- Security --- ensuring that applications and data are protected during normal use and when mobile devices are lost
- Mobile application development --- Build your own apps or purchase apps from third parties? Provide your own app store or use the iPhone App Store or Android App Store? Limit employees to a specific set of apps?
- Mobile device management --- Provide employees with mobile devices or institute BYOD (bring your own device)? Limit employees to specific devices or let them pick their favorites?
Enterprises can enhance their private cloud with mobile device management, mobile app management and specific mobile processes to create what we refer to as a mobile cloud.
Shoring up security for your mobile OSes
Jeff Deacon, director of corporate strategy at Verizon Business, says that in most organizations today, mobile devices are coming in straight across the Internet, and this is not a good idea. "If you poke a hole in your firewall for access from a mobile device you have effectively poked a hole in your firewall for anyone in the world. Securing a gateway specific to mobile devices that can support various operating systems -- iOS, Android, Windows -- is very important."
Deacon says that many companies do not allow access to back-office data across the Internet. Access to secured data with smartphones or tablets should be done via a VPN. Richard Peltz says that agents at Marcus-Millichap use iPhones or iPads through a secured login or VPN residing on the iPhone.
BYOD also opens up a whole can of worms with respect to security, says Pemmaraju. "The question is how do you make sure that these apps are secure and, when they get downloaded to the device, that they don't accidentally get lost or get into the wrong hands?" A hacker could grab the app itself as it's being downloaded to the device, or intercept just the data going back and forth between the cloud and the device.
All of this has to be centrally administered, managed and provisioned. "This is where the mobile cloud comes in," Pemmaraju says.
"The usability group wants to make it easier for people to use the phone, while the security folks want to make it more difficult," says Eric Miller, CIO at Erie Insurance.
At Marcus & Millichap, with over 80 offices and 1,200 agents and brokers, Peltz says that the firm does not allow across-the-board access to corporate databases. Agents can access secured data -- inventory, buildings for sale, research reports, etc. -- via a Cisco VPN and by using the Web browser on their tablet, computer or phone. Access through a browser gets agents to an application that provides a view of the inventory database.