In the consumer-centric mobile device world, constant updates and cool features are the norm. But that's not what enterprises are looking for when they choose to standardize on a mobile device.
"The truth of the matter is, when it comes to gadgets, everyone wants the latest and greatest," says Stephen Stryker, a vice president at The Carlyle Group, a global private equity firm in Washington, D.C. "And there are lots of compelling reasons to go to something like an iPhone – at home, more people use Apple products like Macbooks or iPods, so it's a natural progression. For consumers, it's great. But the iPhone is not bulletproof from an enterprise standpoint."
Instead, when it comes to getting real work done, most organizations eschew the new and cool, and instead focus on security, stability and other not-so-flashy characteristics. This puts the enterprise at odds with the current mobile device marketplace, which seldom takes IT's concerns into account when designing and rolling out new mobiles. (Read a story about mobility mandate shakes up enterprise IT.)
"The carriers aren't so much interested in enterprises and what we need — they're focused more on just keeping up with one another," says Andrew Madejczyk, vice president of global technology operations at Sterling Infosystems in New York. "They all come out with various models every couple of months, and from a corporate perspective, that becomes difficult. How many different configurations of this one device do I need to support?"
In such a cluttered and varied mobile landscape, enterprises are hard-pressed to find the right mobile device for enterprise use. But users say that if the mobile you choose offers these four features, it's ready for prime time in the enterprise.
BlackBerry vs. iPhone: How they stack up in the enterprise
When enterprises look to standardize on a mobile device, they find that today's mobiles are fast becoming desktop replacements, in that they can handle most tasks — e-mail, phone, Web surfing and simple document editing — that in the past required a tethered desktop connection. And such capabilities mean high security risks should the mobile be lost or stolen.
"When we consider rolling out a mobile here, the security of the device is first and foremost," says David Reckles, CTO at Todobebe, a Spanish-language family entertainment company in Miami Beach, Fla. "Because if someone gets their hands on one of our mobile devices — we use BlackBerry here — they have instant access to all that person's contacts, e-mail, and the ability to send and receive e-mail as that person. And it could be at a CXO level, so that's a big risk."
The security features that enterprise users say are must-haves for today's mobiles include support of encryption, remote data wipe and remote lock-out, as well as strong password enforcement.
"That's the thing we love about BlackBerry is that when it's attached to the Blackberry Enterprise Server [BES], we have the ability to do a remote wipe and remote lock," Reckles says. "The minute I learn a mobile has been lost or stolen, I can immediately make sure corporate data is not compromised, and that's key."
Todd Frantz, associate CTO at Florida Hospital in Orlando, agrees. "People do lose these things," he says. "So having remote wipe is important. Here, we give users a certain number of password tries, and then that's it, the device will just wipe itself."
Frantz has also standardized on BlackBerry and the BES at the hospital, both because of the remote lock and wipe capabilities of the BES server, and also because BlackBerry devices support encryption out of the box. While most of Frantz's users utilize the BlackBerry for just e-mail and voice, the hospital is subject to various compliance measures, like Health Insurance Portability and Accountability Act, that require strong security measures be in place.
"Our world is serving patients and all patient information is confidential. Any e-mail that could contain confidential information must be treated as if it does and have the same strong security around it as an e-mail created at the desktop. So encryption is important," he says.
Enterprise users say the ability to enforce strong password protection on a mobile device is also of paramount importance. For example, Roy Balkus, CIO at Nutmeg Financial MHC in Naugatuck, Conn., says no mobile device is issued within the bank unless it's first password-protected, and that password needs to be strong, using alphanumeric and uppercase and lowercase letters. Unfortunately, that policy sometimes leads to problems for end users.
"We make everyone change their password every 40 days, and I've had a couple of people who — because the password is blocked as you type it in, and because the password needs to be uppercase, lowercase, alphanumeric and special characters — they have trouble," Balkus says, noting that the bank supports Windows Mobile-based phones as well as a handful of iPhones. "Because you have to go to this dinky little keyboard on your phone and uppercase and lowercase are controlled by different keys, sometimes we have people who can't get in and we have to handle the password change for them, which isn't optimal."
Reckles at Todobebe also enforces passwords on all of the corporate mobile devices, but says the BES lets him be less rigid about strength.
"With the BES, you can ensure the password is alphanumeric, a certain length or force users to reset it every so often," he says. "But we want to make this as user-friendly an experience as we can, so passwords aren't difficult. We just encourage the user that if anything should happen to the device and it becomes unaccounted for that they quickly let us know. That lets us take the pain out of the user's hands but still make sure we have things covered on the back end" via remote wipe and lockout.
2. Centralized management
For the most part, new 3G mobiles like the iPhone can meet the security test. For example, last March, Apple updated the iPhone software to support Microsoft's Exchange ActiveSync, providing IT administrators with the ability to set password policies and perform remote data wipe. Still, such capabilities require Exchange on the back-end, and Apple provides no iPhone-centric management platform.
Users say that for now, the only two mobiles with enterprise-grade management are BlackBerry with its BES and Windows Mobile, with Microsoft's System Center Mobile Device Manager.
"BlackBerry with the BES is about the best you can do, but Microsoft with its Mobile Device Manager is coming on strong," says Florida Hospital's Frantz. "But the key is centralized management. If we can't manage it, we can't use it."
Experts agree. "BlackBerry was always designed to be enterprise-ready," says Mort Rosenthal, CEO at Enterprise Mobile, a Windows Mobile consultancy. "The BES has always been a critical element of the BlackBerry model, because with it, device management capabilities are built-in."
Windows Mobile also has device management built-in, he says. "With Windows Mobile, management is enabled both in the raw operating system as well as in device management tools like Exchange 2007 or System Center Mobile Device Manager," he says.
While most enterprises, like Florida Hospital, Carlyle Group and Todobebe, rely on the BES for centralized mobile device management, some organizations are forced to rely on policy alone. For example, Nutmeg Financial uses a mix of iPhone and Windows Mobile devices, but does not currently have any kind of centralized management.
"With BlackBerry, you can do remote wipe and remote lockout, but you also have to buy the BlackBerry Enterprise Server, which is expensive," Balkus says. "And our iPhones can't even be managed centrally right now. So we cover it with policy. We tell our users they can't store customer information on the device and they have to make sure it's password-protected. And if they lose it, they have to tell me right away."
Todobebe's Reckles agrees that the BES can be expensive to purchase and administer, but says his company chose to go with a third party, AppRiver, which provides Todobebe with hosted Exchange and BES services at a cost of about $10 per user per month. "The true TCO [total cost of ownership] isn't what the device costs, it's what it costs plus support. With App River, all my support is built in, so controlling the cost around support isn't an issue."
3. Ease of use
Another key issue for enterprise mobiles is ease of use. And for many, this is a big stumbling block for newer mobiles such as the iPhone.
"One thing about the BlackBerry is when you give it to end users, it works right out of the box," Carlyle Group's Stryker says. "There aren't any real challenges around configuring it. But the iPhone has Wi-Fi settings you can muck with, how you sync can be mucked with, and it lets them download different apps, so there's greater risk that people can work themselves into a corner. From a support perspective, it opens a lot of challenges."
Stryker says ease of use is also a downside of Windows Mobile. "Windows is just hard to use in a small form factor and it's hard to train people," he says. "Microsoft's poured a lot of functionality into it from the Windows OS, and that sounds nice on paper. People always want Word, Excel or PowerPoint on their mobile device, but it never really pans out. Once they start to use it, it's just too difficult."
Newer touchscreen interfaces are another downside, because users have trouble transitioning from a traditional keyboard or keypad to an onscreen version. "It takes me twice as long to type an e-mail on an iPhone as it does on my BlackBerry," says Sterling InfoSystems Madejczyk.
Enterprise Mobile's Rosenthal agrees. "In most cases, you have to trade off interface coolness for speed and performance," he says. "I have a lot of contacts, and when I've tried popular cool devices, they can't handle my contacts. I search for a name and it takes literally a minute. So it may be cool, but it doesn't work."
4. Battery life
The last key enterprise mobile consideration, battery life, is often overlooked. But constantly having to recharge a mobile device can be a big productivity hit on an enterprise.
"In our organization, people don't travel with laptops. They just bring their BlackBerries, so long battery life is key," Stryker says. "And that's one area where BlackBerry shines over other devices."
Florida Hospital's Frantz agrees, noting that battery life is the main pitfall for newer devices like iPhones. He says he charges his BlackBerry every day, but has some users who can go up to four days on a single battery charge. "With the iPhone, you can set it for Wi-Fi access, which people like because it's usually faster than the cellular network. But once you turn on Wi-Fi, it becomes very energy-intensive," he says. "If you get 8 or 10 hours out of your normal battery life, and you turn on Wi-Fi, you now have significantly less battery life. And that's not acceptable."
Frantz says he would like to see energy-intensive mobile devices that support Wi-Fi be engineered more like his Vocera push-to-talk phones. Those phones come with easily removed batteries that can be placed in a 24-battery charging unit when needed.
"With the Vocera, when your battery is getting low, you run up to the battery recharger, grab one that's charged, drop your dead one in that slot and away you go," he says. "It has a teeny tiny internal battery that's good for about 2 minutes while you're doing the swapping."
By contrast, not only is the iPhone's battery difficult to remove, Apple stipulates that end users return the whole phone to Apple should they need to replace the battery. "That's crazy," Frantz says.
Enterprise grade mobiles few and far between
When it comes to mobile devices in the enterprises, good fits are difficult to come by. Users say the key is to focus less on the individual feature set — whether the phone supports some new app or can play music downloaded from iTunes — and more on how well the mobile integrates into the enterprise in terms of ease of security, management, use and functionality.
"There are all kinds of devices out there, and almost every one will let you e-mail, make a phone call or surf the Web," Frantz says. "But it's not really a device question because it takes more than just the device to make it workable. RIM has the BES, Microsoft has their Device Manager software — those are the more important things we look for."
|Secure this! How to prepare for irksome new security problems|