Enterprise Mobility Strategies

There is definitely a deep digital divide when it comes to
mobility. To Indian enterprises mobility is still largely defined as notebooks
and WiFi, while to the western world enterprise it comes in two flavors-the
road warrior and the roaming user. For road warriors, the entry point into
enterprise mobility is e-mail on the Blackberry. As the Forrester report on
“Mobility enterprise: defining your strategy” states, “the core
application for road warriors is always-on push e-mail.” While for the roaming
user, notebook is the key device. To quote from the same report, “armed with a
laptop, they need to be able to boot up and securely connect from locations as
diverse as hotel rooms, airports, coffee shops, and clients' offices”.

Research Methodology Many IT practitioners have shared their experiences and expertise for this story. Wherever possible, we have acknowledged their contribution. But in some instances, they have remained unnamed for reasons of confidentiality. While researching this story, we spoke to users and CIOs across 14 large enterprises in the country to figure out the current state of enterprise mobility, and to understand their strategies for the year ahead. We had further in-depth discussions with a smaller subset. There are some very clear strategic trends that emerge from the interactions. These have been referred to in the appropriate context. The interpretations of what they told us are ours and they are in no way responsible for the same.

As a
cursory survey at any Indian airport will show, we're at the roaming user
stage and are still to explore the larger contours of enterprise mobility. But
before that, this is not a typical PCQuest story, which looks at the
technology—product—solution trio. This story looks at the strategic
landscape of mobility; the current status and the road ahead in the short to
medium term. Specific products mentioned in this story may not have been
reviewed at Cybermedia Labs and are used more as illustration of a concept than
as a recommendation.

Defining mobility

While the stage of mobility that each one of them are currently in may be
different, all people we spoke to had a very clear idea what enterprise mobility
meant and what all it could include. “Technology which does not tie you to one
place and provides you the scope to move about without compromising on
service”, is how the head of engineering of a major Government enterprise
defined mobility. This was not way too different from the CIO of a multinational
whose take on mobility was,  “Accessing data / information seamlessly and
securely whenever or wherever using any media..”

For the sake of consistency, in this story, when we refer
to mobility, we are talking of accessing enterprise data and applications when
on the move, using devices that do not require to be wired. These devices
include primarily the notebook, connected over WiFi  to the LAN or WAN (and
the Internet), and various cellphones and PDAs also. In addition to this, we are
also referring to the back-end infrastructure that is required to make this
mobility happen.When we talk of application access, we are talking of access
primarily by non-PC devices, like the PDA or the cellphone.

Mobility status report

Like we mentioned earlier, the Indian enterprise is still in the state of
being the roaming user. Even there, notebook penetration levels are low, with
half of the organizations that we spoke to having deployment levels under 10%.
Similarly, in the case of WiFi, almost 75% of the organizations have plans to
improve deployment levels. But mobility for the enterprise is not just about
deploying notebooks and WiFi. There is a lot more to be done.

tages in mobility 

We define six stages (as shown in the schematic on the page to follow) in
moving an enterprise from a completely wired stage to complete wire-free access. The
strategic objective for the enterprise is not to aim for level six, but to first
define which of the six stages they want to be in and to define a time period
and the path by which they are going to achieve that stage. In fact, stage six
may be utopian for most enterprises and like '100% customer satisfaction'
could at best be a pole star that you keep in mind when formulating the mobility
strategy. Which of the six stages you want to be in will obviously be dictated
to by the business imperatives and by how much of a competitive advantage you
can create by mobile-enabling which all segments of your work force. As the IT
head of a leading cellular service provider told us, “The drivers for mobility
(in our organization) have been the corporate sales and  service teams, who
wanted connectivity as an enabler to resolve customer queries and issues across
the desk, wherever that desk may be. This has enormously improved our customers
trust and loyalty and on our service focus.”

The first step in the quest for enterprise mobility is
obviously the notebooks. For one to even think of mobility happening, notebook
deployment levels in organizations need to go up significantly. Obviously there
are exclusions, like in manufacturing organizations, where employees on the shop
floor will not need notebooks. But here again, other types of mobile wireless
devices including PDAs can be used to log production data to
production-management systems.

Once notebooks come in, it is but natural that you reach
stage two, where Wi-Fi access to the LAN and subsequently to the Enterprise WAN
gets deployed. While one would expect most enterprises to be atleast at this
stage, many, particularly the smaller ones still have to take the plunge. This
stage can be divided into two sub-stages, with Internet and e-mail being the
first and WAN access to deployed enterprise applications coming subsequently.
The next stage is e-mail access on mobile devices like PDAs and cellphones. The
western standard for this seems to be push based e-mail services like the
Blackberry. But over here, adhock solutions driven by user choice rather than by
organization wide design seems to be the norm.

The limitation seems to be the high cost of devices and
services that can deliver enterprise e-mail to the road warrior. But high costs
need not be a limiting factor for enterprises looking to enable their employees
to get their corporate e-mail on to a mobile device. The next stage in the road
to mobility is enabling application access from mobile wireless devices. The
classical example of this is the access and ability to update sales data from a
smartphone. Most enterprise applications now ship optional mobility modules.
There are also third-party solutions that can be integrated with most
applications, whether off the shelf or custom built. We will discuss one of
these later on in this story.

That brings us to stage five, of having your website mobile
enabled. Gone are the days when you had to create a separate WAP version of your
site to enable browsing on a mobile device. Having your website displayed on a
mobile device is a no-brainer now. With the Opera Mini browser installed, any
Web page can now be rendered on a cellphone. You would, of course, want to
ensure that the rendering is useable and easily navigable. A bigger challenge is
to enable your website to accept inputs from a mobile device, much like moblogs
(blogs updated from a cellphone) or how livejournal.com accepts and displays
photographs sent as MMS messages. Once you achieve this level, full enterprise
mobility, where the complete set of enterprise apps (on your enterprise portal)
and data is accessible over mobile devices. For most enterprises, achieving
stage four (applications on mobile devices) should be the aim in the medium to
long term, with stage three (email on mobile devices) being the short term goal.

Mobile e-mail

Like we said earlier, the high costs of a suitable smartphone or a Blackberry
device is a key inhibitor in making enterprise e-mail truly mobile. One of the
alternatives available is from net4nuts (net4nuts.com), an Ahmedabad based
company. Their mobile e-mail service works with most GPRS/WAP enabled handsets
and supports standard attachments like MS Word and MS Excel files, Zip files,
PDF files, GIF, JPG and so on. This service is oriented towards enterprises
rather than individual users and comes with administrative features that let
administrators add and delete users and so on. At about Rs. 150 per month, this
seems an affordable way to keep the road warriors in organization in touch with
their e-mail, wherever they are.

Applications over cellphone

Applications over cellphone is the bigger challenge compared to e-mail over
cellphone, and that is why, in our roadmap, we have placed it a step above
e-mail over cellphone. Typically application access on mobile devices is enabled
by using middleware, if the application itself is not built ground up for mobile
interfaces. One such middleware is Fred from Acceltree software (acceltree.com)
of Pune. Acceltree claims that its mobile framework enables customization and
deployment in about six to ten weeks and that applications can be accessed from
any Java enabled cellphone with GPRS or CDMA. The framework itself runs on an
application server like Tomcat or iPlanet on Linux, Solaris or Windows Server.

Deployment gives satisfaction We asked our respondents to rate their satisfaction levels with WiFi and we had responses covering the whole spectrum, all the way from least satisfied to most satisfied. But when we segregated the responses based on whether the organization had implemented WiFi or not, we came across a very clear pattern. With hindsight, it is not a surprising pattern at all.  As can be seen from the graph, those who had deployed WiFi, very clearly displayed higher satisfaction levels than those who worked in organizations that had not. Obviously, there are a number of concerns about WiFi (with security being the most serious of these as discussed elsewhere) in the minds of users as well as CIOs, which get dispelled only when implementations happen in their organizations. It would not be out of place to guess that the comfort factor with the other stages of mobility will also reflect a similar pattern. You need to implement it first!

Securing the mobile enterprise

Almost everyone we spoke to had security as their prime concern when
implementing mobility. Today, Wi-Fi networks use several different techniques
for security. The first and most notorious of all is called WEP (Wired
Equivalent Privacy). It's notorious because it can be cracked more easily than
all other

Notebooks Notebooks and WiFi are still the key mobility enablers for Indian enterprises. While deployment levels continue to be low, the encouraging part is that the coming year could see the landscape altering significantly.In most of the organizations that we spoke to, notebooks are issued on a need basis, while a few issue notebooks on the basis of a recommendation.

Security techniques.

For an enterprise wireless setup, using this for wireless security is not at all
recommended, unless of course, you've setup a separate wireless network for
casual browsing. Many organizations do this to allow their employees and guests
free access to the Internet. This is completely separate from the main network,
so there are no chances of any kind of hacking. WEP could be used as a security
option for this.

Next is MAC address based filtering, which allows you to
restrict access to your wireless network by MAC addresses. In this, you'll
have to enter into each access point, the MAC address of every user connecting
the wireless network. This can be quite a job for a large enterprise and is,
therefore, not recommended. Moreover, MAC addresses can also be spoofed by a
determined hacker, so it's not a very secure technique.

Currently, the most secure technique being used in
enterprise environments is WPA (WiFi Protected Access) or WPA2. There are two
variants available in these, called WPA-Personal and WPA-Enterprise.  The
former allows you to set up a password on the access point itself, while the
latter uses a server for user authentication and verification, and uses the IEEE
802.1x/EAP standard for the job. The techniques encrypt the communication
between wireless clients and the access points using TKIP in WPA and AES
encryption algorithm in WPA2.

Besides using technology, there are other practical
considerations to wireless security. One, of course, is the placement of the
wireless access point and the positioning of its antenna. If you keep it close
to the outer wall of your building, and don't even bother to change the
antenna settings, then obviously the wireless signal would travel out. Likewise,
if you're connecting two buildings using wireless, then you have to ensure
that the antennae are not configured to be omni-directional. Airtight Networks (airtightnetworks.net),
another Pune-based company offers a suite of products under the SpectraGuard
brand that help you plan and implement a secure wireless network. The AirTight
Spectraguard Enterprise claims to provide intrusion prevention for wireless
networks and also identify, isolate and locate rogue clients and transmitters on
the wireless network.

When you move beyond WiFi into the domain of enterprise applications, the issue of security becomes even more complex.
With email, basic security measures and quality of service are more often than
not enough. But once you graduate to providing application access, not only
these two, but also the security of the data on the mobile device and, of the
device itself becomes critical issue that you need to address.

Only one organization, out of the fourteen we talked to had fully mobile enabled enterprise applications, while five of them had partial enablement. Over half had not yet reached this stage.

Quality of service

Quality of service or reliability came as the second most repeated concern about
WiFi after security. And like with security, our guess is that this one also
spans the entire gamut of mobility and is not limited to WiFi. Let us take QoS
over WiFi as an example. The strategic landscapes are roughly similar. A good
wireless deployment strategy must cover the following aspects: what applications
are you primarily going to run on your wireless network; how much bandwidth
would be required for each mobile user; how many users this network will have at
a given time; and finally which areas you want to be covered by wireless.

Start with bandwidth and coverage. The real challenge in
deploying WiFi is to strike the right balance between coverage and the bandwidth
available. WiFi is still a shared networking technology, which means that all
users share the same bandwidth per access point. So first you need to have a fix
on the number of users who will connect to the WiFi network and their location.
Next determine how these users will use the WiFi network. If they'll use it
for running bandwidth intensive applications, then the number of users per
access point should be lower. So you'll need to provision for a higher access
points density in a given area. Some bandwidth intensive applications include
transferring large files, or streaming rich media over the network. Less
bandwidth intensive applications include simple Web access, e-mail, etc.

As you move farther away from a access point, signal strength reduces, which translates to lower throughput. A typical access
point can provide coverage within a radius of 150 ft or even 300 ft with a
higher gain antenna. What's important to remember here is the access point's
placement. There are tools available for planning access point location, like
wireless valley (recently taken over by Motorola's suite of tools or
Airtight's SpectraGuard Planner that come to your aid in planning Wi-Fi
networks. When it comes to making applications over mobile devices, you would
also need to take into consideration the roaming facilities and reach of your
mobile network provider among other things.

Voice mobility

While not strictly an IT infrastructure related issue, With voice moving
over to VOIP, it is worth discussing voice mobility here. Voice mobility is
about getting a call made to your office switched to your phone, wherever you
are, inside or outside of office. Solutions for doing this exist, with the
hurdle being more legal in nature. But the way technology is forcing the big
elephants of telcom and telcom policy formulation to dance, do not be surprised
if voice mobility becomes a reality in the next one to two year time frame.
Meanwhile if you want to look up the technologies for doing this, Ascendent
Systems (ascendentsystems.com), which was recently taken over by Research in
Motion, which owns the blackberry service is a good place to start your
research.

View Point

Rajesh S Kurup, Research Director, eTechnology Group, IMRB discusses the issues and concerns in mobile enabling a widely dispersed field force. You deploy a large field force to collect data. What are your key concerns in deployment of mobile devices and applications for field data collection? A.The most prevalent form of data collection continues to be in person interviews using paper pencil. Mobile devices have not found a wider acceptance on account of the following reasons: Familiarity of usage by interviewers Research issues: most tools and techniques of research has evolved for paper and pencil form of administration of questionnaire. So, amenability of data collection using this form factor for the specific research intricacies is an issue. Cost of deploying the survey using mobile devices. This includes hardware cost, content/questionnaire development (including adaptation of paper and pencil techniques to mobile devices, exposure of stimulus/show cards, translation into local language etc.), management of the device (eg. Theft, Insurance), etc. Often this form of data collection is quit cost prohibitive. What is the extent of mobile apps deployment with the field force. What devices are used? Who does the software development? Today this is not much compared to traditional data collection methods. For a few customized projects these have been used. The software is usually in-house. Could you briefly describe what the app does and how the deployment of questionnaires and collation of data is managed? In case the data collected is technical in nature and there is availability of software for extracting the data then it is possible to use such devices. Eg, collecting GIS data, data on viewership of TV from the television, etc. Such application of mobile devices doesn't require a questionnaire. However, these require software/appropriately customized hardware and connectivity or a solution to transfer the data back to the main data pool. Other areas where one can use mobile devices such as PDA etc are projects that have technologically evolved respondents as the target group or respondents that are familiar or can be familiarized with the usage of the device. These could be studies like product testing, usually required for usability studies for tech products. How do you manage/plan to manage data security and device loss or theft? For data security, the software becomes critical. However hardware theft or loss is not 100% preventable. If the data captured is encrypted well, hardware theft can actually have only a limited damage, towards the cost of the hardware and no further. What benefits did you derive out of deploying mobile apps with your field force? Currently mastering this form of data collection can help opening up newer areas for market research to cater to. For example, undertaking GIS data collection, obtaining health statistics from individual patients for well budgeted health management projects or other health/ patient surveys, etc. (Basically data that cannot be best collected using face-to-face and paper pencil method or phone interviews.) However, on account of cost, familiarity of usage of such devices and its adaptation for MR, it would take quite some time before with one can see large scale deployment of mobile devices for data collection. What were the key problems/constraints you faced? How were they resolved? A.Getting appropriate talents to use the device for data collection; translation of the user interface into local language; amenability of the device based approach for obtaining data that is more accurate than traditional methods; and cost effectiveness. These will continue to be challenges. A good comprehension of these challenges can help us restrict the usage to select purpose and type of researches and plan for the challenges adequately. A key learning that you would like to share with others looking at deploying mobile filed applications? A.Consider using mobile devices for collecting data that is other wise not possible to collect using traditional methods. Thus, examine the merits and de-merits closely with respect to accuracy of the data. Always ask, "will the quality of response suffer on account of displaying the device to the respondent?"...will the lower income household get awed by the device and, thus, will it result in biased responses? Will this method give me superior data quality in a more timely manner than traditional method. What additional value will it create for my client? Be aware that some of the device is likely to be stolen. Have a plan to prevent this.

Anil Chopra and Krishna Kumar