Power your mobile strategy with a cloud

Use a private cloud to handle security, management and data access for your mobile workforce

Mobile devices will soon be driving cloud computing -- and vice versa. Here's why: It's very sensible to use a private cloud for security, management and other aspects of mobile applications. But getting there will require planning and investment by IT.

Some have already moved in this direction. In a December 2011 survey of 3,645 IT decision-makers in eight countries, a third of the respondents said that providing information access to multiple devices was their top reason for implementing cloud computing. The survey, fielded by researcher TNS and funded by service provider CSC, said that cutting costs was the third most popular reason for implementing cloud, with only 17% of respondents choosing that option.

Richard Peltz, senior vice president and CIO of Marcus & Millichap , a brokerage sales firm, is in the process of purchasing a content management system (CMS) developed by SiteCore ; it will be implemented in Marcus & Millichap's private cloud , which is based on VMware software.

Why adopt a cloud? Top motivating factors. Accessibility to information via multiple devices - 33% Accelerating business speed - 21 % Cutting costs - 17% Source: TNS/CSC survey, December 2011; 3,645 respondents

"The nice part of this is that we get automatic rendering of content to all mobile devices, removing or eliminating the need to write device-specific apps" for iPhone or Android devices, among others, Peltz explains. After the CMS is fully implemented, "it will allow all of our content to be managed by end users or departments or business units," he says.

By integrating CMS access for mobile devices into its private cloud, Marcus & Millichap will in essence be creating a mobile cloud.

Eric Miller, senior vice president and CIO at Erie Insurance, says that Erie thinks mobile first for all of its apps and then ports them to PCs when possible and when it makes sense.

"You are performing a balancing act with respect to which devices to support," he says. Erie uses Web analytics to track which devices are accessing the corporate website. "As the first step, we go after the top one, two, or three types of mobile devices. Then we create apps that are more adaptable to those devices."

Among the issues his group has wrestled with are whether to build a Web portal that adapts itself based on the device that is coming into it, or to go with a device-specific app. Today the firm is using both approaches. Customers with iPhones can submit photos of an auto accident or the damage from one, using the "First notice of loss" mobile application in the iTunes store. That information lands in Erie's back-end servers.

The nice part of this is that we get automatic rendering of content to all mobile devices, removing or eliminating the need to write device-specific apps. Richard Peltz, CIO, Marcus & Millichap

But the company also has a web portal "where I can do the exact same thing," Miller says. The goal is to have "inputs coming in from just about any mobile device."

Bernard Golden, CEO of consultancy HyperStratus , says these companies represent just the beginning of the mobile-cloud trend. With the increasing number and diversity of mobile computing devices, which have much less on-board storage than traditional end-user computing environments, there is a shift toward moving much of the functionality of an app into a centralized environment, like a cloud. This allows storage, computation, data access, security and management to all be handled in a centralized fashion.

The market for cloud-based mobile applications is expected to grow almost 90% from 2009 to 2014, according to Juniper Research . For its part, ABI Research reports that more than 240 million business customers will access cloud-computing services via mobile devices by 2015 and that number could approach a billion.

In fact, some would go so far to say that given the sheer number and variety of mobile devices in a sizable enterprise, the only sane way to manage it all is via some kind of centralized method. Any other way of ramping up a truly mobile enterprise simply will not scale.

Mobile computing is not mobile cloud computing

Although mobile computing and mobile cloud computing may sound the same, they are in fact very different. In "regular" mobile computing, applications run on a mobile device in native mode, with the application and data all stored on the device.

Running a mobile application in native mode has some advantages -- most important, no latency or network bandwidth problems. But applications that run on mobile devices are often limited in functionality and are generally not business-class applications; it's very rare to find native smartphone apps used as serious front ends for database queries, for instance.

In contrast, mobile cloud computing applications run on servers that reside in the cloud. Application data also lives in the cloud and results are fed back to the mobile device via an over-the-air network such as 3G or 4G. Users access apps and data via the browser on their mobile devices.

Mobile cloud computing allows users to potentially run more robust applications, provided that sufficient security measures are in place. There can be problems, however, such as latency and network bandwidth issues for the transfer of data between the cloud and the mobile device.

Even though clouds may facilitate end-user access to mobile apps, IT organizations and developers must address a number of serious issues to correctly position an enterprise private cloud to accommodate mobile computing. Among them, Golden says: "Identity management has to be extended to mobile devices. You also want to be able to control what resides on the device should you decide to replace it, or if it gets lost."

Further, he explains, applications have to be architected correctly, so that apps running on mobile devices can access back-end corporate software and data residing on the cloud. App developers also "have to account for the fact that mobile devices have lower bandwidth ability and intermittent connectivity," Golden says.

Kamesh Pemmaraju, an analyst at the Sand Hill Group, says that mobile will act to accelerate corporate cloud adoption. "At the enterprise level, more and more employees are using mobile devices to read email, access calendars, and access databases" in read-only mode.

Tony Iams, senior vice president and senior analyst at Ideas Technologies, says, "Cloud computing and mobile computing are parallel developments" because both in some way involve moving "state" -- applications and/or data -- from the client to the server. "This creates a relationship between the two."

Creating a mobile cloud environment

Because data (and some applications) move between mobile devices and the cloud via off-premises networks, security is a major consideration. But application development and device management are also extremely important.

How organizations approach each of these issues will greatly affect the usability of the mobile cloud.

  • Security --- ensuring that applications and data are protected during normal use and when mobile devices are lost
  • Mobile application development --- Build your own apps or purchase apps from third parties? Provide your own app store or use the iPhone App Store or Android App Store? Limit employees to a specific set of apps?
  • Mobile device management --- Provide employees with mobile devices or institute BYOD (bring your own device)? Limit employees to specific devices or let them pick their favorites?

Enterprises can enhance their private cloud with mobile device management, mobile app management and specific mobile processes to create what we refer to as a mobile cloud.

Shoring up security for your mobile OSes

Jeff Deacon, director of corporate strategy at Verizon Business, says that in most organizations today, mobile devices are coming in straight across the Internet, and this is not a good idea. "If you poke a hole in your firewall for access from a mobile device you have effectively poked a hole in your firewall for anyone in the world. Securing a gateway specific to mobile devices that can support various operating systems -- iOS, Android, Windows -- is very important."

Deacon says that many companies do not allow access to back-office data across the Internet. Access to secured data with smartphones or tablets should be done via a VPN. Richard Peltz says that agents at Marcus-Millichap use iPhones or iPads through a secured login or VPN residing on the iPhone.

BYOD also opens up a whole can of worms with respect to security, says Pemmaraju. "The question is how do you make sure that these apps are secure and, when they get downloaded to the device, that they don't accidentally get lost or get into the wrong hands?" A hacker could grab the app itself as it's being downloaded to the device, or intercept just the data going back and forth between the cloud and the device.

All of this has to be centrally administered, managed and provisioned. "This is where the mobile cloud comes in," Pemmaraju says.

"The usability group wants to make it easier for people to use the phone, while the security folks want to make it more difficult," says Eric Miller, CIO at Erie Insurance.

At Marcus & Millichap, with over 80 offices and 1,200 agents and brokers, Peltz says that the firm does not allow across-the-board access to corporate databases. Agents can access secured data -- inventory, buildings for sale, research reports, etc. -- via a Cisco VPN and by using the Web browser on their tablet, computer or phone. Access through a browser gets agents to an application that provides a view of the inventory database.

Registered clients can also search inventory -- via Safari or Firefox -- from the client-login area of Marcus & Millichap's website, says Peltz.

As of now, however, Marcus & Millichap does not allow remote users to change data, only view it. "The reason for this is policy -- a regional manager has to approve changes" to status, such as a piece of property going from being for sale to being under contract, he explains.

Another tool for remote users is an iPhone/Android app. But this app doesn't allow remote users to even view inventory; it's an email mechanism only. "The iPhone/Android app has no secure layers," Peltz says. "It is basically just out there to allow communication with loan originators and other agents via text messages or email."

The iPhone/Android app will be replaced later this year with a Web-based application. "This new interface will allow inventory access as well as access to other secured databases," Peltz explains.

For his part, Erie Insurance's Miller says that mobile phone users -- agents, claims adjusters and Erie policy holders -- have to authenticate themselves by completing the "first notice of loss" iPhone application. agents, claims adjustor, or any Erie policy holder.

"We rely on the security of the phone to allow people to get into the app, but then you have to authenticate yourself against our back-end system," he says.

"During the design of apps we always assume that a phone can be lost," and they keep in mind what would be lost in case someone cracks the encryption. "We continually have ongoing discussions with our usability group about this," he says. "The usability group wants to make it easier for people to use the phone, while the security folks want to make it more difficult."

Next time: A look at mobile-app development

Bill Claybrook is an analyst with over 30 years of experience in the computer industry, and has specialties in Linux, open source, virtualization and cloud computing. He is president of New River Marketing Research in Concord, Mass., and holds a PhD in computer science. He can be reached at bclaybrook@comcast.net .

Read more about cloud computing in Computerworld's Cloud Computing Topic Center.

This story, "Power your mobile strategy with a cloud" was originally published by Computerworld.

From CIO: 8 Free Online Courses to Grow Your Tech Skills
Join the discussion
Be the first to comment on this article. Our Commenting Policies