5 steps for easing gadgets into the enterprise

By John Zyskowski

By John Zyskowski

|

These steps can help agency IT departments gain the upper hand on the smartphones and tablets invading the enterprise.

Cloud computing might be dramatically reshaping how agencies provide IT services to their employees, but it’s a sea change that most government workers will never notice taking place.

That’s not true for the other big trend playing out right now: the consumerization of enterprise IT. In this case, it’s the end users who are driving the change — literally from the palms of their hands — and it is the IT department that needs to get clued in.

The consumerization of IT refers to people wanting to use their Apple iPad tablets, Android smart phones and other wireless handheld devices at work just like they do at home. It is as simple as people wanting to access information, exchange messages and take care of business wherever they can get a wireless signal, which these days means just about anywhere.

But the small devices raise big issues for IT departments that must ensure that government business is handled effectively and securely. Some agency IT officials want to keep consumer devices at bay. Others view them and all they represent not as a threat but as a great opportunity to boost workplace productivity and maybe even save some money.

“There is the consumer application, but that doesn’t negate the serious business relevance of these tools,” said Casey Coleman, CIO at the General Services Administration.

In some ways, smart phones and tablet PCs are turning the traditional rules of enterprise IT upside down, but that is hardly a bad thing. Here are five ways the IT department can get into the driver’s seat when it comes to consumer mobile technology in the workplace.

1. Deal with it!

Two influential constituencies will make an IT department’s resistance to using consumer technology in the workplace a losing proposition: end users and the big bosses.

Government employees, especially younger ones, increasingly expect to use the same kinds of mobile devices — if not the exact same ones — at work as they do at home.

“They expect you to provide reasonably modern technology tools,” said Gene Zapfel, a managing partner at Unisys Federal Systems.

The reason is simple: Employees know how productive they can be when they can communicate and access information from anywhere. Deny employees workplace use of mobile devices and many will use them anyway without the IT department’s blessing or support, often placing agency data at risk because the devices are inadequately secured.

The rank and file are not the only ones hooked on handheld devices because of the easy-to-use interfaces, affordable price tags and batteries that last an entire workday. Many senior executives own and love them for the same reasons.

Yet officials are acutely aware of the gap between the device capabilities a few hundred dollars buys and the enterprise IT systems that might have cost millions of dollars to develop, said J. Travis Howerton, chief technology officer at the National Nuclear Security Administration (NNSA) and CIO at the agency’s Y-12 Site Office. That gap puts agency IT departments in a tough spot.

“You can’t be higher cost but lower capability,” Howerton said. “You’ll have a major perception and credibility problem.”

2. Standardize, but not where you think

A year ago, the typical advice for managing mobility from an enterprise perspective was to standardize on a small number of portable devices because it would make procurement and management more cost-effective and efficient. That’s not the case anymore because of the new administrative and infrastructure tools available, several agency IT executives said.

Now the recommended place to standardize is in the data center, where data, applications and security settings can be doled out centrally to a variety of endpoint devices using a virtual desktop infrastructure (VDI). That is the plan at NNSA, GSA, the Census Bureau and many other agencies.

“I can leverage my cloud on the back end to deliver a virtual desktop to the user’s device,” Howerton said. “No data ever leaves the data center. All you’re getting is the screen shots coming in on the virtual desktop.”

With that approach, NNSA can be device-agnostic and allow employees to use the wireless gadgets they prefer, Howerton said. Of course, that means the agency must choose a VDI solution that supports as many device types as possible.

3. Let users break out the plastic

Being device-agnostic also opens the door to a radical new idea: letting end users be responsible for buying the mobile devices they use at work, with either their own money or an agency stipend.

“The current budgetary restraints, along with the purchase of the iPhone and Android devices by consumers, presents a perfect storm for an individual-liable device trend to truly gather momentum in government,” said Adelaide O'Brien, a research director at IDC Government Insights.

Former Federal CIO Vivek Kundra took a lot of heat several months ago for suggesting this very idea. He said agencies could give certain employees $2,000 to buy a mobile device they could use at work and home. Now, less than a year later, several agencies are figuring out just how to make a bring-your-own-device program work.

NNSA has a pilot program that allows selected employees to use their personal smart phones at work, subject to certain security conditions. Howerton said he would also like to get a “replacement” policy going: “I want to be able to support your personal iPhone but then take back your [agency] BlackBerry,” he said.

That could be a win-win arrangement, he added. Employees get to use the device of their choice, provided they agree to run agency-controlled software that creates a work-only partition on the device. In exchange, NNSA could get out of the costly business of buying, managing and tracking every device its employees use.

“In most cases, that trade is positive in my direction,” Howerton said.

Right now, NNSA employees participating in the pilot program pay for their devices themselves, but Howerton said the agency might provide stipends to workers who have specialized business needs.

As part of its pilot program, GSA allows employee-owned devices at work under certain conditions, but officials are interested in providing allowances for some employees.

4. Cover all the security bases

Security needs to be the top priority in any mobile device plan, Coleman said. Moreover, there are several elements that a security strategy must have. For example, GSA will only support devices that can encrypt data and offer strong password protection.

An agency should also have a system that lets the IT department track the whereabouts of devices in case they are lost or stolen, ensure that they are up-to-date on software patches and verify that required security settings are turned on, Coleman said. That system should also have a feature that lets administrators remotely wipe the data off a device if it is compromised — a required agreement for employees who want permission to use personal devices at work.

That kind of user agreement is fast becoming the norm among agencies developing mobile programs, Zapfel said.

One part of the security puzzle that is still developing is the integration of handheld devices with agencies’ personal identity verification smart cards. GSA requires that all its laptop computers have card readers so that logging in involves two-factor authentication via a PIV and a password. Coleman wants to have two-factor authentication for smart phones and tablet PCs as well, but those features are not yet commonly available on commercial devices.

5. Deliver the apps

If handheld devices are going to become serious business tools, they must be able to run serious business applications. Developing a handheld apps strategy is Coleman’s second priority, after security. “You need access to your critical business tools and information,” she said.

The question becomes how best to provide that access, especially when most agency applications were designed for end users sitting at a desk, Coleman said.

Howerton cautions against trying to pick winners among the mobile operating systems. “I think trying to convert your internal apps into native mobile apps is a waste of time because the [handheld operating system] market is fractured,” he said.

Instead, the better bet is to Web-enable those older apps now, which would allow you to easily convert them to the forthcoming HTML5 standard when it is ready in a couple years. “That will allow you to run them as native apps across every OS,” Howerton said.

Agencies might be playing catch-up when it comes to consumer technology in the enterprise, but what they should really be doing is thinking ahead.

Read more of the 2011 Federal List.

NEXT STORY: CBO estimates cost of DATA Act

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.