Page 2By CIOinsight | Posted 11-01-2004
Come Together with a Mobile Strategy
How much insight do you have into your mobility strategy? Can you even call it a strategy? Or is your company, like almost half of all large organizations, scrambling to keep up with the myriad devices that your employees bring to work?
Consider this: According to Gartner Inc., by the end of 2004 the number of Wi-Fi hot-spot users worldwide will have tripled, to 30 million, from 9.3 million in 2003. Also by the end of 2004, more than 50 percent of professional laptops will have WLAN capability. Cell phones, BlackBerrys and a host of slick, new wireless PDAs are flooding the market. But according to Yankee Group, only 52 percent of large organizations have a centrally managed strategy for mobility and wireless.
Despite the ever-increasing demand for wireless in the enterprise, mobility is still far from strategic nirvana. Most companies have yet to justify the cost of mobility. To make matters worse, there's virtually no way for an enterprise to track the total cost of ownership of mobile devices. Hardware carries a fixed cost, but access charges vary widely and are often paid for through expense reports, rather than through a central accounting function. And many companies leave mobile phone procurement to individual business units, offering the IT department a clouded view of who has what, how much each department is spending, and whether or not the money has been well spent.
Meanwhile, as more and more employees buy "smart phones"PDAs and cell phones in oneunder the CIO's radar, and use wireless laptops to connect to far-flung corporate networks, enterprise security deteriorates. Hackers can sniff out unprotected connections and gain access to a company's systems, often without the mobile employee ever knowing about it. "It's a security nightmare," says Stan Schatt, an analyst at Current Analysis, a market research firm, adding that the split of mobility management between the IT shop and business units doesn't help. "Most companies have different people looking at different parts of the problem. Some control the telecom budget, other people look at wireless LANs, and there's very little coordination between the two, even though both are essentially dealing with wireless communications."
These issues have put mobility at the top of most CIOs' already long list of worries. "They are freaked out," says Gartner Vice President Ken Dulaney. To get a handle on it, CIOs need to develop an enterprisewide strategy that puts mobility management in the hands of the IT department, allowing IT to properly equip mobile workers, uphold corporate security practices and manage connection costs for everyone in the mobile workforce, whether they're working on laptops, PDAs or five-year-old cell phones.
Centralizing will require top-level support as well as input from all areas of the businessoften a tough task. But laying the groundwork for a mobile strategy will enable CIOs to leverage the investment their companies have already made in mobility for true business value. Not only can a centralized mobility strategy cut costs and improve security, but gaining greater insight into the behavior of your mobile workers can help generate revenue and streamline business processesand that can give your company a competitive edge.
Before you do anything, get an assessment of your company's wireless assets. Who has wireless devices, and how do they connect to your systems? Mapping this information will give you a good idea of which service providers are already being used, which devices your employees feel most comfortable with, and which devices and service plans should be formally supported. Gartner's Dulaney suggests a three-tiered approach to device support: fully supporting one small set of devices, partially supporting a broader second set, and banning all other devices.
But don't assume that just because IT is managing the mobility strategy that it has to actually pay for the devices out of its own budget. Analysts agree that while policy and management should come from the IT shop, business units should ultimately pay for the hardware. This will force each department to think twice before it needlessly equips workers with mobile devices. That is a key part of the mobility strategy at Diageo North America, a subsidiary of Diageo plc, the $16 billion London-based producer of Smirnoff vodka, Guinness stout, Captain Morgan rum and Tanqueray gin, among others. "That's part of the reason you don't see [all] 4,000 [of our] people with BlackBerrys," says David Bilger, senior vice president of global delivery for the Americas.
As for wireless connectivity, centralizing the mobile strategy will allow companies to negotiate better rates with service providersmost likely for a flat fee rather than per minute. The savings can be significant. For example, at Adventis, a Boston-based strategy consulting firm with 125 employees, CIO David Rossien chopped remote access costs in half by partnering with GoRemote, which offers a flat fee for Ethernet, Wi-Fi and dial-up connections for mobile workers. And at Ketchum Inc., an international public relations firm with about 1,100 employees, Vice President of Technology Services Pete Donina estimates that his rollout of Corp-orate Access from iPass Inc. (a remote-access aggregator), currently in use by 250 employees, is saving the company roughly $4,000 per monthslashing its connectivity costs by roughly two-thirds on both wireless and dial-up.
At Cox Communications Inc., the nation's fourth largest cable and Internet service provider, with more than 6.5 million subscribers, executives saw the need to increase customer satisfaction in field service, says Michael Kovash, Cox's senior IT project manager. In fact, he says, "our customers reached out to corporate several years ago and asked for greater synergy." So the IT department developed a plan. "In the past, a technician would arrive in the morning and there would be a stack of orders for him to take out," says Kovash. Because of the lengthy processing time, service appointments had to be made weeks in advance, and there was no way to let customers know exactly when the technician would arrive at their doorstep. But through a partnership with wireless service provider Padcom, Cox refitted about 3,000 of its mobile technicians with wireless PDAs so they can receive orders in real time wherever they are. "Now the technicians have a wealth of information at their fingertips where, in the past, they had to call someone." Customer wait times have been reduced from four hours to one.
As companies add new mobile devices to their networks, security is further compromised. Not only does it become more difficult to monitor who's connecting to your systems, but as viruses and worms continue to plague companies, mobile devices are a growing part of the problem. The first mobile threats appeared this year, including the Brador-A Trojan, which affected Pocket PCs; the Duts virus, which infects executable files on wireless PDAs; and the Cabir worm, which uses Bluetooth's always-on connectivity to copy itself to other devices. Though it's unclear exactly what, if any, effect the malware had on corporate systems, analysts say these examples foreshadow problems to come.
Meanwhile, Bluetooth may be a greater threat to security than companies realize. "Bluetooth is reaching out constantly for other devices, and will connect with any Bluetooth device even in a public location," says Schatt. "That can compromise information that's on the phone, such as corporate phone numbers and even proprietary information. It can be a major loss for companies." Schatt adds that even when inside a company's corporate firewall, Bluetooth or wireless LANs, if still enabled, could create massive security risks. "Let's say you have an employee with a wireless LAN card. They come in and attach to the network through an Ethernet cable. Unless it's configured carefully, it's possible that the wireless card is still broadcasting at the same time as they are connected to the wireline. So they bypass the firewall entirely, creating external threats." While no companies have owned up to a security breach of this kind, security experts warn that unmanaged Bluetooth deployment invites "bluesnarfing," which gives hackers access to poorly secured mobile phones. And simply making your Bluetooth device undiscoverable won't stop a determined hackera program called Redfang can sniff out open but hidden Bluetooth devices.
As part of your security strategy, determine which internal systems can be accessed from outside the corporate firewall. This should depend on two things: Who is accessing the information, and how secure is their connection. Companies such as Caymas Systems Inc. have developed wireless identity management systems that verify employees' status before allowing them access to sensitive data.
At the Law Enforcement Support Agency (LESA) in Pierce County, Wash., it's the job of Mark Knutson, assistant director of IT operations, to coordinate efforts between police, forensics experts, emergency responders and the court system12 separate law enforcement agencies in all. Since 1997, the agencies have pooled their resources and paid LESA to link the departments' databases and help the area's 1,100 police officers do their jobs better using mobile technologythe ultimate in centralized wireless strategy. Today, police cars are fitted with high-powered wireless laptops, rendering the CB radio nearly pointless. Officers communicate with headquarters and each other via mobile messaging. The laptops also allow police officers to search instantly for warrants, stolen car reports, forensic evidence and rap sheets, among a host of other datarequests that used to take hours or even days.
Knutson won't link the new technology to a drop in crime, but officers say the tool is invaluable. "It's a tremendous improvement," says Captain Charles Meinema of the Tacoma Police Department. "We're recovering more vehicles because officers can run a stolen car check from their car. Before, they had to run checks by radio, which could take hours."
And a solid mobility plan can help generate revenue. Angela Brav, senior vice president of applied technology for the Americas at InterContinental Hotels Group, which owns the Crowne Plaza, Holiday Inn and Candlewood Suites brands, says that when she was promoted to her current position in 2002, "it was clear that we didn't have the best tools for our employees to be competitive." So, she took the entire strategy under her control, outfitting nearly 400 key people with BlackBerrys, and more than 400 with wireless laptops. "The idea was to unleash information to the right people so they can outperform and improve the business." Since then, the company's Americas franchise sales group sold 81 new franchises in the second quarter of 2004 alonea company record. Brav believes the increased communication and access to information helped close many deals. "It's absolutely been an attribute. We're spending more money than ever on technology, but outperforming like never before."