Enterprise Mobility Strategies

To Indian enterprises mobility is still largely defined as notebooks and WiFi, while to the western world enterprise it comes in two flavors-the road warrior and the roaming user

Friday, April 14, 2006

There is definitely a deep digital divide when it comes to mobility. To Indian enterprises mobility is still largely defined as notebooks and WiFi, while to the western world enterprise it comes in two flavors-the road warrior and the roaming user. For road warriors, the entry point into enterprise mobility is e-mail on the Blackberry. As the Forrester report on “Mobility enterprise: defining your strategy” states, “the core application for road warriors is always-on push e-mail.” While for the roaming user, notebook is the key device. To quote from the same report, “armed with a laptop, they need to be able to boot up and securely connect from locations as diverse as hotel rooms, airports, coffee shops, and clients' offices”.

Research Methodology Many IT practitioners have shared their experiences and expertise for this story. Wherever possible, we have acknowledged their contribution. But in some instances, they have remained unnamed for reasons of confidentiality. While researching this story, we spoke to users and CIOs across 14 large enterprises in the country to figure out the current state of enterprise mobility, and to understand their strategies for the year ahead. We had further in-depth discussions with a smaller subset. There are some very clear strategic trends that emerge from the interactions. These have been referred to in the appropriate context. The interpretations of what they told us are ours and they are in no way responsible for the same.

As a cursory survey at any Indian airport will show, we're at the roaming user stage and are still to explore the larger contours of enterprise mobility. But before that, this is not a typical PCQuest story, which looks at the technology–product–solution trio. This story looks at the strategic landscape of mobility; the current status and the road ahead in the short to medium term. Specific products mentioned in this story may not have been reviewed at Cybermedia Labs and are used more as illustration of a concept than as a recommendation.

Defining mobility
While the stage of mobility that each one of them are currently in may be different, all people we spoke to had a very clear idea what enterprise mobility meant and what all it could include. “Technology which does not tie you to one place and provides you the scope to move about without compromising on service”, is how the head of engineering of a major Government enterprise defined mobility. This was not way too different from the CIO of a multinational whose take on mobility was,  “Accessing data / information seamlessly and securely whenever or wherever using any media..”

For the sake of consistency, in this story, when we refer to mobility, we are talking of accessing enterprise data and applications when on the move, using devices that do not require to be wired. These devices include primarily the notebook, connected over WiFi  to the LAN or WAN (and the Internet), and various cellphones and PDAs also. In addition to this, we are also referring to the back-end infrastructure that is required to make this mobility happen.When we talk of application access, we are talking of access primarily by non-PC devices, like the PDA or the cellphone.

Mobility status report
Like we mentioned earlier, the Indian enterprise is still in the state of being the roaming user. Even there, notebook penetration levels are low, with half of the organizations that we spoke to having deployment levels under 10%. Similarly, in the case of WiFi, almost 75% of the organizations have plans to improve deployment levels. But mobility for the enterprise is not just about deploying notebooks and WiFi. There is a lot more to be done.

tages in mobility 
We define six stages (as shown in the schematic on the page to follow) in moving an enterprise from a completely wired stage to complete wire-free access. The strategic objective for the enterprise is not to aim for level six, but to first define which of the six stages they want to be in and to define a time period and the path by which they are going to achieve that stage. In fact, stage six may be utopian for most enterprises and like '100% customer satisfaction' could at best be a pole star that you keep in mind when formulating the mobility strategy. Which of the six stages you want to be in will obviously be dictated to by the business imperatives and by how much of a competitive advantage you can create by mobile-enabling which all segments of your work force. As the IT head of a leading cellular service provider told us, “The drivers for mobility (in our organization) have been the corporate sales and  service teams, who wanted connectivity as an enabler to resolve customer queries and issues across the desk, wherever that desk may be. This has enormously improved our customers trust and loyalty and on our service focus.”

The first step in the quest for enterprise mobility is obviously the notebooks. For one to even think of mobility happening, notebook deployment levels in organizations need to go up significantly. Obviously there are exclusions, like in manufacturing organizations, where employees on the shop floor will not need notebooks. But here again, other types of mobile wireless devices including PDAs can be used to log production data to production-management systems.

Once notebooks come in, it is but natural that you reach stage two, where Wi-Fi access to the LAN and subsequently to the Enterprise WAN gets deployed. While one would expect most enterprises to be atleast at this stage, many, particularly the smaller ones still have to take the plunge. This stage can be divided into two sub-stages, with Internet and e-mail being the first and WAN access to deployed enterprise applications coming subsequently. The next stage is e-mail access on mobile devices like PDAs and cellphones. The western standard for this seems to be push based e-mail services like the Blackberry. But over here, adhock solutions driven by user choice rather than by organization wide design seems to be the norm.

The limitation seems to be the high cost of devices and services that can deliver enterprise e-mail to the road warrior. But high costs need not be a limiting factor for enterprises looking to enable their employees to get their corporate e-mail on to a mobile device. The next stage in the road to mobility is enabling application access from mobile wireless devices. The classical example of this is the access and ability to update sales data from a smartphone. Most enterprise applications now ship optional mobility modules. There are also third-party solutions that can be integrated with most applications, whether off the shelf or custom built. We will discuss one of these later on in this story.

That brings us to stage five, of having your website mobile enabled. Gone are the days when you had to create a separate WAP version of your site to enable browsing on a mobile device. Having your website displayed on a mobile device is a no-brainer now. With the Opera Mini browser installed, any Web page can now be rendered on a cellphone. You would, of course, want to ensure that the rendering is useable and easily navigable. A bigger challenge is to enable your website to accept inputs from a mobile device, much like moblogs (blogs updated from a cellphone) or how livejournal.com accepts and displays photographs sent as MMS messages. Once you achieve this level, full enterprise mobility, where the complete set of enterprise apps (on your enterprise portal) and data is accessible over mobile devices. For most enterprises, achieving stage four (applications on mobile devices) should be the aim in the medium to long term, with stage three (email on mobile devices) being the short term goal.

Mobile e-mail
Like we said earlier, the high costs of a suitable smartphone or a Blackberry device is a key inhibitor in making enterprise e-mail truly mobile. One of the alternatives available is from net4nuts (net4nuts.com), an Ahmedabad based company. Their mobile e-mail service works with most GPRS/WAP enabled handsets and supports standard attachments like MS Word and MS Excel files, Zip files, PDF files, GIF, JPG and so on. This service is oriented towards enterprises rather than individual users and comes with administrative features that let administrators add and delete users and so on. At about Rs. 150 per month, this seems an affordable way to keep the road warriors in organization in touch with their e-mail, wherever they are.

Applications over cellphone
Applications over cellphone is the bigger challenge compared to e-mail over cellphone, and that is why, in our roadmap, we have placed it a step above e-mail over cellphone. Typically application access on mobile devices is enabled by using middleware, if the application itself is not built ground up for mobile interfaces. One such middleware is Fred from Acceltree software (acceltree.com) of Pune. Acceltree claims that its mobile framework enables customization and deployment in about six to ten weeks and that applications can be accessed from any Java enabled cellphone with GPRS or CDMA. The framework itself runs on an application server like Tomcat or iPlanet on Linux, Solaris or Windows Server.

Deployment gives satisfaction We asked our respondents to rate their satisfaction levels with WiFi and we had responses covering the whole spectrum, all the way from least satisfied to most satisfied. But when we segregated the responses based on whether the organization had implemented WiFi or not, we came across a very clear pattern. With hindsight, it is not a surprising pattern at all.  As can be seen from the graph, those who had deployed WiFi, very clearly displayed higher satisfaction levels than those who worked in organizations that had not. Obviously, there are a number of concerns about WiFi (with security being the most serious of these as discussed elsewhere) in the minds of users as well as CIOs, which get dispelled only when implementations happen in their organizations. It would not be out of place to guess that the comfort factor with the other stages of mobility will also reflect a similar pattern. You need to implement it first!

Securing the mobile enterprise
Almost everyone we spoke to had security as their prime concern when implementing mobility. Today, Wi-Fi networks use several different techniques for security. The first and most notorious of all is called WEP (Wired Equivalent Privacy). It's notorious because it can be cracked more easily than all other

Notebooks Notebooks and WiFi are still the key mobility enablers for Indian enterprises. While deployment levels continue to be low, the encouraging part is that the coming year could see the landscape altering significantly.In most of the organizations that we spoke to, notebooks are issued on a need basis, while a few issue notebooks on the basis of a recommendation.

Security techniques.
For an enterprise wireless setup, using this for wireless security is not at all recommended, unless of course, you've setup a separate wireless network for casual browsing. Many organizations do this to allow their employees and guests free access to the Internet. This is completely separate from the main network, so there are no chances of any kind of hacking. WEP could be used as a security option for this.

Next is MAC address based filtering, which allows you to restrict access to your wireless network by MAC addresses. In this, you'll have to enter into each access point, the MAC address of every user connecting the wireless network. This can be quite a job for a large enterprise and is, therefore, not recommended. Moreover, MAC addresses can also be spoofed by a determined hacker, so it's not a very secure technique.

Currently, the most secure technique being used in enterprise environments is WPA (WiFi Protected Access) or WPA2. There are two variants available in these, called WPA-Personal and WPA-Enterprise.  The former allows you to set up a password on the access point itself, while the latter uses a server for user authentication and verification, and uses the IEEE 802.1x/EAP standard for the job. The techniques encrypt the communication between wireless clients and the access points using TKIP in WPA and AES encryption algorithm in WPA2.

Besides using technology, there are other practical considerations to wireless security. One, of course, is the placement of the wireless access point and the positioning of its antenna. If you keep it close to the outer wall of your building, and don't even bother to change the antenna settings, then obviously the wireless signal would travel out. Likewise, if you're connecting two buildings using wireless, then you have to ensure that the antennae are not configured to be omni-directional. Airtight Networks (airtightnetworks.net), another Pune-based company offers a suite of products under the SpectraGuard brand that help you plan and implement a secure wireless network. The AirTight Spectraguard Enterprise claims to provide intrusion prevention for wireless networks and also identify, isolate and locate rogue clients and transmitters on the wireless network.

When you move beyond WiFi into the domain of enterprise applications, the issue of security becomes even more complex. With email, basic security measures and quality of service are more often than not enough. But once you graduate to providing application access, not only these two, but also the security of the data on the mobile device and, of the device itself becomes critical issue that you need to address.

Only one organization, out of the fourteen we talked to had fully mobile enabled enterprise applications, while five of them had partial enablement. Over half had not yet reached this stage.

Quality of service
Quality of service or reliability came as the second most repeated concern about WiFi after security. And like with security, our guess is that this one also spans the entire gamut of mobility and is not limited to WiFi. Let us take QoS over WiFi as an example. The strategic landscapes are roughly similar. A good wireless deployment strategy must cover the following aspects: what applications are you primarily going to run on your wireless network; how much bandwidth would be required for each mobile user; how many users this network will have at a given time; and finally which areas you want to be covered by wireless.

Start with bandwidth and coverage. The real challenge in deploying WiFi is to strike the right balance between coverage and the bandwidth available. WiFi is still a shared networking technology, which means that all users share the same bandwidth per access point. So first you need to have a fix on the number of users who will connect to the WiFi network and their location. Next determine how these users will use the WiFi network. If they'll use it for running bandwidth intensive applications, then the number of users per access point should be lower. So you'll need to provision for a higher access points density in a given area. Some bandwidth intensive applications include transferring large files, or streaming rich media over the network. Less bandwidth intensive applications include simple Web access, e-mail, etc.

As you move farther away from a access point, signal strength reduces, which translates to lower throughput. A typical access point can provide coverage within a radius of 150 ft or even 300 ft with a higher gain antenna. What's important to remember here is the access point's placement. There are tools available for planning access point location, like wireless valley (recently taken over by Motorola's suite of tools or Airtight's SpectraGuard Planner that come to your aid in planning Wi-Fi  networks. When it comes to making applications over mobile devices, you would also need to take into consideration the roaming facilities and reach of your mobile network provider among other things.

Voice mobility
While not strictly an IT infrastructure related issue, With voice moving over to VOIP, it is worth discussing voice mobility here. Voice mobility is about getting a call made to your office switched to your phone, wherever you are, inside or outside of office. Solutions for doing this exist, with the hurdle being more legal in nature. But the way technology is forcing the big elephants of telcom and telcom policy formulation to dance, do not be surprised if voice mobility becomes a reality in the next one to two year time frame. Meanwhile if you want to look up the technologies for doing this, Ascendent Systems (ascendentsystems.com), which was recently taken over by Research in Motion, which owns the blackberry service is a good place to start your research.  

View Point

Rajesh S Kurup, Research Director, eTechnology Group, IMRB discusses the issues and concerns in mobile enabling a widely dispersed field force. You deploy a large field force to collect data. What are your key concerns in deployment of mobile devices and applications for field data collection? A.The most prevalent form of data collection continues to be in person interviews using paper pencil. Mobile devices have not found a wider acceptance on account of the following reasons: Familiarity of usage by interviewers Research issues: most tools and techniques of research has evolved for paper and pencil form of administration of questionnaire. So, amenability of data collection using this form factor for the specific research intricacies is an issue. Cost of deploying the survey using mobile devices. This includes hardware cost, content/questionnaire development (including adaptation of paper and pencil techniques to mobile devices, exposure of stimulus/show cards, translation into local language etc.), management of the device (eg. Theft, Insurance), etc. Often this form of data collection is quit cost prohibitive. What is the extent of mobile apps deployment with the field force. What devices are used? Who does the software development? Today this is not much compared to traditional data collection methods. For a few customized projects these have been used. The software is usually in-house. Could you briefly describe what the app does and how the deployment of questionnaires and collation of data is managed? In case the data collected is technical in nature and there is availability of software for extracting the data then it is possible to use such devices. Eg, collecting GIS data, data on viewership of TV from the television, etc. Such application of mobile devices doesn't require a questionnaire. However, these require software/appropriately customized hardware and connectivity or a solution to transfer the data back to the main data pool. Other areas where one can use mobile devices such as PDA etc are projects that have technologically evolved respondents as the target group or respondents that are familiar or can be familiarized with the usage of the device. These could be studies like product testing, usually required for usability studies for tech products. How do you manage/plan to manage data security and device loss or theft? For data security, the software becomes critical. However hardware theft or loss is not 100% preventable. If the data captured is encrypted well, hardware theft can actually have only a limited damage, towards the cost of the hardware and no further. What benefits did you derive out of deploying mobile apps with your field force? Currently mastering this form of data collection can help opening up newer areas for market research to cater to. For example, undertaking GIS data collection, obtaining health statistics from individual patients for well budgeted health management projects or other health/ patient surveys, etc. (Basically data that cannot be best collected using face-to-face and paper pencil method or phone interviews.) However, on account of cost, familiarity of usage of such devices and its adaptation for MR, it would take quite some time before with one can see large scale deployment of mobile devices for data collection. What were the key problems/constraints you faced? How were they resolved? A.Getting appropriate talents to use the device for data collection; translation of the user interface into local language; amenability of the device based approach for obtaining data that is more accurate than traditional methods; and cost effectiveness. These will continue to be challenges. A good comprehension of these challenges can help us restrict the usage to select purpose and type of researches and plan for the challenges adequately. A key learning that you would like to share with others looking at deploying mobile filed applications? A.Consider using mobile devices for collecting data that is other wise not possible to collect using traditional methods. Thus, examine the merits and de-merits closely with respect to accuracy of the data. Always ask, "will the quality of response suffer on account of displaying the device to the respondent?"...will the lower income household get awed by the device and, thus, will it result in biased responses? Will this method give me superior data quality in a more timely manner than traditional method. What additional value will it create for my client? Be aware that some of the device is likely to be stolen. Have a plan to prevent this.

Anil Chopra and Krishna Kumar

Page(s)   1