Will the real mobile enterprise device please stand up?

In the consumer-centric mobile device world, constant updates and cool features are the norm. But that's not what enterprises are looking for when they choose to standardize on a mobile device.

Watch a slideshow of how to expense an iPhone.
Four ways vendors hinder enterprise mobility

"The truth of the matter is, when it comes to gadgets, everyone wants the latest and greatest," says Stephen Stryker, a vice president at The Carlyle Group, a global private equity firm in Washington, D.C. "And there are lots of compelling reasons to go to something like an iPhone – at home, more people use Apple products like Macbooks or iPods, so it's a natural progression. For consumers, it's great. But the iPhone is not bulletproof from an enterprise standpoint."

Instead, when it comes to getting real work done, most organizations eschew the new and cool, and instead focus on security, stability and other not-so-flashy characteristics. This puts the enterprise at odds with the current mobile device marketplace, which seldom takes IT's concerns into account when designing and rolling out new mobiles. (Read a story about mobility mandate shakes up enterprise IT.)

"The carriers aren't so much interested in enterprises and what we need — they're focused more on just keeping up with one another," says Andrew Madejczyk, vice president of global technology operations at Sterling Infosystems in New York. "They all come out with various models every couple of months, and from a corporate perspective, that becomes difficult. How many different configurations of this one device do I need to support?"

In such a cluttered and varied mobile landscape, enterprises are hard-pressed to find the right mobile device for enterprise use. But users say that if the mobile you choose offers these four features, it's ready for prime time in the enterprise.

1. Security

When enterprises look to standardize on a mobile device, they find that today's mobiles are fast becoming desktop replacements, in that they can handle most tasks — e-mail, phone, Web surfing and simple document editing — that in the past required a tethered desktop connection. And such capabilities mean high security risks should the mobile be lost or stolen.

"When we consider rolling out a mobile here, the security of the device is first and foremost," says David Reckles, CTO at Todobebe, a Spanish-language family entertainment company in Miami Beach, Fla. "Because if someone gets their hands on one of our mobile devices — we use BlackBerry here — they have instant access to all that person's contacts, e-mail, and the ability to send and receive e-mail as that person. And it could be at a CXO level, so that's a big risk."

The security features that enterprise users say are must-haves for today's mobiles include support of encryption, remote data wipe and remote lock-out, as well as strong password enforcement.

"That's the thing we love about BlackBerry is that when it's attached to the Blackberry Enterprise Server [BES], we have the ability to do a remote wipe and remote lock," Reckles says. "The minute I learn a mobile has been lost or stolen, I can immediately make sure corporate data is not compromised, and that's key."

Todd Frantz, associate CTO at Florida Hospital in Orlando, agrees. "People do lose these things," he says. "So having remote wipe is important. Here, we give users a certain number of password tries, and then that's it, the device will just wipe itself."

Frantz has also standardized on BlackBerry and the BES at the hospital, both because of the remote lock and wipe capabilities of the BES server, and also because BlackBerry devices support encryption out of the box. While most of Frantz's users utilize the BlackBerry for just e-mail and voice, the hospital is subject to various compliance measures, like Health Insurance Portability and Accountability Act, that require strong security measures be in place.

"Our world is serving patients and all patient information is confidential. Any e-mail that could contain confidential information must be treated as if it does and have the same strong security around it as an e-mail created at the desktop. So encryption is important," he says.

Enterprise users say the ability to enforce strong password protection on a mobile device is also of paramount importance. For example, Roy Balkus, CIO at Nutmeg Financial MHC in Naugatuck, Conn., says no mobile device is issued within the bank unless it's first password-protected, and that password needs to be strong, using alphanumeric and uppercase and lowercase letters. Unfortunately, that policy sometimes leads to problems for end users.

"We make everyone change their password every 40 days, and I've had a couple of people who — because the password is blocked as you type it in, and because the password needs to be uppercase, lowercase, alphanumeric and special characters — they have trouble," Balkus says, noting that the bank supports Windows Mobile-based phones as well as a handful of iPhones. "Because you have to go to this dinky little keyboard on your phone and uppercase and lowercase are controlled by different keys, sometimes we have people who can't get in and we have to handle the password change for them, which isn't optimal."