Keeping Tabs on Innovation

By Susan Nunziata  |  Posted 01-04-2011

Mobility's Rise in the Enterprise

Discussions about mobility's rise in the enterprise invariably revolve around the challenges CIOs face in grappling with the influx of personal mobile and wireless devices on the job. Employees across the corporate hierarchy look to use these tools for a range of activities, from basic work e-mail access to the ability to tap into corporate data, applications and networks while on the go.

Enterprises are taking an array of approaches to handling this new mobility. Some, such as Wells Fargo, take a strict, no-personal-devices-at-work policy, driven in part by the heavy regulations placed on the financial industry. Others, such as The Chubb Group of Insurance Companies, recognize the value of a mobile workforce and are planning to migrate to an employee-liable model governed by strict security requirements.

The KLA-Tencors of the world are already there, operating in a completely individual-liable mobility mode. Still others, such as Royal Caribbean Cruises Ltd., are moving full-steam ahead with a range of mobile tools that go way beyond traditional e-mail and calendaring in an effort to enhance customer service and improve productivity.

No matter the business vertical, CIOs generally agree that they face three core issues around enterprise mobility that are going to continue to shape their strategy in 2011 and beyond. These are:

  • security of devices and mobile data;
  • provisioning and servicing mobile users; and
  • keeping ahead of rapidly changing technology.

"People are looking for convergence," says Don Garvey, CISO of Chubb. "They only want to carry one device. They want their corporate and personal information in one place. Technology can permit that. Our challenge is that we need to secure it and administer it."

Garvey notes that the concept isn't limited to smartphones: "My counterparts [at other enterprises] and I are all anticipating a movement toward personal computing devices--laptops and desktops--on company networks. Most companies will permit those devices on the network. I participate in a group of security pros at other Fortune 250 companies, and we collectively have discussed these issues. I was very surprised to learn that nearly every company is looking at personally owned devices and how to put them on their network." (For more on the Chubb Group's Strategy, read the article Chubb Group's Any Time, Any Place Computing.)

Ashwin Ballal, CIO of semiconductor company KLA-Tencor, agrees. " Our policy is to not buy any of our mobile devices," he says. "All our mobile devices are personally owned." (For more on KLA-Tencor's strategy, read the article iPad at Work: KLA-Tencor Employees Get a Treat.)

This is far from the case at Wells Fargo--at least for now. "We have a strict policy: There is no device that gets onto our infrastructure unless [it is] a corporate-owned device," says Jim Spicer, EVP/Group Executive and CIO of Wells Fargo Corporate Technology and Data. "[This] simplifies a lot of issues other companies may have with managing smartphones."

Keeping Tabs on Innovation

That said, Spicer and his team keep close tabs on developments in mobility. The company is in the process of evaluating iPads and is planning to check out other tablets as they enter the market.

"[Mobility] is a very rapidly changing environment and space," says Spicer. "We look at this as a six-month horizon. It seems like things are changing at least twice a year, and in a substantial way. Add to that the overall excitement that is generated by the change in the consumer marketplace, and that bleeds back over into our customers and to us. We're making sure we stay abreast of all these changes and support things that fit our environment and offer the best value to our team members and customers." (For more on Wells Fargo's strategy, read the article Wells Fargo Mobility Strategy: Close Every Gap.)

For both Chubb and Wells Fargo, tools such as e-mail and calendaring are the primary functions used by their mobile workers today. Tomorrow? Well, that's another story.

The array of mobility solutions that Royal Caribbean is rolling out on two of its new tech-forward cruise ships--the Oasis of the Seas and the Allure of the Seas--provides a glimpse of what's on the horizon. These vessels serve as the template for mobility offerings that will be rolled out companywide through 2012. They'll encompass passenger applications on iPhones, as well as mobile point of sale (MPOS), mobile mustering, work order management, show ticketing and asset management.

Among the mobile solutions Spicer and his teams at Wells Fargo are evaluating are:

  • mobile customer service apps;
  • mobile online training;
  • mobile Web conferencing and video presentation;
  • mobile travel tools;
  • mobile T&E approval; and
  • mobile IT request management.

Implementing such solutions successfully requires interdepartmental collaboration. For example, Royal Caribbean's VP/CIO Bill Martin says he works closely with the company's SVP of operations on mobility projects. "How do you not collaborate at a very high level to get things done?" asks Martin. "The business models come to us from operations, maintenance, safety. CIOs need to be very engaged in the strategy of the business. We need to bring ideas and craft ideas with business leaders." Martin adds that he is regularly involved in senior operations meetings with his Royal Caribbean colleagues. (For more on Royal Caribbean's strategy, read the article Royal Caribbean Cruises Creates a Wireless Oasis.)

Collaboration is Imperative

Keeping pace with change requires a high level of collaboration, agrees Spicer. "There are new apps evolving every day, and we have to constantly evaluate those to make sure they serve our needs," he says. But streamlining that evaluation process is key.

"We have to quickly evaluate, assess and prioritize where we want to make our investments," adds Spicer. "We're not going to chase every shiny new toy that comes along. We make decisions about where we want to spend our time and energy. Making sure that we're not chasing every rabbit is one of the ways we approach [the mobility] space."

To do this, Spicer's team leverages capabilities across the enterprise, including competency centers in information security and networking. Wells Fargo also has a product management group that, Spicer says, is responsible for "keeping their eyes on the horizon and evaluating opportunities as they come down the pike."

In addition, says Spicer: "We have groups focused on enabling mobility for end customers, and they have a different set of dynamics in which they operate. From an internal perspective, there's always some crossover between the two.

"We also have an information security organization we partner with that provides policies and governance guidelines that center on how we deploy devices. The main question is always: 'Does it provide business value?'"

Policies are key, notes Chubb's Garvey, who emphasizes that critical ground rules need to be set. "As smartphones become more pervasive, it's important that companies get out in front and establish guidelines in terms of what kind of information is going to be put on those devices and how you'll protect it," he advises. "For example, information needs to be encrypted. We're not going to push information to the device unless we're sure that encryption can be done."

Garvey notes that while the mobile devices themselves don't meet the company's encryption needs in all cases, "There are third-party products that can encrypt our information to [meet] encryption standards we find acceptable."

He notes that even as third parties are stepping in to offer that level of enterprise functionality, "We're also putting pressure on hardware manufacturers, such as Apple, to provide enterprise functionality and security that is more robust."

Garvey says that for an employee-liable model to work, it's essential that end users agree to the company's rules. For example, he says, employees need to be aware that, "if your device is lost or stolen, you need to report it to the help desk. We may choose to wipe company information or wipe the entire device."

KLA-Tencor's Ballal says making the employee-liable model work successfully is all about striking the right balance. "You can lock down everything and scare everyone and say it's security-related, or you can make your people more productive and competitive and win in business," he says. "Which one would you choose?"