VDC Research: Enterprise & Government Mobility Market Blog

Growing recognition of security threats associated with the unrelenting BYOD trend promise to drive mobile security to the forefront of IT agendas in coming months. Moving forward, BYOD policies and other “consumerization” pressures surrounding mobility will challenge IT organizations to widen the scope of their mobile security strategies for an increasingly mobile workforce.

IBM’s recent announcement saw a new mobile security solution introduced to the market, called IBM Hosted Mobile Device Security Management. This new service has the potential to attract interest from enterprise customers as IBM assures provisioning of managed services such as policy management and user compliance monitoring outside of the mobile security features offered by this product. Through collaboration with Juniper Networks, IBM’s service (based on Juniper’s Junos Pulse Security Suite) will cover leading mobile platforms such as Android, iOS, and BlackBerry OS (legacy OSes such as Windows Mobile and Symbian are also covered). Juniper developed a custom API and OEM Toolkit that enables partners such as IBM to customize, integrate and co-brand their mobile security solution into their offerings. The Junos Pulse Security Suite can run as an add-on to select Juniper gateways and SSL VPN appliances, or as a standalone mobile security suite. The software also features the ability to provision OTA policy management to mobile devices with robust device management capabilities, including: anti-virus protection, firewall, backup services, application monitoring, and remote tracking and device wiping. IBM hasn’t revealed how it will price its new service, but Juniper’s pricing for the Junos Security Suite is subscription-based and dependent on the number of devices covered. 

The need to incorporate a mobile strategy into broader corporate strategies will only increase in importance as mobile technologies continue to evolve and become further integrated into business workflows. Recognition of the importance of safeguarding intellectual property and business information from theft and misuse is an increasingly critical management issue and risk mitigation challenge, as the rate at which data is moving to mobile platforms – by expanding application scenarios – exacerbates risks currently facing organizations. 

Historically, IBM has been very effective in using its global services organization as a channel for IT solutions.  Because this hosted service supports a wide array of form factors and mobile platforms, we believe IBM’s Hosted Mobile Device Security Management platform will see success within IBM’s existing customer base with large mobile deployments, as it will complement these environments. While best-of-breed MDM and mobile security ISVs have robust solutions, they will ultimately be forced to compete against offerings such as IBM’s on their ability to deploy solutions more quickly and offer better technical support to their customers. As we’ve written about in the past, a multi-channel strategy is critical for mobility-oriented ISVs moving forward, as competition is becoming more intense – while direct sales continue to be effective, leveraging the channel is critical to both ensure and enhance value to the customer. 

I was recently invited by the International Quality & Productivity Center (IQPC) to participate on a panel at their inaugural Enterprise Mobility Exchange in the US. Although there were some clear gaps the vendor community attending the show, the caliber of end-users was unparalleled. From Proctor & Gamble, GE Healthcare and Whirlpool to Coca Cola Bottling, Pepsico and Penske Logistics many household names and brands were represented.

This led to some of the more interesting and thought provoking exchanges regarding the future of enterprise mobility that I have recently been involved in. Many of the themes and discussion points mirrored the topics of the day including “Bring Your Own Device” BYOD and its impact and value, the role of the iPad and other tablets (although quite frankly it was really just about the iPad) in existing and new workflows to the use of games such as Angry Birds as mobile device interface training tools. Some of the more interesting points made during the sessions and personal conversations included:

• The BYOD development is ushering an entirely new self-service approach to IT support for these devices. The individual is becoming responsible for all service and support for these devices – largely through consumer channels. With these blurring lines of responsibility, IT organizations are struggling with how to deal with issues such as enterprise applications running on these devices. Moreover, the expectation is that end-users will ultimately defer to IT organizations when issues arise.
• The intricate policies organizations are enforcing when it comes to rolling our BYOD strategies is driving many employees to opt for enterprise issued devices (when given the option).
• Anecdotally BlackBerry is becoming a distant third to iOS and Android when organizations offer mobile platform options to their employees. Although their share of the installed base of enterprise-deployed smartphones remains strong, when enterprises offer a platform choice to their employees or when they support employee owned devices (BYOD) their position is severely diminished.
• Developing global mobile strategies and policies is virtually impossible given the variances in legal policies and carrier/wireless service provider position. 
• Rugged mobile computing investments are coming under increased scrutiny as organizations reevaluate their utility in today's mobile workflows.

We will be publishing a more detailed show report shortly that will dive deeper into the issue of the value of rugged mobile in today's capital constrained organizations. 

The increasing capabilities delivered by mobile solutions are causing health care organizations to evaluate the role of mobility in their organization and their interactions with medical professionals and patients. Organizations are not only aligning their mobile initiatives with their overall strategies but they are also evaluating whether they have the necessary resources to develop mobile health care solutions internally or whether they need to look for outside help. As the adoption of mobile health care solutions accelerates, some of the primary questions health care organizations must answer include who they would like to target with their mobile applications (i.e. health care professionals or the patients), what kind of capabilities they would like their solutions to have, and what types of problems they envision solving.

Based on our end-user questionnaire that we fielded in Q2 2011, the primary business initiatives that impact mobile computing solution investments include improvements in process efficiencies and customer service and satisfaction. Given the busy work schedules of physicians, clinicians and nurses, they not only would like to access the necessary information/ records anytime anywhere but they would also like to be able to have portable mobile devices that allow data input at the bedside. For the past couple of years CIOs and IT departments at health care organizations have been struggling with health care professionals bringing their preferred devices to work and asking for support. Demand for robust mobile security solutions continues to rise, and the numerous regulatory issues that impact the health care industry make ensuring the safety of patient records critical. While the BYOD trend has been picking up fast in other industries, more and more health care organizations are implementing mobile policies to gain visibility and control over costs, compliance, and the operational impact of their mobile assets.

Likewise, organizations see an opportunity in adopting next generation mobile solutions as they believe that they will offer them a competitive advantage in attracting the best physicians and nurses. Thus, the availability of patient-facing mobile applications is helping organizations to improve their customer service capabilities, as patients are eager to use tools that will allow them to enter and track their key health information and have their health care provider alerted should conditions that require immediate attention arise. Additionally, many health care organizations (such as Mayo Clinic and Beth Israel Deaconess Medical Center) are extending their existing web sites and/or newsletter to enhance communications among their patient community. The capabilities of mobile applications have grown from tracking closest ER locations and wait times into allowing remote access to patient care, recording vital health care information and providing access to reference information all of which are speeding care delivery to patients. We see evidence that solution providers such as WebMD, Allscripts, Epic Systems and Epocrates are gaining traction with their mobile solutions both among patients and medical professionals.

Health care organizations are hoping to reach more patients and consumers while building awareness for conditions that could affect their health with mobility solutions. By investing in mobility solutions to improve customer service and satisfaction, health care organizations are hoping to engender loyalty, increase efficiencies and realize bottom line improvements. VDC believes that the increase in patient-health care professional communication and collaboration among health care providers can help in reaching these goals since demand for timely and high quality health care is on the rise.

More information on the developments in mobile health care solutions can be found in our EMOB 2011 Health Care Vertical Market Report that will be published next week.

Organizations are getting used to the idea of individual-liable mobile devices in the workplace. As the advancements in technology made mobile devices (i.e. especially smartphones) a lot affordable for everyone, IT departments had to deal with the issue of protecting corporate information on the personal devices that happen to be outside their "control". Along with time, organizations and internal IT departments are becoming more welcoming towards these mainly consumer-grade devices, however, our data indicates that they are now putting mobile device policies in place to ensure the protection of sensitive information.

Based on our end-user survey that we fielded in Q2 2011, the majority of the organizations we surveyed stated that they have a mobile device policy specifically centered on smartphones in the workplace. In terms of industries, health care organizations came in with the highest % that have a mobile device policy (yes, even higher than government organizations) while field mobility organizations came in lowest. VDC believes that this number will only increase going forward as more organizations realize the possibility of sensitive information falling into wrong hands with a lost or stolen device, potential malware attacks directed to mobile devices, employees moving on to other jobs with your company's information on their mobile devices and not being able to control the use of unauthorized software on the personally-owned devices.

As for anticipated changes to the policy, we see organizations are getting stricter in terms of the mobile platforms and brands. While many organizations are accustomed to securing devices running on BlackBerry OS for the past couple of years, they are now being forced to provide support for multiple ecosystems (i.e. Android, iOS, Windows Phone 7). In addition to getting more specific in the list of eligible devices being provided to employees, organizations are moving towards the BYOD trend and away from the more traditional corporate-liable trend. Primary drivers to the BYOD model include achieving higher efficiencies and lower costs with partial reimbursement. Even though corporations were able to negotiate better rates with company-liable deployments, the number of employees that had mobile devices was a lot fewer since the devices were being assigned based on role in the organization.

The improvements made in mobile device and security management solutions enable more and more organizations to join the BYOD bandwagon. With the availability of these solutions, organizations are not solely relying on the common sense of their employees but can put encryption and technology enforcement into place which can include anything from written policies to remove wipe and lock. Thus, VDC believes that providing more education to the employees to raise awareness on device-specific security would be key to success to moving forward.

Also worth noting, is a topic we've written about recently on this blog is the dual persona solutions like Enterproid's Divide or BlackBerry's Balance that have emerged and may prove to be a very effective way of sandboxing work and personal mobile device profiles.

Last month, AT&T announced Toggle – an application designed to transform the enterprise mobility market by fulfilling the needs of both enterprises and end-users of smartphone devices.  As we discussed in last week’s blog, entitled “Dual Persona Market Heating Up,” AT&T’s Toggle application was developed as part of a cooperative effort by AT&T and the startup Enterproid.  We also expounded upon the appeal Toggle may represent for smartphone users, as the application essentially enables users to construct separate work and personal environments on their mobile device (to reiterate, currently Android is the only mobile platform supported).  In this post, we will expand on the origin of this mobile app, and on AT&T’s strategic goals in the enterprise mobility market – we’ll also detail our view on the channel and share our thoughts on AT&T’s positioning for solutions such as Toggle.

Toggle’s growth into a potentially revolutionary mobile technology may, in fact, be indebted to the spirit of collaboration and ideation that has recently emerged at AT&T.  Indeed, Enterproid executives were both impressed and surprised with AT&T’s ability to collaborate and move as quickly as they did with bringing Toggle to market. What began as an idea posted in AT&T’s internal crowd-sourcing forum (The Innovation Pipeline), eventually grew to earn the support of an AT&T Foundry.  AT&T developed its foundry innovation centers with the objective of uniting entrepreneurs, developers and business leaders in cooperative efforts to transform inventive concepts into practical market solutions.  Toggle was developed with the support of AT&T and Enterproid, a tech startup whose Divide platform comprises the technological foundation of the Toggle application.

Considering enterprise requirements for highly secure mobile platforms, and the continuing BYOD trend at large corporations, we believe that there is a real commercial opportunity for solutions such as Toggle to gain traction in the mobile space.  Moving forward, as mobile devices continue to enter the workplace, enterprise oriented application adoption will begin to ramp quickly, and robust security for mobile platforms will become requisite. Dual persona solutions like Toggle can potentially give companies the opportunity to take advantage of the BYOD trend by securing the “work persona” on employee owned mobile devices while preserving the user experience that employees are accustomed to by using their device(s) of choice – additionally, employers can avoid incurring the costs associated with provisioning devices to their mobile workforce (we’ll save the issues we foresee associated with billing for a future blog post). A variety of dual persona solutions have emerged, and accompany a large number of security-focused mobile specialists – all of whom have different ideas on securing mobile platforms. 

The Channel is Key – Amongst Mobile Operators, AT&T is Well Positioned

As the mobile ecosystem becomes increasingly crowded, mobile operators with adeptness at channel partnerships will be well positioned to be the point of entry for a variety of enterprise mobility solutions. AT&T’s channel portfolio is strong, with key MEAP, MDM, and TEM vendors in place – the company has been very aggressive with its mobility strategy since forming its Advanced Mobility Solutions organization last year, with a steady flow of new partnerships and product offerings. AT&T’s managed services and mobile development competencies, as well as its professional services capabilities (via the InCompass acquisition in Q4 2010) and cloud ambitions position the company to be very competitive as an end-to-end enterprise mobility solution provider. AT&T rivals aren’t standing still, and also see mobility solutions positioned for the enterprise (and SMB) as a significant opportunity. Verizon recently enhanced its mobility strategy with the launch of an enterprise app store and a mobile unified communications platform, and also sees an opportunity ahead in the cloud. Earlier this summer, Verizon expanded its relationship with SAP to co-market/cross-sell SAP applications (a relationship that brings the ability to offer cloud-based mobile applications).  The company has also established white-label partner arrangements for several of its managed mobility offerings (for example, Verizon has partnered with Sybase for its mobile application management service). Mobile operators are without question emerging as a critical channel for enterprise mobility services – while mobile oriented ISVs in the MEAP and MDM space are having success with their direct sales activities, we see them becoming increasingly reliant on the channel moving forward. Mobile operators Deutsche Telekom, Orange Business Services, and Telefonica have all moved in a similar direction to AT&T and Verizon (for example all three have relations with Sybase for MDM solutions).