What the mobile revolution means for enterprise IT

Mobile applications and even today’s hottest gear, such as tablet PCs, have been around for years, so it’s easy to gloss over one of the highlights in a recent report on the mobile and wireless market.

Financial services firm Morgan Stanley predicts that within five years, more people will connect to the Internet using mobile devices than they will with desktop PCs.

On the surface, that doesn’t sound earthshaking, given the wall-to-wall adoption of smart phones and other mobile technologies. But some forward-thinking agency IT professionals and consultants say that prediction is part of a larger trend that will fundamentally transform enterprises by mid-decade.

Put another way, mobile apps won’t just be extensions of traditional enterprises; they could become the primary platform for internal agency processes and the delivery of services to citizens.

Take hardware as an example. Annual shipments of smart phones matched desktop PCs two years ago and are on their way to doubling to about 250 million units by the end of this year, according to market researcher IDC. During the same period, desktop PC shipments dipped and are expected to stay flat through 2014. IDC forecasts smart-phone shipments to nearly double again to almost 500 million units by 2014. At the same time, tablet PC sales could surpass desktop PC sales in the United States by 2013, according to Forrester Research.

Changes such as those would create profound differences in how IT departments function and how newly empowered mobile workers and constituents interact with government agencies.

“There’s an attitude [among employees] that says, ‘I am the consumer. I’m carrying my personal device. And I want access. You need to serve me,' " said Fernando Alvarez Tabio, vice president of mobile solutions at Capgemini Technology Services. “That is a drastic change, and IT cannot look the other way.”

In some agencies, trends such as that one will relegate desktop PCs to specialty devices while smart phones, tablets and laptops do the bulk of everyday work. And if that happens, the IT department will also lose the relative ease of managing standard Windows desktop configurations and an occasional Mac.

“We are going to see a proliferation of different client platforms, and that’s going to make our lives a lot more complex from an IT perspective,” said Jeffrey Hammond, principal analyst at Forrester Research.

That’s only the beginning. The coming wave of advanced mobile computing could fundamentally alter many of the main elements of today’s enterprises, including:

• How we use the Internet. Standard-issue Web- and browser-based applications could decline in favor of special purpose native applications downloaded from government application stores.
• The inner workings of applications. Mobile workers won’t just pull data from headquarters, they’ll continuously update central databases and enterprise applications with the latest information from the field.
• The role of hardware. Whether they’re traveling or at home base, workers will carry their portable devices with them to stay connected at all times.
• Security. Around-the-clock access to agency information and downloadable apps will require a range of new security technologies and policies, including devices with multiple personalities to wall off and secure personal and professional activities.
• Emerging technologies. Ubiquitous mobile computing could accelerate the adoption of cloud computing and service-oriented architectures (SOA).
• Enterprise architectures. Instead of starting at the core and working outward to mobile users, IT planning will start at the edge and work inward.

This new world will require a modern mobile game plan and updated enterprise architecture to deal with the day-to-day and long-term changes that will result. Mobile technology veterans said organizations should begin now to update their mobile strategies by focusing on five areas where wireless computing will have the greatest effect.

NEXT: Mobile is only as good as the connection.

1. Connectivity Assumptions Recast

What’s new: The Defense Information Systems Agency is leading the way toward a new generation of mobile applications, including ones for command and control of combat forces. But rather than relying on hard-wired desktop PCs, those programs will be mobile-device applets such as the kind you see on iPhones and Android smart phones, said David Mihelcic, DISA's chief technology officer.

The challenge: Traditional Web-centric applications stop working if connections to the Internet and IP-based networks break, which could hamstring users at critical times.

How to cope: DISA and others are creating thin-client applications written for specific mobile hardware and operating systems. The programs will store enough data on the devices so people can work off-line and then automatically sync to central data centers when network connectivity returns.

Unlike Web-based applications, those programs can also take advantage of unique performance or user-interface capabilities inherent to a particular platform.

“The richness of the applications is a little better in a native app [compared with Web-based programs], so the instinct is to go native, especially for mission-specific applications,” said Tim Hoechst, CTO of Agilex Technologies, a systems integrator.

2. Platforms Proliferate

What’s new: Unlike the widespread commonality that exists among Windows desktop PCs, there’s enormous diversity in mobile hardware and their operating systems, in addition to strong individual opinions among users about which combination of hardware and operating system best suits their needs.

“It’s not going to be any one device or any one operating system” that will prevail, said John Pedroza, the Army’s deputy of technology at the Mission Command Capabilities Division of the Future Force Integration Directorate at Fort Bliss, Texas. The group is testing the use of smart phones and tablets in combat operations.

The challenge: Platform diversity complicates IT management and help-desk activities because Android, BlackBerry, iPhone and Windows platforms are incompatible. The problems increase as mobile devices proliferate. “Agencies will go from managing a thousand devices to managing 10,000 devices,” Hoechst said.

How to cope: To avoid potential chaos, agencies need to create policies that balance personal preferences with management and budgetary considerations. Mihelcic predicted that agencies will create lists of approved products and operating systems.

“That will simplify this process significantly, so you don’t have to worry about whether a piece of software will work with a phone,” he said. “We will be able to test those applications much more efficiently.”

But nobody likes to be pushed around regarding the use of a particular mobile device, said Leon Kappelman, professor of information systems at the University of North Texas. He advised IT departments to solicit user input about which mobile platforms to support rather than steamrolling standardization.

“Let [department heads] know that you will support whatever they decide but that nothing else is going to be acceptable,” he said. “That way they own the decision and then go into the enterprise to be the champions of that standard.”

If IT makes those decisions instead, you will end up needing to fix the nonstandard devices that will inevitably show up, even though you have a standard, Kappelman added.

NEXT: Mobile stops being an afterthought.

3. New Apps and Data Flows Arise

What’s New: Agencies are evolving from simply porting slimmed-down versions of enterprise applications to building applications from the start with mobile platforms in mind.

“People are quickly realizing that it’s not just about writing an app on the smart phone," Hoechst said. "It’s about building an information system that happens to have a mobile front end.”

That change in perspective is creating new roles for mobile applications. For example, mobile warfighters won’t just pull data from headquarters; they’ll constantly be relaying important data such as troop movements and enemy positions back to commanders.

“Instead of having to wait hours or even days to get that information up to the higher echelons, they can report it immediately,” Mihelcic said.

Similar two-way data flows and Global Positioning System capabilities will make it possible for civilian agencies to improve field inspections, case management and first-responder effectiveness.

The challenge: IT departments need to revise processes for developing applications to accommodate those new work and data flows and platforms.

How to cope: First, agencies will need to draw on their platform standardization policies to make choices about which devices and operating systems are best for particular applications. For example, a building inspector might require a smart phone with a high-end still camera rather than one that doubles for low-resolution videos, Pedroza said. “The choices depend on the mission and what your objective is,” he said.

Second, agencies should think about democratizing the development of new mobile applications by providing an infrastructure for supporting distributed development of applications, Mihelcic said. He cited DISA’s Forge.mil, which provides collaborative open-source development tools and encourages Defense Department personnel to create applets that others can download to smart phones.

4. Smarter, More Granular Security Rules

What’s new: On-demand access to proprietary information and easily downloaded apps from a variety of sources add to the security threats that enterprises traditionally face.

The challenge: Still-evolving security policies and blurred lines between the personal and professional roles of wireless devices require security approaches that go beyond traditional firewalls.

How to cope: Encryption remains a foundation for securing sensitive data stored on mobile devices or flowing across networks. The National Security Agency created its Suite B software encryption protocols in part to help secure data on commercial devices using IP. To lock down information as it moves across networks, the National Institute of Standards and Technology publishes algorithms for virtual private network encryption.

In addition, agencies should develop and centrally manage security policies that control device usage, including blocking staff members from individual wireless networks or sites deemed unsafe. As long as mobile device and operating system platforms remain incompatible, agencies will need to create individual configuration guidelines for Apple, Android, BlackBerry and Windows products.

Eventually, individual devices might have technologies for creating multiple personalities that give government users the option of conducting personal and professional business on one piece of hardware.

“This half can connect to these networks, and that half can connect to those networks. And never the twain shall meet,” Hoechst said. A precursor of that feature is the ability of the iPhone’s operating system to divide individual applications. If one part becomes infected with malware, the others remain safe.

To control the threat of spreading app-induced malware, agencies should create lists of authorized sources. In some cases, agencies will launch their own app stores that offer special-purpose mobile programs that target the agency’s mission and are vetted for security and reliability.

The Defense Advanced Research Projects Agency is testing such a store for iPhone and Android applications for DOD. It is scheduled to open next year, Mihelcic said. Agencies can also use Research in Motion’s BlackBerry Enterprise Server to host secure programs for the company's devices.

And if a device is lost or stolen, agencies need to remotely wipe it clean of data, contact lists and applications. Third-party mobile device management software includes technology from AirWatch, Trust Digital, MobileIron, the BlackBerry Enterprise Server and Apple’s MobileMe service.

NEXT: How does enterprise architecture change?

5. Enterprise Architectures Evolve

What’s new: Agencies will need to update enterprise architectures to better deal with the dominance of mobile applications and devices and figure out how newer trends, such as cloud computing and SOA, fit into the picture.

The challenge: Most enterprise architecture mapping efforts focus on fixed IT assets and core applications that run on them. Mobile devices and applications are often unaccounted for in future plans of architectures. But that's the part of the architecture that agencies need to consider to efficiently and securely accommodate future mobile capabilities.

How to cope: The Environmental Protection Agency, which already provisions and supports more than 9,000 laptops with wireless capability in addition to handheld devices, avoids breaking down its enterprise into mobile and traditional worlds.

“From an architecture perspective, we need to manage new wireless technologies alongside current in-place technologies and provide consistent support, no matter the physical location of the device,” a spokesperson said.

One way to do that is to view enterprise architectures as a method of facilitating communications between technology and business staffs about a common vision of technology services, Kappelman said.

“There’s so much more value the federal government could get out of their enterprise architecture investment if leadership would understand the importance of this as a management improvement issue and not as something just for IT,” he said.

Enterprise architectures should also clarify the use of cloud computing and SOA in a mobile context. Cloud computing could play a prime role in helping mobile applications connect to agency information.

“It’s a lot easier to provision the connectivity in the clouds using Internet standards than it is to try to do everything in your own data center and maintain" all the service level agreements, Forrester’s Hammond said.

Similarly, some mobile specialists expect SOA will grow in importance in the mobile world because it helps developers create back-end applications that can accommodate a variety of user interfaces and client devices.

“The meat of the systems is offered up to any front end via a collection of well-defined services,” Hoechst said. “That makes the development of mobile apps much more straightforward.”

To promote that flexibility, look for the wider implementation of a SOA development strategy, known as service façades, which publish sets of common, high-level SOA services for allowing multiple devices to access data and applications.

“This architectural pattern is going to become much more important as organizations start to support multiple delivery channels as a regular design principle for their applications,” Hammond said.