by Paul Andersen, Marketing Manager at Array Networks
The consumerization of IT is underway. In its report Tablets Will Rule the Future Personal Computing Landscape, Forrester predicts sales of 375 million tablets in 2016 with over 750 million tablets in use. Because tablets are productivity enhancing, portable and trendy, employees are bringing them to work in droves. Like cloud computing, mobility is causing businesses to reevaluate their approach to IT.
Not long ago, IT was in the driver’s seat—issuing managed PCs, laptops and mobile phones. With full control, IT deployed the software and policies needed to ensure security and maintain compliance. Today, the sands have shifted. Employees want to use tablets and smart phones of their choosing, and with the flood gates open, many employees also want to work from personal computers at home or on laptops better suited to the demands of their role.
Commonly referred to as ‘The Consumerization of IT’ or ‘Bring Your Own Device (BYOD)’, the trend is here to stay. At the top, executives are demanding tablet access to business applications. Among the rank and file, employees are bringing personal devices to work irrespective of IT policy. Within the enterprise, mobile access and BYOD pose two key challenges. The first is security; every mobile device connected to the corporate network is a threat, and every personal tablet and smart phone introduce the potential for data leakage. The second is a lack of native enterprise mobile apps; while this will change over time, there exists a considerable gap between the Windows and desktop-centric applications used in the enterprise and the glut of consumer mobile apps.
Most mobile security issues arise because traditional VPNs are being used to connect tablets and smart phones to the corporate network. While VPNs encrypt the connection between the device and the corporate network, they also create an open tunnel through which corporate data may escape or attacks may be introduced. The threat is made worse because it is impossible to lock down personal devices the way one would a managed device. Also, personal devices are greater in number, are more prone to becoming lost or stolen and are exposed on a more frequent basis to the risks of personal use.
While mobile device management (MDM) provides control and visibility for personal devices that may connect to the network —and simplifies the provisioning of apps from an enterprise app store— it does little to address the security concerns described above. What’s more, brute force wiping of work and personal data on devices that become lost or stolen creates as many problems as it solves. It won’t be long before the legal ramifications of destroying personal data as part of IT policy begin to hit home.
Let’s pretend the security challenge is somehow magically solved; as the title of this article asks: Now what? While it is simple to provide email, contacts and calendaring to personal mobile devices— and it is relatively easy to deploy a few native enterprise apps— the vast majority of applications remains tied to Windows and traditional desktop environments. As a result, any solution aimed at enabling mobile access and BYOD must address not only security concerns, but must also provide a means by which to bridge the gap between mobile access and the applications employees use every day to be productive and complete their work. Without access to enterprise applications, employees can bring as many tablets to work as they like and still not move the needle on business productivity.
In response to these challenges, organizations are leveraging a clever approach that relies on extending applications running on physical or virtual desktops or terminal services to mobile devices. The solution takes the form of a scalable secure access gateway— with remote desktop functionality—that supports a range of mobile devices and a mix of application and desktop environments.
From a security perspective, the approach solves all critical challenges associated with BYOD and mobile access. First, the security posture of office desktops, managed laptops and server-based resources is already compliant. Second, unlike VPNs, using remote desktop means that mobile devices never connect to the corporate network. Because data never leaves the corporate network, the risk of data leakage is fully eliminated; because devices are kept off the network, the risk of attack is also eliminated. Lastly, the connection between the mobile device and the secure access gateway is encrypted using SSL— with the gateway itself acting as a separation layer dividing mobile devices from the corporate network.
The approach also addresses traditional enterprise applications that are not available natively on mobile devices. Any application running on a physical or virtual desktop or in a virtual environment can be immediately “mobilized” to provide full access to enterprise applications from personal tablets and smart phones. Because applications developed for the desktop will not always provide the same user experience in a mobile environment, secure access gateways take extensive steps to create gesture suites that provide intuitive control of Windows and desktop applications on tablets and smart phones. While the experience will never be as polished as an application designed for mobile environments, it is counterbalanced by the benefits of cost-effectively supporting all enterprise applications, right now.
Looking to the future, traditional enterprise applications will not all be re-developed as native mobile apps; nor will they go away. An equilibrium point will be reached. To manage this transition in the most efficient manner possible, enterprises are well served to explore solutions that enable mobilization of traditional enterprise applications today and provide a foundation for playing a critical role in a broader enterprise mobility strategy tomorrow.
About the author
Paul Andersen is the Marketing Manager at Array Networks (www.arraynetworks.com). He has over 15 years’ experience in networking, and has served in various marketing capacities for Cisco Systems, Tasman Networks and Sun Microsystems. Mr. Andersen holds a Bachelors Degree in Marketing from San Jose State University.