Enterprise Mobility Strategies

There is definitely a deep digital divide when it comes to

mobility. To Indian enterprises mobility is still largely defined as notebooks

and WiFi, while to the western world enterprise it comes in two flavors-the

road warrior and the roaming user. For road warriors, the entry point into

enterprise mobility is e-mail on the Blackberry. As the Forrester report on

“Mobility enterprise: defining your strategy” states, “the core

application for road warriors is always-on push e-mail.” While for the roaming

user, notebook is the key device. To quote from the same report, “armed with a

laptop, they need to be able to boot up and securely connect from locations as

diverse as hotel rooms, airports, coffee shops, and clients' offices”.

Research Methodology Many IT practitioners have shared their experiences and expertise for this story. Wherever possible, we have acknowledged their contribution. But in some instances, they have remained unnamed for reasons of confidentiality. While researching this story, we spoke to users and CIOs across 14 large enterprises in the country to figure out the current state of enterprise mobility, and to understand their strategies for the year ahead. We had further in-depth discussions with a smaller subset. There are some very clear strategic trends that emerge from the interactions. These have been referred to in the appropriate context. The interpretations of what they told us are ours and they are in no way responsible for the same.

As a

cursory survey at any Indian airport will show, we're at the roaming user

stage and are still to explore the larger contours of enterprise mobility. But

before that, this is not a typical PCQuest story, which looks at the

technology—product—solution trio. This story looks at the strategic

landscape of mobility; the current status and the road ahead in the short to

medium term. Specific products mentioned in this story may not have been

reviewed at Cybermedia Labs and are used more as illustration of a concept than

as a recommendation.

Defining mobility



While the stage of mobility that each one of them are currently in may be

different, all people we spoke to had a very clear idea what enterprise mobility

meant and what all it could include. “Technology which does not tie you to one

place and provides you the scope to move about without compromising on

service”, is how the head of engineering of a major Government enterprise

defined mobility. This was not way too different from the CIO of a multinational

whose take on mobility was,  “Accessing data / information seamlessly and

securely whenever or wherever using any media..”

For the sake of consistency, in this story, when we refer

to mobility, we are talking of accessing enterprise data and applications when

on the move, using devices that do not require to be wired. These devices

include primarily the notebook, connected over WiFi  to the LAN or WAN (and

the Internet), and various cellphones and PDAs also. In addition to this, we are

also referring to the back-end infrastructure that is required to make this

mobility happen.When we talk of application access, we are talking of access

primarily by non-PC devices, like the PDA or the cellphone.

Mobility status report



Like we mentioned earlier, the Indian enterprise is still in the state of

being the roaming user. Even there, notebook penetration levels are low, with

half of the organizations that we spoke to having deployment levels under 10%.

Similarly, in the case of WiFi, almost 75% of the organizations have plans to

improve deployment levels. But mobility for the enterprise is not just about

deploying notebooks and WiFi. There is a lot more to be done.

tages in mobility 



We define six stages (as shown in the schematic on the page to follow) in

moving an enterprise from a completely wired stage to complete wire-free access. The

strategic objective for the enterprise is not to aim for level six, but to first

define which of the six stages they want to be in and to define a time period

and the path by which they are going to achieve that stage. In fact, stage six

may be utopian for most enterprises and like '100% customer satisfaction'

could at best be a pole star that you keep in mind when formulating the mobility

strategy. Which of the six stages you want to be in will obviously be dictated

to by the business imperatives and by how much of a competitive advantage you

can create by mobile-enabling which all segments of your work force. As the IT

head of a leading cellular service provider told us, “The drivers for mobility

(in our organization) have been the corporate sales and  service teams, who

wanted connectivity as an enabler to resolve customer queries and issues across

the desk, wherever that desk may be. This has enormously improved our customers

trust and loyalty and on our service focus.”

The first step in the quest for enterprise mobility is

obviously the notebooks. For one to even think of mobility happening, notebook

deployment levels in organizations need to go up significantly. Obviously there

are exclusions, like in manufacturing organizations, where employees on the shop

floor will not need notebooks. But here again, other types of mobile wireless

devices including PDAs can be used to log production data to

production-management systems.

Once notebooks come in, it is but natural that you reach

stage two, where Wi-Fi access to the LAN and subsequently to the Enterprise WAN

gets deployed. While one would expect most enterprises to be atleast at this

stage, many, particularly the smaller ones still have to take the plunge. This

stage can be divided into two sub-stages, with Internet and e-mail being the

first and WAN access to deployed enterprise applications coming subsequently.

The next stage is e-mail access on mobile devices like PDAs and cellphones. The

western standard for this seems to be push based e-mail services like the

Blackberry. But over here, adhock solutions driven by user choice rather than by

organization wide design seems to be the norm.

The limitation seems to be the high cost of devices and

services that can deliver enterprise e-mail to the road warrior. But high costs

need not be a limiting factor for enterprises looking to enable their employees

to get their corporate e-mail on to a mobile device. The next stage in the road

to mobility is enabling application access from mobile wireless devices. The

classical example of this is the access and ability to update sales data from a

smartphone. Most enterprise applications now ship optional mobility modules.

There are also third-party solutions that can be integrated with most

applications, whether off the shelf or custom built. We will discuss one of

these later on in this story.

That brings us to stage five, of having your website mobile

enabled. Gone are the days when you had to create a separate WAP version of your

site to enable browsing on a mobile device. Having your website displayed on a

mobile device is a no-brainer now. With the Opera Mini browser installed, any

Web page can now be rendered on a cellphone. You would, of course, want to

ensure that the rendering is useable and easily navigable. A bigger challenge is

to enable your website to accept inputs from a mobile device, much like moblogs

(blogs updated from a cellphone) or how livejournal.com accepts and displays

photographs sent as MMS messages. Once you achieve this level, full enterprise

mobility, where the complete set of enterprise apps (on your enterprise portal)

and data is accessible over mobile devices. For most enterprises, achieving

stage four (applications on mobile devices) should be the aim in the medium to

long term, with stage three (email on mobile devices) being the short term goal.

Mobile e-mail



Like we said earlier, the high costs of a suitable smartphone or a Blackberry
device is a key inhibitor in making enterprise e-mail truly mobile. One of the

alternatives available is from net4nuts (net4nuts.com), an Ahmedabad based

company. Their mobile e-mail service works with most GPRS/WAP enabled handsets

and supports standard attachments like MS Word and MS Excel files, Zip files,

PDF files, GIF, JPG and so on. This service is oriented towards enterprises

rather than individual users and comes with administrative features that let

administrators add and delete users and so on. At about Rs. 150 per month, this

seems an affordable way to keep the road warriors in organization in touch with

their e-mail, wherever they are.

Applications over cellphone



Applications over cellphone is the bigger challenge compared to e-mail over
cellphone, and that is why, in our roadmap, we have placed it a step above

e-mail over cellphone. Typically application access on mobile devices is enabled

by using middleware, if the application itself is not built ground up for mobile

interfaces. One such middleware is Fred from Acceltree software (acceltree.com)

of Pune. Acceltree claims that its mobile framework enables customization and

deployment in about six to ten weeks and that applications can be accessed from

any Java enabled cellphone with GPRS or CDMA. The framework itself runs on an

application server like Tomcat or iPlanet on Linux, Solaris or Windows Server.

Deployment gives satisfaction We asked our respondents to rate their satisfaction levels with WiFi and we had responses covering the whole spectrum, all the way from least satisfied to most satisfied. But when we segregated the responses based on whether the organization had implemented WiFi or not, we came across a very clear pattern. With hindsight, it is not a surprising pattern at all.  As can be seen from the graph, those who had deployed WiFi, very clearly displayed higher satisfaction levels than those who worked in organizations that had not. Obviously, there are a number of concerns about WiFi (with security being the most serious of these as discussed elsewhere) in the minds of users as well as CIOs, which get dispelled only when implementations happen in their organizations. It would not be out of place to guess that the comfort factor with the other stages of mobility will also reflect a similar pattern. You need to implement it first!

Securing the mobile enterprise



Almost everyone we spoke to had security as their prime concern when
implementing mobility. Today, Wi-Fi networks use several different techniques

for security. The first and most notorious of all is called WEP (Wired

Equivalent Privacy). It's notorious because it can be cracked more easily than

all other

Notebooks Notebooks and WiFi are still the key mobility enablers for Indian enterprises. While deployment levels continue to be low, the encouraging part is that the coming year could see the landscape altering significantly.In most of the organizations that we spoke to, notebooks are issued on a need basis, while a few issue notebooks on the basis of a recommendation.

Security techniques.



For an enterprise wireless setup, using this for wireless security is not at all
recommended, unless of course, you've setup a separate wireless network for

casual browsing. Many organizations do this to allow their employees and guests

free access to the Internet. This is completely separate from the main network,

so there are no chances of any kind of hacking. WEP could be used as a security

option for this.

Next is MAC address based filtering, which allows you to

restrict access to your wireless network by MAC addresses. In this, you'll

have to enter into each access point, the MAC address of every user connecting

the wireless network. This can be quite a job for a large enterprise and is,

therefore, not recommended. Moreover, MAC addresses can also be spoofed by a

determined hacker, so it's not a very secure technique.

Currently, the most secure technique being used in

enterprise environments is WPA (WiFi Protected Access) or WPA2. There are two

variants available in these, called WPA-Personal and WPA-Enterprise.  The

former allows you to set up a password on the access point itself, while the

latter uses a server for user authentication and verification, and uses the IEEE

802.1x/EAP standard for the job. The techniques encrypt the communication

between wireless clients and the access points using TKIP in WPA and AES

encryption algorithm in WPA2.

Besides using technology, there are other practical

considerations to wireless security. One, of course, is the placement of the

wireless access point and the positioning of its antenna. If you keep it close

to the outer wall of your building, and don't even bother to change the

antenna settings, then obviously the wireless signal would travel out. Likewise,

if you're connecting two buildings using wireless, then you have to ensure

that the antennae are not configured to be omni-directional. Airtight Networks (airtightnetworks.net),

another Pune-based company offers a suite of products under the SpectraGuard

brand that help you plan and implement a secure wireless network. The AirTight

Spectraguard Enterprise claims to provide intrusion prevention for wireless

networks and also identify, isolate and locate rogue clients and transmitters on

the wireless network.

When you move beyond WiFi into the domain of enterprise applications, the issue of security becomes even more complex.

With email, basic security measures and quality of service are more often than

not enough. But once you graduate to providing application access, not only

these two, but also the security of the data on the mobile device and, of the

device itself becomes critical issue that you need to address.

Only one organization, out of the fourteen we talked to had fully mobile enabled enterprise applications, while five of them had partial enablement. Over half had not yet reached this stage.

Quality of service



Quality of service or reliability came as the second most repeated concern about
WiFi after security. And like with security, our guess is that this one also

spans the entire gamut of mobility and is not limited to WiFi. Let us take QoS

over WiFi as an example. The strategic landscapes are roughly similar. A good

wireless deployment strategy must cover the following aspects: what applications

are you primarily going to run on your wireless network; how much bandwidth

would be required for each mobile user; how many users this network will have at

a given time; and finally which areas you want to be covered by wireless.

Start with bandwidth and coverage. The real challenge in

deploying WiFi is to strike the right balance between coverage and the bandwidth

available. WiFi is still a shared networking technology, which means that all

users share the same bandwidth per access point. So first you need to have a fix

on the number of users who will connect to the WiFi network and their location.

Next determine how these users will use the WiFi network. If they'll use it

for running bandwidth intensive applications, then the number of users per

access point should be lower. So you'll need to provision for a higher access

points density in a given area. Some bandwidth intensive applications include

transferring large files, or streaming rich media over the network. Less

bandwidth intensive applications include simple Web access, e-mail, etc.

As you move farther away from a access point, signal strength reduces, which translates to lower throughput. A typical access

point can provide coverage within a radius of 150 ft or even 300 ft with a

higher gain antenna. What's important to remember here is the access point's

placement. There are tools available for planning access point location, like

wireless valley (recently taken over by Motorola's suite of tools or

Airtight's SpectraGuard Planner that come to your aid in planning Wi-Fi

networks. When it comes to making applications over mobile devices, you would

also need to take into consideration the roaming facilities and reach of your

mobile network provider among other things.

Voice mobility



While not strictly an IT infrastructure related issue, With voice moving

over to VOIP, it is worth discussing voice mobility here. Voice mobility is

about getting a call made to your office switched to your phone, wherever you

are, inside or outside of office. Solutions for doing this exist, with the

hurdle being more legal in nature. But the way technology is forcing the big

elephants of telcom and telcom policy formulation to dance, do not be surprised

if voice mobility becomes a reality in the next one to two year time frame.

Meanwhile if you want to look up the technologies for doing this, Ascendent

Systems (ascendentsystems.com), which was recently taken over by Research in

Motion, which owns the blackberry service is a good place to start your

research.

View Point

Rajesh S Kurup, Research Director, eTechnology Group, IMRB discusses the issues and concerns in mobile enabling a widely dispersed field force. You deploy a large field force to collect data. What are your key concerns in deployment of mobile devices and applications for field data collection? A.The most prevalent form of data collection continues to be in person interviews using paper pencil. Mobile devices have not found a wider acceptance on account of the following reasons: Familiarity of usage by interviewers Research issues: most tools and techniques of research has evolved for paper and pencil form of administration of questionnaire. So, amenability of data collection using this form factor for the specific research intricacies is an issue. Cost of deploying the survey using mobile devices. This includes hardware cost, content/questionnaire development (including adaptation of paper and pencil techniques to mobile devices, exposure of stimulus/show cards, translation into local language etc.), management of the device (eg. Theft, Insurance), etc. Often this form of data collection is quit cost prohibitive. What is the extent of mobile apps deployment with the field force. What devices are used? Who does the software development? Today this is not much compared to traditional data collection methods. For a few customized projects these have been used. The software is usually in-house. Could you briefly describe what the app does and how the deployment of questionnaires and collation of data is managed? In case the data collected is technical in nature and there is availability of software for extracting the data then it is possible to use such devices. Eg, collecting GIS data, data on viewership of TV from the television, etc. Such application of mobile devices doesn't require a questionnaire. However, these require software/appropriately customized hardware and connectivity or a solution to transfer the data back to the main data pool. Other areas where one can use mobile devices such as PDA etc are projects that have technologically evolved respondents as the target group or respondents that are familiar or can be familiarized with the usage of the device. These could be studies like product testing, usually required for usability studies for tech products. How do you manage/plan to manage data security and device loss or theft? For data security, the software becomes critical. However hardware theft or loss is not 100% preventable. If the data captured is encrypted well, hardware theft can actually have only a limited damage, towards the cost of the hardware and no further. What benefits did you derive out of deploying mobile apps with your field force? Currently mastering this form of data collection can help opening up newer areas for market research to cater to. For example, undertaking GIS data collection, obtaining health statistics from individual patients for well budgeted health management projects or other health/ patient surveys, etc. (Basically data that cannot be best collected using face-to-face and paper pencil method or phone interviews.) However, on account of cost, familiarity of usage of such devices and its adaptation for MR, it would take quite some time before with one can see large scale deployment of mobile devices for data collection. What were the key problems/constraints you faced? How were they resolved? A.Getting appropriate talents to use the device for data collection; translation of the user interface into local language; amenability of the device based approach for obtaining data that is more accurate than traditional methods; and cost effectiveness. These will continue to be challenges. A good comprehension of these challenges can help us restrict the usage to select purpose and type of researches and plan for the challenges adequately. A key learning that you would like to share with others looking at deploying mobile filed applications? A.Consider using mobile devices for collecting data that is other wise not possible to collect using traditional methods. Thus, examine the merits and de-merits closely with respect to accuracy of the data. Always ask, "will the quality of response suffer on account of displaying the device to the respondent?"...will the lower income household get awed by the device and, thus, will it result in biased responses? Will this method give me superior data quality in a more timely manner than traditional method. What additional value will it create for my client? Be aware that some of the device is likely to be stolen. Have a plan to prevent this.

Anil Chopra and Krishna Kumar