A Mobile PhilosophyBy Samuel Greengard | Posted 2011-01-28 Email Print
Mobility has come of age, but IT still struggles to manage a tangle of devices and systems. Best-practice organizations attempt to focus on the data rather than the device. See Also: Mobile Means Business and Five Ways to Put Mobility to Work
A Mobile Philosophy
Managing mobility is at the center of IBM’s philosophy. The computer and consulting giant has nearly 400,000 employees, and an overwhelming percentage of them carry mobile devices.
“We have an overarching goal of making our employees as efficient as possible, and it’s about [being able to work] anywhere at any time,” says Dave Merrill, a security strategist at IBM. “Our work is global, and people are constantly moving across time zones. It’s essential to maintain a good working relationship and collaboration for everyone at IBM.
“The notion of one size fits all, in which everyone gets the same standard laptop and smartphone device, is dead. Mobility is about supporting a wide variety of roles and associated data. It’s about supporting a wider variety of software platforms—Windows, Mac, Linux, various mobile operating systems and virtual platforms—and making sure everything meshes.”
As a result, IBM has adopted a comprehensive, methodical approach to mobile management. Merrill says that the process starts with data classification and identifying roles within the organization. Then it’s a matter of certifying a mobile platform and ensuring that it can accommodate the various data classifications. “Some platforms are more mature than others, and not all platforms have the same capabilities,” he notes.
The company authorizes different devices for different employees, based on whether or not they view sensitive or regulated data. “If a group of employees doesn’t have any restrictions, then they would have access to a wider variety of platforms,” Merrill explains.
The data classification process involves a variety of constituents— including operations, HR and legal—and it extends beyond mobility. IBM maintains a database that tracks all the data. “When we review a device, it’s fairly straightforward to see where it fits in and how people can use it,” Merrill says.
The company also has stringent security controls in place, including Juniper’s Junos Pulse Mobile Security Suite software for malware protection on smartphones and mobile devices. A software agent resides on every device and combines traditional signature-based scanning with behavioral analysis.
IBM also uses enterprise applications, including Lotus Traveler, to encrypt data and provide the required overall level of protection. And it has established an app store where employees can download approved software to approved devices.
Make no mistake, mobility is forcing organizations to re-examine their business and IT practices. Enterprises that take a holistic view and focus on managing devices and data throughout their life cycle are at a distinct advantage.
Grant Thornton’s Smith concludes: “IT must maintain a bigpicture focus that extends beyond data protection. Security is essential, but controlling devices is often perceived as counterproductive to the end user. IT leaders must understand that the technology should serve as an enabler and that the goal, in the end, is to promote productivity through the efficient use of mobility.”