Enterprise Mobility - Control the Service, Not the Device

March 27, 2014

Join us for the third in our six part FrontRange Webcast Series "Change is in your Hands" hosted by UK Solutions Consultant Peter Coote. Empower your mobile workforce with anytime, anywhere access.


Kirsty: Hello, everyone, and welcome to this BrightTALK webinar from Front Range. Thank you for joining us. My name is Kirsty Grant, and I'm in the marketing team here at Front Range, based in the UK. This presentation is the third of our six-part webinar series, "Change is in Your Hands," hosted here on our BrightTALK channel.
Before we begin, I'd just like to cover a couple of points. Firstly, we would welcome any questions or comments you have. You can submit these to us live at any time by typing into the questions box on the screen, and Pete will review your questions at the end. Secondly, we really appreciate your feedback, so please take the time before you leave to rate the content, as we'd like to know if you found it valuable. I'll pop back at the end of the presentation to share with you details of some of the resources we have available to you, and with that I'll now hand over to our presenter for today, Peter Coote. 
Peter: Thank you, Kirsty. Now, before I start, let me introduce myself. My name is Peter. I've worked in the technology industry for 25 years, initially in IT within the oil sector, and then running my own IT training and consultancy business. On joining Front Range nine years ago, I had a role as a technical trainer, then I was the EMEA educational manager and the global education architect. I now help with business as part of the global sales and partner enablement team, and I've been a certified trainer and developer, and I've been delivering knowledge for most of my working life. Currently, my focus is service management, client management, and mobile management. Please feel free to reach out to me after this event if you need any more information. 
For those of you who may not know us, here's just a quick introduction to Front Range. We've been a leading provider of Hybrid IT-software solutions for over 20 years. With our suite of HEAT applications, Front Range is the only company in the world that provides, from a single platform, service management, and client management software, on premise and in the cloud. HEAT manages millions of service interactions and millions of devices every day, for over 15 thousand organizations across the world. Our global headquarters is in the United States. We also have several offices around the world, including our EMEA office based in Newbury, England, from where I'm presenting. 
So let me introduce the topics for today's presentation. As you can see from this image, services fit in the middle of the balance between what the business needs, on the one hand, and the devices that are coming into our environment. The temptation for both IT and the users is to just focus on their end of the see-saw, and the risk is that we ignore the real focus. We should be providing services. This will underpin my presentation today. Firstly, I'll look at the challenges in today's mobile business world. Secondly, I'll discuss where the balance of control for mobile devices sits today. And thirdly, I'll look at where we should go in the future, if we want to get the balance right. 
So what are the challenges for Bring Your Own Device, today? Mobile devices typically arrive in your environment in two ways: firstly, in a planned and structured way, usually through IT. Secondly, through natural seepage into the workspace, typically by canonically savvy early-adopters. Obviously, it's natural seepage that can cause problems. Why? Clearly, security is an issue, because devices we don't know and don't trust are now in our environment. Then there is control. Companies think they have control, but have a lack of visibility, and therefore, no true control. Next, is volume. With an uncontrolled influx of devices, there will be capacity issues on the network and pressure on staff to handle all the new calls. Self-service is also a key for mobile-device users. Rather than calling the help desk, we know that users will seek their own solutions. There are great resources available on the web, including how-to videos, but they can lead to very unreliable sources of help, and if users [inaudible [00:04:45], and changed settings for example, they have no idea of the consequences or impact on the business. Linked to help is merging behavior from the social sphere into the business environment. If we can mirror this level of service, we can have happy and productive employees, but of course at what risk? Finally, the rate of change is increasing at such a pace and devices are swapping in and out much faster than ever before. This is the main reason why IT cannot support everything. 
Having looked at some challenges, let's examine where the balance of control is today, for managing mobile devices. Just like a boxing match, the Bring Your Own Device is pitching IT against the employees. To confirm this, Workshare, our file sharing company have just released findings from a study tracking this trend and right now it looks like the employee has the bigger front. Here's a taste of what's happening. 78% of finance employees use free file sharing platforms, but only 35% are authorized by IT, and 88% of legal employees use file sharing platforms, but only 33% are authorized by the IT department. Furthermore, in a recent article in the CIO magazine, they stated that the Bring Your Own Device supertrend has ignited an epic battle between IT and employees. In one corner, IT frets about data security and perhaps losing control of devices and apps. In the other corner, employees want to choose the device and apps for work and play, and they are a little tired of IT telling them what they can and cannot do. So who is winning? The real challenge and risks are, IT could, most likely will, stifle creativity and innovation as they seek control and security. 
So, for example, if we think about the scenario where we need to have access to some of the great apps that are now out there, the users will go out find wonderful applications that they want to use, but of course, IT won't want those applications in the environment because they haven't found them and sourced them, while employees, will misuse the freedom the flexibility gives them. An example would be social media. They love Facebook. They love Twitter. They want to use them all day, at work, wherever they can they'll keep going back to them. These are going to give some challenges. These risks are rife because there are three groups in any business who each have different expectations: the company as a whole, the IT department, and the users. 
Let's look at that now. So what does the company want? Clearly, any company wants the best solutions for both IT and the users. But how can they walk this tightrope? The concept of BYOD is fine in principle, but the reality of managing devices whilst providing services and assuring the necessary controls can be overwhelming. Instead of mobile devices being a free-for-all, COPE is a halfway house which allows for choice whilst also providing control. So let's look at what IT wants. They want control to stop the risks that keep them awake at night. Risk including, the losing data, staff playing games, using social network tools, or shopping. These all introduce risks, but if they control everything, the business can miss out on rewards that come from mobile technology. Rewards including, more flexible staff working. Staff could choose to work longer and could even fix their own problems without IT needing to invest any time. But what can go wrong? Clearly there is a potential for the devices to break, get lost, stolen, get locked out. IT would naturally feel responsible for these and feel it's their responsibility to fix it all. So, ideally, IT would put tools in place so staff can operate within safe boundaries in order to meet security constraints, and meet legal or corporate obligations. In other words, it's better to manage than to block, in a simple, and easy, and safe way. 
Let's look at the big puncher. What do the employees want? My device, my rules. This says it all. At the moment, it feels like the users have won and are in charge. But if a balance can be achieved and rewards are great for everyone to back this up, with some interesting research from EMA and Gartner. According to EMA primary research, the user is in control today. Look at the graph. The green bars are showing devices purchased by the user, and the blue bars purchased by the employer. You can see that in the case of tablets and smartphones, roughly 58% of users, so well over half, actually purchased the devices themselves and brought them into the workplace. 
In February's report this year, Gartner identified two key strategic trends. Firstly, mobile device diversity in management, and secondly, the era of personal cloud. The full report is available with an attachment with this webinar, but in essence, Gartner said that many of today's core IT systems, such as SA Peer, appear to focus on servicing IT, rather than end-user interests. As a result, end-users are willing to spend their own money on personalization options, such as using a favorite mobile phone or tablet, along with personal apps that make their work life easier and more productive. They desire the devices and programs that they believe will best support their productivity, and they will find ways of working around IT policy and standards. In terms of the personal cloud, Gartner says the personal cloud reflects the new reality that users are really relying on a broad collection of connected digital devices, including embedded internet of things devices in all aspects of their lives and embrace the importance of cloud services to make this happen. Devices and the services that each user accesses on a daily basis from a unique personal cloud for that specific user, which in turn becomes the central hub for the user's digital life. Synchronizing, sharing, storing, and streaming content information and personal settings. 
So having spent time on where the balance for control is today, let's now look at where it should be. As I've said, the focus for IT is to control the service and not the device. Employees can remain focused on their own devices and applications, continue to access services anytime, anywhere, and on any thing. The business can have trust that everything is in place to provide security, governance, and compliance. And IT can then focus on the service delivery in the middle. So how do you do that? To focus on controlling the service, we can look at Enterprise Mobility Management as a complete solution, including all the devices and service that support them. In Front Range, our HEAT Client Management, combined with our HEAT Mobile Device Management solutions provide full life-cycle management for all endpoint devices that come onto an environment either in a planned or unplanned way. So as you can see from this diagram, we can help you provision, update, support, and secure all of these endpoints from one solution. So this takes care of the infrastructure and environment, but how do we manage the services? 
I'm now going to talk about six key areas which, when combined, will give you control of your services. We're gonna look at asset management, security management, application management, end-user self-care, remote support, and data access management. Let's discuss each in turn. 
Firstly, asset management. Okay, what I've done here is I'm showing three areas that can be managed: security policy enforcement, over-the-air troubleshooting, and backup, restore, or data migration. So if we try and look at an example here, we can think about a scenario when maybe we wanna move from the phone we currently have, an older phone, to one of the newer phones that's become available. Maybe we've lost the phone, and we're worried about the data that was on there. We can easily bring the data across from one phone to the other, using the data migration, or, if we've lost the phone, we can buy a new phone and we can restore data onto that. This is quite common a scenario that we have to deal with. 
Next, application management. Again, here are some topics from a list that is slightly longer. Applications can be provided, configured, and later updated. The user will have easy access to corporate applications, integration with external app stores, malware protection, or maybe containerization and the BYOD support. These are all areas where we can think about application management. When we talk about containerization, it's important to mention here, that I've spoken a lot about security and control from the company's perspective, but the user will also want to containerize their own personal data. In other words, we don't mind bringing our personal phones into the work environment, so long as we feel our personal data remains private. 
So as a good example, when a phone is brought into the environment, the corporate apps can be pushed onto that device. When that user leaves the organization, changes departments, we can then remove the same applications from the device as well. So we can bring things on and take them off in a managed way. 
Next, let's look at remote support. So again, from a list of possible functionality, we've got: the configuration of settings can be done remotely. We've got instant diagnostics and troubleshooting can be a great help. Remote control over the device screen and the keyboard will allow the support to control the device or see exactly what is happening on the device if the user can't explain it to them. Device resets, both soft and hard, gives IT the control they desire. Again, if we think about examples, we might be talking about an example of a user who's changed the password on their laptop before they travel. But when they're actually out in the field and they try to use their mobile phone, they find that there's now a problem between their Outlook and exchange access. Passwords are now not the same and they need some form of support. So what can happen at this point, this is where the IT team can take over the tool and maybe resolve the issue. If not resolve the issue, at least explain the user which settings they need to modify and then to resubmit their password that they've now applied onto their laptop. 
Next, let's look at security. Again, private and corporate data protection both need to be kept separately. Over the air, locks and wipes, memory being encrypted, data and email access controlled by location. If we think about an example in these circumstances, we're thinking about the separation of the private data from the corporate data. The containerization. So I have a colleague, he has two phones, one is a personal phone which he keeps on things like his Facebook accounts, his DropBox. One is a corporate phone. He uses our corporate email and various other corporate applications, but he always has to travel with two, if he was going to not have a useful tool to manage it. So what he can do, if he can bring together those two solutions and he can end up traveling with one phone with everything capable and functioning on there. One of the really useful practices that we can suggest is of course end-user self-care. We are in a world where IT are trying to do a lot with less, and this is one of the circumstances where if we can take some of the burden away from the user...take it away from the IT, we can actually help the user. So we've got access to the corporate app store, ability to remotely lock a device, over-the-air data wipe, of their data only, backup restore their own data, find their own device. 
In an example here, we can think about a user who has an embarrassing situation where they've lost their company phone. Maybe they work in a sensitive part of the business and before they call IT and ask IT to in some way resolve it, they have the ability to log on through the self-care capabilities and actually lock the device if they think that they've left it unlocked, wipe the device if they think they need to wipe the device, and if not, maybe simply look for the device. If they can find the device, that then prevents the need for IT to get involved. All of these are good examples of end-user self-care. 
Finally, there is data access management. Data and resources can be synchronized for email, calendar and business phone books. The user can get a 100% secure access to their corporate documents. Each device has a separate policy based on ownership of the device. So here, when we think about an example, we can think of a finance director. They have access to very sensitive financial data that they might need to work from or read by their mobile device, but they need to have a 100% security. We don't want them to have to think of using products like DropBox or other similar tools where they may be moving around very secure documents from a business perspective, but in a very insecure method. Not that DropBox is a weakness, it's just that it means that documents are being moved outside of the corporate environment in a way that isn't managed and isn't controlled. So these are some best practices that you can consider as being very powerful when trying to manage the corporately-owned, but personally-enabled environment. 
At this point, I just want to briefly show you how the tool looks. This is showing you what IT can see, and what they control. They are screens from the actual product. Now, the screen on the top left at the back shows the reporting that can be generated. So this is an actual live screen from within our MDM product, and I've looked at just the reporting aspect of that. And so we've got prebuilt reports, which I can show in this diagram some of the reports visible. The screen on the right is a dashboard showing the current state of the environment. So from an IT perspective it gives them easy management. They can see what's going on in their landscape, they don't have to worry about the individual devices. They can just check that the service is running, that they're on top of things, and that they're focusing on the delivery of the service, and not what each individual device may or may not be doing. 
The middle image is a snapshot from iPad, which is under control through the HEAT MDM product. So as a user of the tool, I could actively, on this graphic if it was on my laptop, click on the iPad and actually open applications up, open up various aspects of the application, even change settings and configurations. So this is just a virtual view of the real application instead of running on the iPad at the user allocation. It's a very powerful way of visualizing what you're trying to do when taking control of their device. So obviously, these are static images, but if you wanna see this in more detail, please contact us for a free trial demo. 
So in summary, by investing in a strategy that manages the whole mobile landscape and is not being fixated on the OS on the device, the type of device, maybe even the age of the device, or even just the brand of the device, you'll find that you can keep both the user and IT happy and still enable the company to be safe, secure, and productive. 
So with that, I'll address any questions. So far, looks like there are no questions. So based on that, I'm gonna hand over to Kirsty, just to run through the last few slides.
Kirsty: Okay, thanks Pete. So looks like we've finished up early. We've allowed some time for questions, but you're all being very shy today. Before we close the broadcast, I just wanted to summarize with a few resources that are available to you today. As I mentioned at the start, today's presentation is the third in a six-part webinar series, and to complement the webinars, there are a number of online resources which I'll share with you now. 
But firstly, you can visit our website, frontrange.com. Here you'll find demos and free trials of our HEAT solutions, as well as customer success stories for the HEAT service management, HEAT client management, and mobile device management tools. Also, as part of our "Change is in Your Hands" series, we have a resource section containing videos and white papers. These cover subjects including automation, enterprise mobility, and IT optimization. Here on the BrightTALK channel, you can access our complete library of on-demand webinars, as well as registering for future broadcasts, including the complete six-part series. These are hosted on the Front Range Hybrid IT Service Management Channel, which is number 8533.
For those of you that are using the iPads or iPhones out there, there's also BrightTALK app, which is available from the iTunes store. In addition, we have a whole host of content on YouTube, which you can find at youtube.com/frontrange. Here you can watch various videos and presentations about our HEAT solutions, including enterprise mobility, and the new series of executive viewpoints, which are presented by our Chief Executive Officer, John Temple. And to accompany this webinar series, we have a series of four white papers, which have been produced by leading industry analyst EMA. These are available today. We've attached them with this webinar. You can access them afterwards, or you can also get them directly from our website. And also, with this webinar, you can access the full Gartner report, which Pete referred to earlier in the presentation. 
So the next webinar in the series will be hosted by Chris Powell, and we'll look at how to reduce costs with a shared corporate services portal. The webinar is called "Infinity and Beyond IT," and this will take place live on March the 27th at 3 p.m. UK time, or you can catch up on Demand if you miss it. I do hope you can join us. Just finally, your feedback is really important to us, so please take a few moments to rate the broadcast today, and thank you for watching. Enjoy the rest of your day.