Today, Enterprise mobility perches at the top of most CIO priority lists. Enterprises across sectors are realizing that EMM is a necessity today and have set out to chart their strategies. But are the solutions available in the market good enough and what does the CIO expect out of a good Mobility Partner?
Smartphones and mobile devices have virtually transformed the way we function on a number of aspects today. Both organizations and consumers are now equipped with the agility, flexibility and capabilities of computing on a handheld device. With increasing proliferation of smartphones and high speed wireless internet, applications today are reaching every human pain point, improving productivity, efficiency and experience both across homes and businesses.
Businesses are undergoing digital transformation across every sector and are looking to embrace the productivity and flexibility offered by enterprise mobility. As per recent reports, the India enterprise mobility market is projected to grow with a CAGR of around 25% through 2022. This growth can be attributed to growing internet and smart phone penetration, emerging mobility trends such as BYOD, CYOD, BYOA, and surging data telecommuting needs. This is supported by demand for increasing workforce productivity and cloud workspace along with consumerization of IT is poised to propel enterprise mobility management among Indian organizations.
Today, Enterprise mobility perches at the top of most CIO priority lists. Businesses across sectors are realizing that enterprise mobility is a necessity today. As per the IDC’s analysis, over 50% of enterprises today rate enterprise mobility as a high priority area. From a business, not enabling the field force with decisive data and information would eventually mean losing out to a rival who has done so.
While the adoption of enterprise mobility in India has been slow among the major economies, it is picking up of late. IDC’s deep analysis on the Asia Pacific Region for 2017 establishes that enterprise mobility in Asia Pacific represents one of the fastest-growing markets across the region. Mobility is taking the top spot as a technology priority for enterprises. The report also identified that 37 per cent of the Indian organizations have rated enterprise mobility as high priority.
How Mobility is changing the Enterprise landscape
Indian businesses are on a constant look out for ways to bring in efficiency and integrate digital solutions in processes. As Makrand Joshi of Citrix explains, “Enterprise mobility management in particular has climbed up the ranks in terms of business priority. Organizations are always looking for ways to offer flexibility to their employees while ensuring productivity.”
“Enterprise mobility management has climbed up the ranks in the Enterprise IT landscape in terms of business priority. Organizations are always looking for ways to offer flexibility to their employees while ensuring productivity.”
Area VP and Country Head
India Subcontinent, Citrix
As digital enables smarter and more connected processes, today’s workforce can no longer be limited to a static work station. With smart devices, multi-tasking, working remotely and working on-the-go are not a difficult task and equally productive. “Enterprise mobility continues to sit at the top of a CIO’s priority list. Along with being a major growth contributor, it also represents a change in the way work is typically viewed.” Makarand continues, “Today, work has moved beyond the cubicle and is a seamless process irrespective of location, network or time. Owing to this pace at which organizations have been evolving with work patterns, the onus falls on the CIO to ensure that a secure environment is created for the mobility function.”
Saravanan Thambusamy, VP IT, Allsec Technologies explains how mobility is a big part of enterprise operations today, “Mobile devices host most transactions that happen on the ground especially with the employee-on-the-go and his/her workflow approvals with Direct Manager. It helps Time and attendance regularizations – which if not attended to on time would result in pay cuts. The anytime-anywhere-any device helps employees and managers attend to cut-offs and deadlines far more effectively than the traditional desktops would allow.”
Zakir Hussain, Director, BD Software which is the country partner for Bitdefender says, “Today, mobility is playing track role for Business transformation. With the boost to mobile coverage and quality, it has become a useful tool in business which has started with business mails and many more following are some of the important benefits of Mobility.”
Key benefits of EMM for businesses include Improved Communication, Availability, Trackability, Sales force Management, Mobile workforce, Logistics, inventory and stock control, Auditing and compliance. Business processes that can be mobilized with enterprise solutions today include Sales force automation, Field service automation, HR management system, Lead management system, Dealer management system, Consumer applications; Location based services, Business intelligence & Analytics etc. Today, enterprises need productivity to increase rapidly. Enterprise mobility helps businesses build their work in a progressive way. In India EMM is becoming important tool for manageability. As Mobility is becoming part of business tools, CIOs’ priorities are changing. Business houses are investing in EMM solutions as infrastructure is being exposed to outside world.
“Today, mobility is playing track role for Business transformation. With boost to mobile coverage and quality, it has become a useful tool in business, starting with business mails and transferring to many more important benefits of Mobility.”
BD Software (Country Partner for Bitdefender)
As per Parveen Kumar Sharma, CTO, ICAI, “Mobility gives a new life to the business by simplifying the operational process and improving employee productivity. The way employees do tasks transforms when mobility is included in the business processes. Mobile Apps have simplified the way customers shop for products and services.” KNP Securities CIO Vivek Dharia opines that with collaboration of the power of mobile and cloud applications, businesses like KNP can empower business in rural and remote areas.
Balvinder Banga, CIO for Sonata Finance explains how crucial an aspect is mobility to the business. “We are into Microfinance (NBFC) registered under RBI NBFC, lending money to rural areas. Our customers are not in position to visit the branches. Our Business Representative Officers need to visit to them and entire lending process has to be conducted over the mobile application. Microfinance cannot survive without Mobility.” Mobility helps customers of organizations like Sonata Finance for fast customer on boarding, proposal process and approval process. From a decade ago when it would take weeks in disbursements due to offline processes, with mobility, disbursement can be in a less than a day. Thus Mobility helps in improving customer satisfaction too.
With business function not just limited to office HRS, the extension is due to availability of enterprise mobility applications like mobile ERP app to raise or approve requests, access data, provide on the go analysis and reporting etc. “It opened a whole new dimension to enable us to operate in timeless and place less business operations,” remarks Arvind Kumar, Director IT & Innovation at Elior India.
Why mobility is a constant CIO headache
Initially focusing on Mobile Device Management (MDM) and subsequently broadened to encompass Enterprise Mobility Management (EMM), CIOs have grown to address issues that arise with a mobile workforce. But security breaches continue to make the news almost daily, and the mobile enterprise continues to evolve with wearables and other IoT devices plugging into enterprise networks, and ever more workloads and data being deployed in the cloud.
India is amongst the most price sensitive markets. A mobility initiative does not entail trivial cost. From procuring hardware, cloud based infrastructure, adapting the enterprise backend systems, upfront cost of mobile application development, systems integration, licensing etc. Unlike most on premise models most enterprises are used to deal with, enterprise mobility has an equally large fixed and recurring cost. While the hardware procurement, development of enterprise grade mobile apps, service cost for systems integration contribute towards the fixed cost. Hosting and licensing are major contributors to the overall recurring cost. Large upfront fixed cost is a major hurdle for SMEs with a small number of end users. The recurring cost is a major hurdle for large enterprises where the recurring cost is directly multiplied by the total number of users. Enterprises operating on the on premise model, are not very convinced about the cloud based mobility solutions. Reliability and accountability is also a major concern that is stopping from enterprises adopting mobility.
“Most importantly, a clear plan and awareness is required and it has to start with how the mobile application is going to meet our business objectives and be an asset to the function it is being deployed for.”
Chief Information Officer
Some of the critical challenges with mobility management include mobile security, Providing real-Time access to data and availability 24 x 7 x 365 basis.
Mobile devices are inherently vunerable and provide attackers with direct access to corporate network, passwords, personal information and other sensitive data. As Vivek Dharia explains, “Security of information and awareness of company enterprise policy is main challenge before going for developing and implementing a mobile application.”
Enterprises today cannot ignore mobility because it acts as unmatched catalysts for the growth of business. With the increase of changes in the mobile gadgets and OS supporting mobile, there is always a chance of failure in user experience. CIOs need to work on latest dynamics very fast along as changes comes in a way to hardware. Balancing the user experience and user adoption is very critical factor where the ROI depends.
As Arvind Kumar explains, managing mobility is not difficult till you are working for single geography and single business vertical operations. But it become issue while you need to manage different business verticals win different geographies due to different work policies to every business vertical. “Due to increasing demand of mobility, organizations allow BYODs and it become more challenging to manage hybrid environment for same set of mobile policies as you need to manage organizational fully controlled devices along with container based environment without compromising organization data security policies and user access control.” Citrix’ Makarand Joshi understands that security is probably the biggest issue in EMM, “However, while these devices offer to be interactive systems for employees, they can also prove to be a security nuisance. CIOs are most concerned about employees bypassing security protocols. Further, every device differs from the other. While some can handle the data traffic, it can be a major hurdle for others. This calls for an IT gatekeeper or a CIO to organize the chaos and make sure that employees are trained and educated about the security policies and accepted practices.”
As per Zakir Hussain, “Enterprise mobility management is the collection of technologies and services that safeguard enterprise data accessed and used by employees’ mobile devices. Some of the Core components of EMM are Implementing Mobile device management, Mobile security, Mobile User experience, Mobile applications. The Challenges of adapting EMM are Understanding Organizations need, IT budgets, Complexities and Implementation of the solution, Laying Most suitable enterprise mobility policies.”
“We adhere to and ensure that our strategies are in place from BYOD Implementation, Dedicated Help Desk for Mobile Users, Access to Critical Legacy System, Incentives and Programs/ Reviews for User Adoption and On-demand Training for Contractual Employees”
Chief Information Officer
How Indian CIOs and CISOs are tackling the issue
The need to have an ably managed mobility strategy is crucial to ensure that there are not major breaches. The first component in this regard for a CIO is employee awareness and management. Internal attacks are among the top threats. It’s incredibly easy for people who already have access to sensitive data to abuse it or lose it. The second component is to ensure there are no unsecured mobile devices in the enterprise network. CIOs constantly grapple with the need to maintain a high level of security in the business with increasing number of mobile devices in use. Cloud Storage Applications are the next component, and integral due to its place in enabling Mobility. CIOs should be extremely careful and diligent in their approach of choosing a reputable cloud storage company that encrypts data and reduces the risk of data leakage. A major gap that results in mobile breaches are Third-Party Service Providers using low- security methods, such as a default password for all client accounts resulting in the risk of stolen security credentials and a number of other threats. Lastly, CIOs need to equip enterprise devices and endpoints with anti-virus and security software. That way, if an employee accidentally clicks on a suspicious file, the endpoint software will provide another layer of security to offer another opportunity to prevent the breach.
Indian CIOs have been tackling the issue of secure and efficient EMM through different approaches. With security being a shared responsibility, awareness programs are growing across businesses. As Parveen Kumar Sharma of ICAI opines, “Security is everyone’s responsibility in an organization. We conduct security awareness training programs on regular intervals to ensure that the entire employee force is well informed about the hazards related to the irresponsible use of their mobile devices linked to the enterprise network.” KNP Securities CIO Vivek Dharia believes there has to be a well thought out strategy behind implementing EMM and it has to start with the applications. “Most importantly, a clear plan and awareness is required on how the mobile application is going to meet our business objectives and be an asset to the function it is being deployed for.”
Sourabh Tiwari, CIO, Overseas Infrastructure Alliance believes EMM has a number of key parameters that need to be addressed to ensure a smooth operational environment. “We adhere to and ensure that a number of strategies are in place from BYOD Implementation, Dedicated Help Desk for Mobile Users and Mobile Access to Critical Legacy System, to Incentives and Programs/ Reviews for User Adoption and On-demand Training for Contractual Employees”
“No single awareness program is complete and adequate. Security is not just a technical problem, it’s a people problem. We encourage our management and board to address security concerns in their regular meeting with employees.”
Balvinder Singh Banga
Chief Information Officer
Balvinder Banga thinks that no campaign can be adequate if the onus doesn’t come from the organization’s workforce. “The answer to this question is Yes but No because no single awareness program is complete and adequate. I read somewhere that Security is not just a technical problem, it’s a people problem. I think this statement is true and correct,” he continues “In our organization, we plan Security Awareness Camps and Programs quite often. We regularly send mailers, presentation to our employees. Security is no longer luxury need. I believe this is necessity now for an enterprise. It has to initiate from top to bottom rather bottom to top. We encourage our management and board to address security concerns in their regular meeting with employees.” Arvind Kumar of Elior is of a similar opinion and believes mobility users in the enterprise need to be made fully aware of the nuance of security. He states, “User are not fully aware of mobile security but it’s time we make them understand the today’s smart phone is just like a PC. So the need to secure it is the same way as we do for Desktop or laptops. We do communicate time to time about securing the mobile devices and things to take care in this regards.”
The Solutions on the Market today
Strategic trends in the B2B space like mobile applications, mobile enterprise security management, consumerization of IT and machine-to-machine solutions are influencing the market big time. CIOs are evaluation actionable insight into the capabilities of enterprise mobility solution providers. CIOs are thus looking to build critical mobile applications that can help them leverage mobility in the most efficient way. In CIO conversations, vendors always find a few issues that are constant and high on the action list: Data Security, Digitalization of Business Processes and Cloud adoption.
The main apprehension among CIOs when choosing the right EMM vendor or solution is mobile security. The breaches can have a diverse range of reasons like lost or stolen employee devices which need legitimate forensic recovery tools to safeguard sensitive information. A good EMM solution needs to be efficient in checking application vulnerabilities as malicious mobile app due to insufficient security testing can allow access to critical or sensitive content. Last but not the least, EMM solutions need to offer good security against insecure web services where hackers can attack the underlying web services of apps, if secure design principles are not followed across layers.
“CIOs need a solution that offers the security required at an organizational level, and also at individual level (the CFO versus an intern, for example). At the same time, they need to make sure that security doesn’t get in the way of productivity and collaboration.”
As per the CIO community, the common sentiment is that EMM solutions valuable on the market today are fairly good but need a number of improvements. As Arvind Kumar points out, “All EMMs today are just to manage or control devices functionality in terms of application and features, but none provide security of device along with management. You need to install other applications to protect the mobile device e.g. AVs, cleaners etc.” This is reiterated by Balvinder Banga who believes EMM solutions should unify services to ensure the CIO gets most out of the deployment, keeping the solution as simple as possible. He opines, “I don’t think, EMM needs to improve at Scalability Challenges. If you have multiple products in your organization with different sets of security requirements, it makes it difficult to manage on a single device. Need of unified solution is necessary.”
Deciding on an EMM solution isn’t easy. CIOs need to satisfy many requirements, from all parts of the business function. As Saravanan Thambusamy of Allsec Technologies points out, “They need a solution that offers the security CIOs require at an organizational level, and also at the individual level (the CFO versus an intern, for example). At the same time, CIOs need to make sure that security doesn’t get in the way of productivity and collaboration. They need to find a balance between price and performance.”
CIOs must carefully consider the path to a new solution– the services and support they need to make the migration, and the ability to leverage, where possible, any EMM tools already in place. Lastly, CIOs need to make sense of the deluge of information they receive throughout your decision-making process.
Role of a good EMM technology partner
Not every organization today has the required expertise to build an effective mobile strategy from the ground up. CIOs from smaller or lesser quipped organizations require the assistance of enterprise mobility solutions providers who can gauge their specific requirements and help them develop effective enterprise apps. The role of the EMM vendor as not just a solution provider but a technology partner is becoming ever more crucial in the enterprise function.
“We conduct security awareness training programs on regular intervals to ensure that the entire employee force is well informed about the hazards related to the irresponsible use of their mobile devices linked to the enterprise network.”
Parveen Kumar Sharma
CTO and Consultant IT
Indian CIOs today are looking for a holistic approach from EMM solution providers wherein the partner covers all the aspects of mobility management rather than just MDM or security or one or the other. As Arvind Kumar of Elior explains, “EMM partners should provide holistic security cum management solutions rather than just MDM. Since enterprise data resides on mobile devices or in containers is vulnerable and may cause harm to enterprise.” Ajay Yadav of ARIL reiterates the sentiment, “The job of a good EMM partner is to provide security, management and monitoring of mobile apps content and email on mobile devices and protect against advanced mobile security threats and malicious apps. They should enable organizations to implement granular browsing policies across the devices and locations.”
Balvinder Banga mentions core parameters related to mobile security he believe EMM partners should ensure, “EMM Solution provider needs to support on parameters related to security like User Privacy Protection, Methodology of Development/Shipping a new changes on application and striving to build a Unified Solution for different devices and their OS version.” Sourabh Tiwari of OIA supports this expectation and believes, “Ensure delivery of security measures like Access policy management, Network and application firewall and SSL encryption should be norm for an EMM vendor.”
“EMM partners should provide holistic security cum management solutions rather than just MDM. Since enterprise data that resides on mobile devices and containers is vulnerable and may cause harm to enterprise.”
Director IT and Innovation
CIOs want the EMM partners to be fellow strategists, who sit down with them and help them chart out the course of mobility deployment and an efficient operational plan. As Vivek Dharia states, “EMM partners should give a clear foolproof security plan, highlighting things like where loss or theft of device data is happening, location accuracy of device plus security of network and usage permission mentioned.” EMM solution providers should help in understanding mobility needs of the organization, the needs and limitations of the CIOs IT resources and then work on it to accordingly suggest the appropriate solution.
Approach of Indian organizations moving forward
For Indian organizations and their CIOs, planning a good EMM strategy should revolve around three core pillars: Prioritize, Strategize and Secure. When looking to expand mobility capabilities of their organization, CIOs should prioritize the mobility initiatives based on target audience (customers or employees). This is paramount before a CIO sets about focusing on efforts in preparing the business plan and estimating the infrastructure requirements. In today’s cloud enabled enterprise IT space, small and medium enterprises are implementing mobile technologies with increased efficiency due to Cloud enablement. CIOs should evaluate whether they have the required skills to implement in-house or outsource it to third party vendors. Focus areas that drive internal efficiency include Management and Security, Judicious and Selective Outsourcing of Support Functions and Driving Compliance for Mobility Devices to existing Enterprise IT standards.
The final step in their EMM approach for a CIO is to ensure complete security across all aspects of the solution. For a dynamic EMM solution, the security needs to be equally dynamic. With increasing mobile users, today businesses have more data at the edge of the network. This increases the chances of data security and privacy breaches. One of the top priorities for CIOs is to manage these risks. This can be done by expanding existing security solutions across several mobile sub segments to a) Effectively address concerns related to devices that are lost/stolen; b) Access corporate data from unsecured external networks and, c) Misuse of corporate data stored on personal devices.
“The job of a good EMM partner is to provide security, management and monitoring of mobile apps content and email on mobile devices. They should enable organizations to implement granular browsing policies across devices and locations.”
Head IT (North)
To ensure a secure EMM plan, CIOs should themselves focus on adding new layers of security artillery to their arsenal. As Makarand from Citrix suggests, “Along with ensuring the efficient communication of security policies of the company, CIOs must also make use of technologies like analytics to keep a close watch on suspicious patterns, that may indicate malicious activity within their systems.” From Saravanan Thambusamy’s point of view, establishing a secure a secure mobile environment within an organization has multiple tenets to it. “It probably starts with a first step like having a MDM/EMM in place. Other aspects include full visibility in terms of malware protection, alert mechanism on problem traffic, setting up security standards for a BYOD setup and finally, having a holistic view using a bigger system, such as a security information and event management tool.”
BitDefender’s Zakir Hussain points out that to “ensure a secure and efficient Mobility Environment; CIO should have a fool proof strategy for the Solution. Some of the Key areas CIOs should keep in mind are: understanding Organizations need; keeping in line with IT budgets; comprehending the complexities and implementation of the solution, charting out and laying most suitable enterprise mobility policies and choosing best suitable solutions available in the market. This basically transcends to implementing mobile device management, mobile security, mobile User experience, and mobile applications as per the need of the Organization.”