enabling enterprise mobility
DESCRIPTION
Transform the mobile computing environmentTRANSCRIPT
As we enter the second decade of this millennium, a rapidly changing technology landscape is propelling a hyper-competitive environment and moving us to an inter-connected world.
Enabling Enterprise Mobility
White paper
transformthe mobile computing environment.
Table of contents
Enabling Enterprise Mobility ......................................1Step 1—Review, establish, and refine foundational policies ................................................2Step 2—Define the collaboration infrastructure for the organization .................................................3Step 3—Establish the architecture to support enterprise-class mobile applications ............................4Conclusion .............................................................5About the author .....................................................6
1
Technology is pervasive and easily accessible in all aspects of our daily lives. Consumers are more comfortable with technology, social networking, and cloud-based services in their personal lives, and they expect the same always-on experience in their professional lives. This trend is commonly referred to as the “consumerization of IT,” and it represents the growing expectations of customers and employees to use consumer-oriented technologies and solutions such as smart phones, video, audio, social networking, micro-blogging, and universal access from their employers and business partners.
The ubiquitous nature of mobile computing and the blending of personal and professional lives provide unique opportunities for today’s businesses and their IT organizations. They can grow market share, build customer intimacy, and increase profit margins by delivering secure, seamless, context-aware experiences in a connected world. This new emerging environment provides endless possibilities—but it also brings with it some unique challenges around security, privacy, speed-to-market, and the increased costs that come with the task of supporting more choice in devices.
Traditionally, IT organizations have focused on driving efficiencies through standardization, control, and the eventual commoditization of IT services. In this emerging workplace, they will have to deliver their application and services in an environment where the boundaries between personal and professional life are blurred and where they do not control the technology stack used by their users. This new mobile computing environment has to address device and network security, as well as privacy issues associated with having personal and company-owned data on the same device. This is true whether the device is owned by the individual or the enterprise.
Finally, IT organizations will also have to deal with changes to their financial model as this environment forces them to rethink their end-user computing models (what devices, how many, and who pays for them) and the associated support models, such as help desk or break-fix.
In short, the consumerization of IT will require businesses to plan for, develop, and operationalize a comprehensive approach for enabling Enterprise Mobility.
Enabling Enterprise MobilityHP’s approach to enabling Enterprise Mobility is ideal for organizations across all industries who wish to reach their constituents across multiple networks and devices by delivering applications, content, and services in a scalable, secure, and reliable way. This approach leverages our global applications services capabilities to provide the architecture, systems engineering, development, and support services. Combined, they help an organization simplify its applications, extend them where necessary, and build innovative mobile business-to-business (B2B), business-to-consumer (B2C) and business-to-employee (B2E) applications. This approach also leverages HP’s well-defined and mature, service-oriented
2
architecture-based integration architecture and is enabled by development and security frameworks that helps create componentized building blocks from monolithic legacy applications to develop and deploy mobile applications that are Designed for Run™. Our methodology goes beyond cool devices and flashy user interfaces: It requires a thorough and comprehensive look at how mobile applications are developed, deployed, managed, and governed in mid-sized and large enterprises.
Our process has three primary steps. The first step looks at foundational enterprise-wide policies around security, privacy, and end-user computing. The second step assesses the collaboration infrastructure that needs to be established to support mobility. And the final step evaluates the end-to-end architectural decisions, application, and infrastructure models that are required to enable enterprise mobility.
Step 1—Review, establish, and refine foundational policiesInformation security and privacy policies in today’s organizations were written for a highly controlled and monitored computing model where individuals relied on companies to provide computing capabilities and network access. In that world, policies were simple and sometimes onerous in managing what could be
done on an enterprise-owned asset (such as a PC or BlackBerry) and how to handle consumer data. They also drove an end-user computing model that used encryption with very strong password protection and in many cases, two-factor mechanisms to control how employees get access to the company’s applications and data. This highly standardized end-user computing model made support processes simpler and the testing and deployment of applications to these devices easier.
In the new mobile world, every one of these policies is more complex. The safeguards that worked well in a tightly controlled environment are now inadequate to address the risk posed by the use of personally owned mobile devices and anytime, anywhere, network access. This is why it is extremely important that organizations address these policies first before embarking on the journey of enabling enterprise mobility. Some of the key questions that HP will help clients answer are:• Who owns the device—company-owned vs.
personally owned device?• How does the enterprise address the risks of having
company-owned data on a personally owned device, and conversely, how does the enterprise protect the privacy of the employee’s data on a personally owned or company-owned device?
• What kind of security can an enterprise enforce on a personally owned device—password, encryption, etc.?
Figure 1Figure text describes illustration contents.
Internal ITapplications
Applicationswritten byemployees
Applicationprovided by
software vendors
MobileApplicationArchitecture
Visualizationand
InformationArchitecture
MobileIntegrationArchitecture
Testing andQA forMobile
Applications
Collaboration Services—email, calendar, instant messaging
Infrastructure Design and Security
Mobile Deployment Architecture
InformationSecurity Policies
EnterprisePrivacy Policies
End-UserComputing Policy
EnterpriseApplication
Store
3
• How does the enterprise or HP monitor mitigate the risk of the employee losing the device?
• Who pays for the device and the access—will the employee buy it or will the company provide a stipend and how often?
• How will the company support the device when the device fails or when the user has a device that the company does not have skills to support?
• What are the impacts to the operational expenses of organizations as they move to this new end-user computing model—one that provides more choice and contains a mix of company-owned and employee-owned devices?
Step 2—Define the collaboration infrastructure for the organizationThe second step of HP’s approach to enabling Enterprise Mobility involves establishing a solid infrastructure that supports enterprise-class mobile applications. This includes the:• Deployment model for mobile applications• Network and security architecture• Collaboration infrastructure for the enterprise.
Deployment model for mobile applicationsDecisions around the security and privacy policies will end up driving the deployment model for mobile applications within the enterprise.
Basically, there are three types of deployment models for native mobile apps:1. Applications are deployed to the native environment
of the device. It has access to all the resources on the device and is constrained by the capabilities of the device.
2. Applications are deployed into an encrypted container on the device. It has access to selected capabilities and resources from within the container on the device.
3. Applications are deployed to the device using a thin client. It has no access to the computing resources on the device. These applications leverage the capabilities on the server they run on and render the UI to the mobile device.
Selecting the deployment model for mobile applications is one of the most critical decisions of enabling enterprise mobility.
Additionally, HP’s mobile development framework supports all common ways to create applications targeting the mobile devices. These include:• Web sites optimized for the mobile form factors• Use of cross platform development tools to efficiently
target multiple platforms• Pure native development for cases where there is a
single target platform• Rich Internet Applications for apps that require rich
media support• Use of a mobile enterprise application platform
where multiple back-end data sources must be accessed in addition to multiple client support
• Mobile business intelligence and content portal clients
In short, HP’s development frameworks and capabilities support creation of a wide variety of mobile content in an efficient way.
Network and security architectureThe network architecture, including firewall rules and network security, in most organizations was defined to support web-based applications. Building web-based applications allowed organizations to establish zones of defense—in other words, these architectures define on perimeter-based defense structures that were “hard on the outside and crunchy in the middle.” This network architecture is no longer adequate to deal with employee-owned mobile devices that can potentially access an organization’s core network behind the corporate firewall. Changes to the network architecture should be driven by the following questions:• How would a user access company-owned
applications and data from home or from a public access point to the Internet using a personally or company-owned mobile device?
• How would a user access company-owned applications and data from within the walls of the enterprise (intranet) with a personally owned mobile device?
• How does the enterprise manage and control access to internal and external application stores?
4
Collaboration infrastructure for the enterpriseThis model is the third critical component in defining the collaboration infrastructure of the enterprise. It focuses on workplace capabilities such as email, instant messaging, micro-blogging, and social networking and is heavily influenced by the enterprise security requirements. It also presents some unique challenges around document retention, as enterprises need to maintain their ability to track use of corporate assets while respecting the privacy of the individuals.
Step 3—Establish the architecture to support enterprise-class mobile applicationsHP will use the organizational decisions around the three foundational policies established in Step 2 to help the enterprise develop and implement the other four key components of enabling Enterprise Mobility:• Mobile Application Architecture• Visualization and Information Architecture• Integration Architecture • Testing and Quality Assurance for Mobile
Applications
Mobile Application ArchitectureOne of the major shifts driven by mobile applications has been the demise of monolithic solutions built around a particular business process that are loaded with features and functions for a wide range of users. An example is a full functioned banking website aimed at the online user. These monolithic sites are being replaced by multiple smaller applications (“apps”) that are designed around the end user. These new apps are built from a customer-in perspective as opposed to the company-out model that drove application design in the past.
Visualization and Information ArchitectureThe rich user interfaces supported by today’s mobile devices are causing a seismic shift in the area of human-computer interaction. This next-generation user interaction model moves from the keyboard and mouse interface that has been a standard for the past two decades to one that processes inputs from multiple devices such as multi-touch screens, accelerometers, microphones, cameras, GPS chips, and gyroscopes. This model represents a major evolution of the event-driven application model that was the foundation of
client/server and web-based applications. It’s a shift from applications that were designed to sense and respond to individual events to one that has to handle more complex events that enable enhanced reality experiences. For example, a user who is new to a certain part of the city can point her smart phone to the street on which she is standing. The banking app on her phone will map the nearest locations of ATM machines and bank branches and visually highlight them on the screen image of the street.
Apps in the mobile environment also need to adapt new models for visualizing data. This takes advantage of the unique hardware and display capabilities of these new mobile devices to provide context-aware experiences. Features range from the “pinch” to zoom-in and out of an image to visual representation of complex data used in business intelligence and analytics applications to enhanced reality applications highlighted earlier.
Integration ArchitectureIt is also important to remember that enabling enterprise applications is about more than the application architecture. It requires the rethinking of the integration architecture used by the organization. Some of the key elements of the new integration model are:• A move from traditional EAI (Enterprise Application
Integration) approaches that relied on complex transactions to one that relies on micro transactions built on lightweight services such as Representational State Transfer (REST). This supports smaller apps running on more powerful mobile devices with new interaction models described earlier.
• A design that can handle thousands of low latency micro-transactions as opposed to hundreds of long-running state-full transactions.
• The ability to interface with and process inputs from pervasive technologies such as RFID chips, numerical controls, specialized and multi-purpose sensors, and point of sale devices.
• The ability to support Complex Event Processing (CEP) and real-time business event co-relation from information sources within and outside the enterprise using a lightweight state-less interaction model.
• A scalable infrastructure that can provide high service levels on a 24x7 basis across the globe.
Testing and Quality Assurance for Mobile ApplicationsBusinesses that are focused on enabling mobility within the enterprise need to have an application deployment model that focuses on deploying apps to personal and company-owned devices through an Enterprise App Store. This Enterprise App Store has to: • Be able to support applications that are developed
for and deployed to a fragmented mobile marketplace that includes at least five major operating systems–iOS, Android, Windows Mobile, BlackBerry, and WebOS.
• Test applications for compatibility across multiple operating systems and devices.
• Deploy applications developed by the internal IT organization, employees, or software providers such as SAP and Microsoft to all registered devices.
• Support “over the air” updates for apps to these devices.
• Handle remote-wipes and de-registration of devices when they are lost or compromised.
ConclusionToday’s “Everybody On” world is enabled by near-universal connectivity options and an ever-increasing choice of mobile devices that allow organizations to deliver their services (any content) at any time through any network. This ubiquitous connectivity is radically changing how organizations interact with their producers, partners, employees, and customers. As the only global provider of end-to-end services across the mobile ecosystem, HP provides a unique enterprise perspective, global reach, and flexible and scalable engagement models that allow today’s businesses to take full advantage of the benefits of a mobile enterprise. HP’s comprehensive approach to enabling Enterprise Mobility leverages our extensive experience in developing mobile applications, global development centers, intellectual capital (frameworks and code assets), industry-leading mobile frameworks, and tools to provide a true enterprise-class mobile solution for our clients in all industries across the globe.
5
© Copyright 2011 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein.
4AA3-5495ENW, Created June 2011; Updated September 2011, Rev. 1
Share with colleagues
About the authorSrinivas (Srini) KoushikSrinivas (Srini) Koushik is vice president and worldwide application development executive for Hewlett-Packard. In this role, he ensures that HP is working with clients to provide the best possible balance of cost, speed, quality, and risk for large scale transformational programs, systems integration projects, and innovative technology initiatives.
Previously, Koushik was senior vice president and chief information officer at Nationwide Insurance, a Fortune 100 financial services company. During his tenure at Nationwide, he drove the design and implementation of a cutting-edge Business Analytics environment, a first-of-a-kind banking environment based on cloud computing, a large scale transformation of the company’s infrastructure, and one of world’s first CMMi Level 3 Application Development Centers.
Koushik was also previously vice president and worldwide architecture practice leader at IBM. He was appointed as an IBM distinguished engineer in 1998 and elected to the IBM Academy of Technology in 1999.
Koushik has had a highly decorated career that includes being named an Elite 8 CIO by Insurance & technology, a Top 25 CTOs by Infoworld in 2004, and one of the Top 10 All Stars in the Financial Services Industry by techdecisions in 2007. He is also an Open Group Distinguished Certified Architecture Profession Leader.
Koushik holds a bachelor’s degree in physics from the University of Madras, a master’s degree in computer science from the University of Bombay, a master’s degree in business administration from The Ohio State University, and has taken several executive education courses from both MIT’s Sloan School of Management and Duke University.