As consumers, we’re bombarded with apps for every conceivable function — whether it’s texting customer service, online banking, hailing a cab, scanning a code, tracking fitness and about a million other things. If you can think of something to do, there’s an app for it.
We continue to download apps at a rapid pace; according to ABI Research, app downloads hit 81 billion at the end of Q3 in 2012. This is happening for two very specific reasons — one being that it’s easy and the other is that these apps improve or simplify our everyday tasks.
A very similar perspective is making its way into the enterprise, as employees demand options and features to streamline tasks and collaboration. Enterprises are responding by giving employees what they want. By 2014, Gartner
predicts that most organizations will deliver mobile applications to workers through private app stores, much like Apple’s and Google’s app marketplaces.
In this app-hungry environment, the OS or device is secondary and the demand is that apps work across all of their devices—smartphones and tablets —corporate and employee-owned. This increasing shift of focus to applications, and so many different applications, brings about licensing, security and technical challenges.
A key challenge in all of this is balancing workforce productivity—that is people getting things done when and how they need to—with the security and management constraints of an organization. Within some degree of reason, IT must find a way to give employees the applications they need to be productive, no matter the device or OS.
Businesses must understand where the line between productivity and security/manageability lies for their particular organization and build from it — understand what must happen, what must never happen and define policy accordingly.
Where IT must be especially careful, however, is in making certain that “difficult for IT to manage” is not the same as “bad for the company. Be careful about creating policies that are more concerned with ease of management—there are, of course, tools to address this manageability and the returns to workforce productivity are usually very high.
This IT shift calls for a close examination of the organization’s culture as well as clear guidance for staff with a focus on establishing a mutual understanding of BYOD and app policies — what can and cannot be downloaded on company-owned devices, as well as what business apps are allowed on personal ones.
Communicate the rationale behind these decisions openly and encourage a dialogue with your workforce. Specifically address:
- Personal apps on company devices: Clearly explain why personal apps are, or are not, too risky on company-owned devices. After you have set the appropriate policy that may limit certain apps, help employees understand and suggest acceptable alternatives. For more popular personal apps, such as Facebook, be specific in explaining why this may not be appropriate for company-owned devices.
- Business apps on personal devices: While companies cannot dictate what apps employees can download on their personal devices, they can restrict what sensitive company information can be accessed on personal devices, either through policies and/or management tools and access rights. In an environment where employees demand opportunities to work on their own devices, companies must set guidelines such as passcodes and network access restrictions as defined by policy – for example, users can only log on to certain applications from a private, password protected WiFi connection.
Get Buy In
Simply mandating a policy without buy in from your workforce is a dangerous proposition. Care must be taken to both understand user needs as well as giving employees a chance to contribute their suggestions.
Organizations must develop a habit of revisiting established policies on a regular basis to ensure the policies are, in fact, working for both the benefit of employees and the interests/needs of the business. In most cases organizations will develop an incremental approach of refinement that will produce positive results.
Finding the right balance between integrating the technical and security aspects of application management can be daunting, especially while trying to effectively cope with the social aspects of the trend. But once the processes are set in place, managing them on a day-to-day basis will ensure a secure, cohesive and balanced mobile policy for the enterprise.
As users become more technology savvy, they are developing sophisticated preferences in technology — which applications they use on what devices, as well as where and when they conduct work. What started as a few executives asking for policy exceptions for iPads has become a fundamental shift in the relationship between IT and the workforce they serve.
This is a good thing for organizations, but it’s not without its growing pains. Trying to give users the freedom of choice, while covering corporate assets to protect sensitive data, competitive IP and client contacts, can be a tricky balance. But, it is possible to achieve this goal through an integrated approach to endpoint management.