past.  Says Stephen:

 “As companies develop security and mobility strategies to deal with these devices, it is worth bearing in mind the lessons we learned from managing laptops, and how we thought about securing those devices way back when. 

“There are now more attack vectors than ever for the bad guys, so having policies, standards, and guidelines around security are a must.  Education is key only if it’s enforced. This goes from two-factor authentication (2FA) to sensitive client data to VPN connections to credentials storage. 

“The tablet is forcing us to build on what we’ve learned before and to rethink what needs to be secured – and when.  Tablets won’t be powerful enough for the foreseeable future to run edge-point analysis, intrusion detection, anti-virus and yet still supply the user with app functionality. We (IT) crippled hugely powerful machines to the point of 10-minute boot times – these tablets have no chance. However, their simplicity offers new strategies – these need to be thought out.”

If it’s not obvious from these comments (or previous blog posts), Stephen sees security as one of the most important issues in enabling tablets in your enterprise IT environment.

It’s no surprise, then, that we’ve wrapped strict security measures into everything we’re working on here at Framehawk.  In fact, we've taken some new approaches to enable a whole new level of security for applications that will be mobile-enabled.  For more on the architectural differences that make security a big differentiator for Framehawk, you can start with this white paper (registration required).

To read more of our CTO Stephen Vilke's perspectives on enterprise mobility, you can download “Confessions of a CTO: 7 Dos & Don’ts for Bringing Your Existing Apps to the iPad,” the companion white paper to this series of blog posts and our recent webcast (registration required).

[This post also appears on the Framehawk blog.]

What are your dos & don’ts for bringing enterprise apps to the iPad?

In technologies areas that are as new as the push to use iPads with enterprise applications, the experiences of peers are often the best guide to success.  Or at least in helping you steer clear of strategic errors.  And chances to share those experiences are sometimes few and far between.

I'm expecting Wednesday to be one of those chances.

With the help of InformationWeek, Wednesday's the day that we here at Framehawk are holding a live webcast based around sharing useful IT experiences in delivering enterprise mobility.  The speaker is our CTO and co-founder, Stephen Vilke, who has spent the past 2 decades not as a vendor, but as an IT guy, including a stint as a CIO.

Stephen collected his thoughts about the move to mobility that enterprises are undergoing currently and will be presenting them during the first part of Wednesday's webcast.  Then, in the second half, he will take questions and comments from the audience about their experiences and issues to feed the discussion.

The goal is to continue the conversation that we’ve started here on the blog about what IT departments are learning as they work to incorporate tablets and other mobile devices into their enterprise application environments.  The topics will very likely range quite broadly, and Stephen is planning to hit some very relevant insights and war stories from his past, including:

• How to adapt the lessons enterprises learned (good and bad) from managing laptops to the world of mobility
• How mobile user experience, if done right, can drastically decrease support costs
• How the threat of data leakage compares to other security concerns and how they impact BYOD policies
• What is the "killer app" for enterprise mobility, and how can IT deliver it?

The title of the whole event is “Confessions of a CTO: 7 Dos & Don’t for Bringing Existing Enterprise Applications to the iPad.”  Registration is free, so join us if you can.

Even more importantly, if you have your own “confessions” or real-world experiences that you’d like to share, leave a comment here for others to see and learn from.  Or contribute during the live Q&A session on Wednesday’s webcast.  I’ll be tweeting interesting questions and commentary (from Stephen and the audience) during the session (hashtag #CTOconfess), and I'll summarize the more intriguing and useful comments we received here on the blog afterwards.  We're looking forward to some quality discussions Wednesday and beyond.

The InformationWeek Framehawk webcast “Confessions of a CTO: 7 Dos & Don’t for Bringing Existing Enterprise Applications to the iPad” is being held at 10 a.m. Pacific on Wed., Oct. 24.  Go here to register.

This post also appears on the Framehawk blog.

UBS garners CIO 100 Award for FA Mobile iPad project with Framehawk

Congratulations are definitely in order for Framehawk customer UBS.

At CIO Magazine’s annual recognition event last week, that publication honored UBS with a 2012 CIO 100 Award for its groundbreaking FA Mobile iPad project. And we’re proud to note that Framehawk is playing a key role in that project.

The CIO 100 Awards themselves are kind of a big deal, established to “showcase the transformative power of IT-business innovation.” Tony Pizi and the project team at UBS were honored for their work designing and rolling out the project for their Wealth Management Financial Advisors.

Enabling mobility for those advisors was a big driver for the project in the first place. The short project summary on CIO.com noted the importance that mobility has taken on for both the UBS financial advisors and their clients. The UBS Wealth Management business recognized that investing in a mobile platform would “help attract and retain financial advisor talent and better serve current and new clients.” People want to work for and work with companies investing in mobility.

The project is a great example of how the BYOD trend is making its mark on event the largest financial institutions. The initial release made it possible for financial advisors to “answer client questions about accounts and markets and to give paperless client presentations anytime and anywhere, using their personal iPads,” CIO.com reported in the describing the project.

As for Framehawk, our software is part of the enabling platform that lets advisors access and work with their existing tools on those iPads, while maintaining the high performance and security UBS requires.

CIO.com also underscored the importance of the mobile user experience, something also the Framehawk Platform also helps enable.

“Navigating the platform is simpler than a traditional desktop,” said the CIO.com write-up, “and all proprietary data is safe because nothing is saved on the device.”

For a bit more detail about the UBS FA Mobile project, we have a short write-up on our website.

And, of course, big kudos go to the UBS project team for the well-deserved recognition.

Mobile document and data security: avoiding the Big Work-Around

A week or two back, the Ponemon Institute released some survey data about just how frequently employees in large enterprises are using external, cloud-based services to store and send critical data.

The answer?  Quite a lot.

Penny Crossman of American Banker termed the usage of these services a “huge security hole” in her article on the survey (with the slightly unsettling headline: “Are your bank’s secrets floating in the cloud?”).

After BYOD comes…BYOA

Some folks are calling this the “BYOA” era.  You see, first there was BYOD – Bring Your Own Device.  The logical follow-on is that employees then start using those personal mobile devices to access non-approved -- or at least non-managed -- applications (that’s the “A” in BYOA).  These could be services like Dropbox, Evernote, and Yousendit!, which they’ve downloaded onto their device or can access in the cloud.

In describing this BYOA trend in a Forbes article, Matt McIlwain of Madrona Venture Group saw this as a great way for small start-ups – the ones selling these applications – to get a foothold in the enterprise by finding a balance being “alluring to individual users and small teams” while making themselves “palatable to IT departments.”

While McIlwain thinks these innovative apps that are capturing the attention of users will usher in an era of greater transparency for IT, folks responding to the Ponemon survey I mentioned earlier see it as a big problem.

"These file sharing and file transfer technologies are very convenient," says Larry Ponemon, chairman of the research group. "The take-up rate of these technologies in the workplace is enormous.”

However, Ponemon cautions, “a lot of company confidential information exists in documents — PowerPoints, Word documents, email and such. If you're a cybercriminal, that's where you're going to find the company's crown jewels."

Nobody makes sure employee work-arounds are secure

Some companies are practically forcing their employees to use such services because they don't provide remote access to documents that their staff needs when they're traveling or working from home or a remote office.  Faced with a brick wall, employees who just want to get their work done will find a work-around.  Those work-arounds often become a big part of their day-to-day processes.

With sensitive corporate data involved, what seems like an insignificant compromise becomes the Big Work-Around -- a serious deal.  By definition, nobody’s in charge of making sure those Big Work-Arounds are secure.

There's a war going on around document and data security, says Ponemon. "You are constantly battling the issue of convenience," he says. "The traditional security model is, we'll just turn it off. What we've seen over the last 20 years or more is a move to empowering the end user through things like cloud computing, virtualization, remote devices and the ability to do your work from remote locations. The issue is, can you create solutions that are convenient and allow the users to do the things they need to do? Security has a voice, but there's a bigger voice called productivity and profitability."

Exactly.  So, how do you strike the balance?

To me, it sounds like the description of a strong potential solution is in the problem statement:  give your employees a way to access documents when they’re using their mobile devices that passes the security sniff-test, but doesn’t require unnatural acts by the employee.

OK, but how?  I’ll give you the Framehawk suggestion for doing this as one potential solution:  don’t have employees pull the documents or data onto their devices at all.  Instead, leave everything behind the firewall, but enable very fast, very secure remote access.  It took a bit of product development investment on our part, but it’s working.

How customers are keeping data off the mobile device

In fact, we’re seeing some of the early customers of Framehawk do exactly this.  With Framehawk, they keep their applications and documents behind their firewall, even if their users are accessing them on a mobile device like an iPad or other tablet.  We create a disposable browser stack in our cloud.  Customers get trusted access to those browsers.  Our mobile-optimized protocol delivers only images from these browsers to the tablet, while handling high-speed, secure communications back and forth between the device and the employee’s documents or applications. Nothing is downloaded onto the edge device.

One Framehawk customer sees this as a great way to keep their field team’s mobile usage of salesforce.com in compliance with their security rules.  Their reps can interact with salesforce.com from their iPads, but none of the names, phone numbers, or other sensitive data from the application (or its reports) finds its way onto those devices.

Of course, one of the big potential stumbling blocks that you’d expect in a scenario like this where everything is remote is performance.  That’s a place where our communication protocol shines (thanks to a strong bit of NASA heritage).  The protocol doesn’t rely on TCP/IP (the wait times to make sure information arrived are just too long) and is optimized for mobile networks and the security requirements of enterprises.  Those design points mean this nothing-on-the-device architecture I described actually becomes feasible.

OK, enough of the infomercial.  The point is this: with BYOD comes a very real temptation to use un-secured apps.  Corporate data is at risk, even in corporate-approved applications like salesforce.com, when tablets are involved.  And IT must somehow deal with this.  And like, the Ponemon survey respondents, we think it’s a real issue.

So real, in fact, that we architected an enterprise-focused solution for it.  Ping us if you want to see a demo or start a more detailed discussion.

This post also appears on the Framehawk blog.