Smart phones, BYOD, MDM and enterprise user challenges

Enterprise communication and collaboration for many years has been an exclusive Blackberry market, and though Nokia did try with Symbian powered E-series, they could not make much in-road into the enterprise.  However how people use phones and the type of phones we use has changed drastically after the advent of iPhone/IPad era, and then the old bastions of Blackberry and Nokia have been brought to their knees when Google joined the fun with the Android Mobile OS.

Recently at work I was handed a small assignment to assist in defining the smartphone platforms to be supported as the organization stepped out from the Blackberry era (finally), and to see how popular MDM solutions in the market supported phone management considering the growing trend of BYOD.

While smartphones and apps may have been new innovation to the consumers in North America until Steve Jobs brainwashed all with the IPhone, North American enterprises already had PDAs crowding this space.  But outside North America smart phone platforms specially in the likes of Symbian led by Nokia were booming with rich apps for both consumers and enterprises. However with the iPhone and the masses of phones powered by Android, backed by social media crazy users, the phone (and tablets, phablets, etc.) have become the leading device employees spend time consuming content worldwide.

Duh, Why company provided smartphones for the masses?

Once may ponder why this is even a question, but surprisingly when it comes to providing company funded devices, beyond the senior leadership, the cost between feature phones and even a low end smartphone from a reputed vendor are huge in markets outside Europe/US/China, etc.  Hence senior leadership even in today’s terms question what is the benefit and ROI that the organization gets specially if there are no official mobile strategy or mobile applications that are deployed.  Wonder why, a few things that come to my mind Sarcastic smile

  1. How many times do you drop the company provided blackberry/feature phone? The feature phone you get maybe basic but its reliable and rugged, but cheap smart phones have a very dubious background when it comes to reliability and long term use.
  2. Other than email, does your phone support any other organizational use applications?
  3. Do you need your phone to last a whole day of use without recharging?
  4. Does your company have any mobile apps/mobile compliant web applications that you can use right now on your mobile?
  5. Do you ever log into your company VPN through your mobile and use any web-based or mobile apps on your device?  For that matter are you allowed to log in via the VPN (= VPN licenses)
  6. You most probably will be limiting your personal use of your current company provided phone because of its poor in web, gaming and social capabilities, with a smartphone will you spend more “official” time on personal activities now that your phone can do more cooler things?
  7. You may have a small data package, and corporate mail access maybe through your blackberry capabilities, will you demand more data when you smartphone capabilities and habits start consuming far greater data?

These are testing questions, since at the end is the organization investing on something that has poor returns, and may even reduce your productivity and commitment towards the organization? 

Other costs in addition to the phone to an organization

The questions I posted before, clearly highlight that for an organization its not just the cost of the smart phone, there maybe a need to include a lot more that is the true cost of providing expensive smart phones.

  • a better data package
  • purchase VPN licenses
  • purchase MDM (Mobile Device Management) licenses
  • purchase new blackberry licenses
  • purchase client licenses (CALs) for any applications they need to expose, etc.
  • custom development costs and new app/server costs as the enterprise may need to upgrade its applications to enable the end users to benefit from the smartphone and provide real ROI to the organization (Many company web apps may have been developed purely with the desktop in mind, and may have Adobe Flash/Microsoft Silverlight/Microsoft Active X technologies applied which are not likely to work on your mobile device)

So are there any benefits from providing a smartphone to enterprise user?

So why should an enterprise invest, are there actual benefits?  Some benefits maybe immediate, while some others needs to be considered as a strategic and longer term in benefits.

  • The (smart) phone is a device that is with the employee most of the times, the more capable the device, the better the ability to be productive on the device and respond or act with urgency rather than wait and come back to one’s desktop/laptop
  • Be the platform for pushing native or wrapper (Hybrid) applications for specialized corporate requirements. If your organizations has them already, its about opening it for a larger group assuming compatibility has been tested with the mobile devices certified by the organization
  • Powerful email app that provides near desktop level of capabilities specially in the email viewing aspect (in addition to improved readability, it also allows viewing of embedded files, etc.). This means you can push emails with rich embedded and attached contents
  • Powerful browser that supports mobile and desktop mode with excellent JavaScript/HTML5 support.  This will result in improved browsing experiences, providing good support for any web based corporate implementations to execute with good performance and near desktop usability
  • Lync, Skype, Google Hangouts, Facetime and other video conferencing solution support.  Improved front video and large high res displays facilitate high quality video conference capability supported by new 4G high speed data capabilities on the phone
  • Support for powerful corporate and customer friendly enterprise (and social) messaging platforms (BBM, WhatsApp, Viber, Skype, etc.)
  • Large high resolution displays provide the user with “more to see” along with powerful client apps for viewing rich content (PDF, Microsoft Office formats, video)
  • High level of control through integration with an MDM solution for security and control of devices

Modern OS and enterprise compliance

While users may have a multitude of apps on their smart phones, when it comes to enterprise usage, you can boil it down to some key areas a standard capabilities beyond what maybe offered through custom business apps, which included,

  1. Secure connection to the enterprise Intranet via VPN
  2. Solid and secure email client with desktop level of capabilities
  3. Desktop equivalent browsing capabilities
  4. Microsoft Office editing and viewing applications, with good or 100% compliance in office compatibility
  5. Native support for enterprise favored communication platforms
  6. Support and compliance for enterprise favored collaboration and portal platforms

However modern users are not happy with only restricting themselves with enterprise communication platforms, specially when these do no support communication with external clients.   Here we see end users opting to use social media communication platforms risking security, mainly since end users perceive that there are no solutions that can enable them to achieve them same.

Modern OS capabilities – Enterprise perspective

A very simple table to list the key platform capabilities, and app support an enterprise user may require in their smartphone, your comments are most welcome.

  Apple Google Microsoft Blackberry
OS iOS Android Windows Phone 8 BB OS 10
Current Version 7.x 4.4.x 8.1 10.x
Native Calendar Very Good Very Good Good Very Good
Native Email Very Good Very Good Good Very Good
Native Browser capabilities Good Very Good Average Good
App/Device Backup Cloud + Local (ITunes) Cloud + Apps Cloud Local (BBLink)
Other OS built-in No No No Yes (Android 4.2)
Checkpoint VPN Mobile App Mobile App Only in WP 8.1 Internal VPN client
Lync 2013 Yes Yes Yes Sideload APK, other stores
BB Enterprise IM
BBM Yes Yes No Yes
Viber Yes Yes Yes Side load APK, Amazon
WhatsApp Yes Yes Yes Yes
Facebook Yes Yes Yes Yes
Google Hangouts No Yes No No
Skype Yes Yes Yes Yes
Skype Video Yes Yes Yes Yes
Native Browser Safari Chrome IE 10/11 BB Browser
Chrome Yes Yes No No
Firefox No Yes No Sideload APK
Opera Mobile Yes Yes No No
Opera Mini Yes Yes No Side load APK, Amazon
OneNote Yes Yes Yes No
Microsoft Office Mobile Free* Free* Free No
Office compatible editor apps Purchase* Free* No Free (Docs to Go)
Portable Hotspot Yes Yes Yes Yes
USB tethering No Yes No Yes
Mass storage mode No Yes Yes No
LinkedIn Yes Yes Yes Yes
Official SharePoint Mobile Compatibility Safari Android Browser IE Mobile No

Blackberry BB10 devices have the unique proposition that since the 10.2 update, they are able to directly install and run android APK files, since the Android 4.2.2 runtime has been licensed by Blackberry.  However Blackberry does list any Android apps directly, however it seems some of the apps that made it into the BB10 such as Skype are Android ports rather than native apps which harnessed these capabilities.  There are many informal work around which include installing the APK of the third party app store apps, installing the Amazon app store app, which maybe far to complicated for normal end users.

Windows Phone 8 is a evolving platform, and the early releases were very poor in some basic smart phone capabilities though the OS is very simple and nice to use.  However with the most recent 8.1 release, a lot of features that an enterprise user will require has been introduced or improved including a powerful calendar app (the one in Windows 8.0 was horrible), VPN support (yes shocking that it was missing!), improved notification capabilities, improved Browser (IE11, though alternative options are missing), etc.

Enterprise collaboration

From an enterprise collaboration point, SharePoint is the only one listed in the comparison, but SharePoint is just one of the platforms in today’s enterprise collaboration needs. SharePoint support for non IE platforms have been poor with SharePoint 2010, but has improved with the newer release (SharePoint 2013).  However Microsoft uses ActiveX controls to allow desktop like use via the IE browser, and this means you don’t get that same usability when it comes to consuming SharePoint on a mobile device (and for that matter any non IE browser on your desktop, or on a non Windows platform!).

However most web-based collaboration platforms “should” run fine in modern smartphone browsers, but again “should” is the word.  You may find that,

  1. The collaboration portal may require you run them in “Desktop compatibility mode” rather than mobile to use them properly. 
  2. The platform internally maybe using third party components which fail to work properly on the mobile browser on your device
  3. Modern mobile browsers vendors are having a raging war to be the “Fastest” has resulted in them focusing on benchmark tool tweaking than true compatibility with standards and performance.  This means while your collaboration portal may be properly engineered, this tweaks may cause the portal not to work fine on your mobile browser
  4. Layout, “Data intensity” and “Heavy nature” of the solution.  The solution maybe geared with heavy data use, and pages with complicated and large amount of content, which may pose a challenge to your mobile browser both in the screen area

Why an MDM (Mobile Device Management) solution?

Many enterprise users would be familiar with how the organization imposes restrictions specially on what you can do your laptop and workstation.  Controls include the type of password, the ability to install/uninstall programs, features of the operating system exposed to end users, etc.

The growth of the mobile as tool that allows you to access and run applications that you usually did on your workstations would thus require the same or even greater level of security is not a surprise.   The MDM tools provide this capability, and the capability differs depending on the tool.  However common capabilities include,

  1. Ability to erase the phone remotely (level of granularity may differ on what is erased)
  2. Enforce a password / lock policy on to your device
  3. Deploy corporate applications on to your mobile device

Newer solutions geared specifically for smart phone platforms are now providing capability to align with the growing BYOD challenges, of controlling enterprise apps and data from user’s personal apps and data.  However such tools are currently limited on platform supports as this has become a key marketing criteria for smartphone manufacturers.

MDM solutions include Microsoft System Center/Intune, Blackberry Enterprise Service, Samsung Knox EMM, Airwatch, Fibrelink MASS360, MobileIron, Meraki Mobile Solution, etc.

BYOD and its impact to the enterprise

BYOD (Bring Your Own Device) is not something new, as many of us would have taken a second phone in addition to the company provided phone.  However with BYOD, the entire concept of a company provided phone is vanishing as employees are bring their own devices, which are hooked into the enterprise. This poses threats as well as challenges to the enterprise IT teams, in that

  • How do you separate the personal data and apps from enterprise apps
  • How do you implement and enforce company policies such as password/lock policy without interfering with the employees customizations
  • How do you erase data without erasing the employees favorite games, and apps when they leave?
  • How do you ensure the employees personal apps do not have access to the enterprise data


The article to me scratches the surface of these topics, since its based on the high level research done.   Comments from any one who has been more deeply involved would be great !