Mobile devices and the consumer effect
After a number of years of preliminary investment, activity and experience with mobile technology, many companies are finding themselves moving into a new phase of activity in this area. Part of this is characterised by the desire to get more users ‘mobile’ – driven by some quite dramatic changes to working practices over the past few years. This is coupled with a desire to make the mobile experience a much more functional and effective one, through extended use of applications which are already used in a static working environment. A good example of this is the extent to which people access email through their mobile device in a work context.
An important element of this shift is that businesses find themselves faced with the need to integrate mobile technologies more fully into IT strategy from a policy, security, execution, development, management and skill-set perspective. While all this is indeed important, it is nothing that companies are not already dealing with.
A somewhat newer challenge they face, however, is the need to more explicitly acknowledge the expectations of users in terms of form, function and desirability of technology they have been exposed to in their non working lives as consumers. While mobile devices are a constantly evolving story, the advent of the iPhone had a phenomenal impact on individuals’ attitude towards and use of ‘smart’ mobile devices. Although this effect took off from the consumer space, individuals increasingly want to bring their enhanced mobile experience into the workplace. People’s experiences and preferences are inevitably different. While some are happy with a BlackBerry for work purposes, others want the functionality of the iPhone in the office, and yet others are devoted to their Palm Pre... and so it goes on. Moreover, this isn’t a static picture, with devices and the way that people use them, constantly changing. Take, for example, the dramatic increase in web browsing with mobile.
So, just how far should companies go in embracing employee preferences? It is understandable that in a large corporate environment, IT managers will be wary of a fully ‘consumerised’ approach to equipment, i.e. letting users adopt whatever they want with no constraints, on the basis of cost, risk and support overhead. But if companies swing to the other end of the scale and completely restrict choice around mobile devices, this brings its own issues. For example, there is an increasing likelihood that some employees will bring in their own device in any case, and try to use it for work applications. Yet others will simply not use the company device, which may have negative impact on the value of the mobile solution to the business.
Companies that want to make the best use of mobile in the workplace should aim for the happier medium, and consider offering a range of devices that meet corporate standards in terms of security, supportability manageability and cost, but that are also ‘desirable’ and meet user expectations on functionality. A possible hidden benefit to the business in all this is that more suitable devices may come to light, by virtue of the fact that the net was cast a little wider than may have been the case historically.
Another important factor to bear in mind is the extent to which the chosen device or solution supplier is committed to dealing with both corporate requirements and user expectations in the same equipment.
Granted, the question of consumerisation of corporate equipment is not an easy one to deal with and it is one that companies are unlikely to be able to avoid for much longer if they have not yet taken the first step in at least acknowledging it. A proactive, rather than reactive or dismissive approach is much more likely to bring the workforce on side, and may indeed uncover business benefits which were not obvious before a broader view of the options available was taken.
Wednesday, January 27, 2010
Thursday, January 14, 2010
Embedded Developments
Is anyone still developing software anymore, particularly in smaller-scale, “embedded” systems running on platform-specific operating systems? Despite the best efforts of packaged software vendors, software development never went away – indeed, the annual barometer studies that Freeform Dynamics undertakes with readers of The Register repeatedly shows that “custom application development” is always one of the top areas for investment. And in a recent mini-poll, when we asked you about embedded systems in particular, we found considerable interest in this area. But what’s guiding the decision about the embedded OS to use?
A quick glance at the figure below highlights that embedded systems development is being undertaken in a wide cross section of industries. The figure also illustrates that many developers of such applications operate in multiple industries. Such a result is not terribly surprising given the increasing importance of solutions using embedded software and the relatively small numbers of skilled and experienced programmers comfortable in this space, at least when compared to traditional enterprise applications.
As the chart shows, embedded systems are popping up across all industrial sectors, everywhere from high consumer-touch areas such as automotive systems, mobile devices through to the heart of the business supply chain and manufacturing and along to specialised high value verticals such as aerospace, defence and medical systems.
With developers of embedded applications being in some demand, it begs the question of what do they look for in the operating systems that might be deployed to support these systems? Naturally enough the availability of target-specific development tools and testing tools / emulators top the list. Close behind comes a desire to be able to use standard development tools for the majority of the code work, again perhaps not too surprising given that many of the developers are likely to be working on a broad range of solutions.
The most interesting aspect of the second figure is that “standards conformance and / or interoperability” figure at the bottom of the list when developers are evaluating embedded operating systems options. The “ease of porting code to new target platforms” performs only slightly better as a desired attribute. These last two results are surprising as in other areas of applications development these are highly desirable attributes.
It might well be the case that decisions concerning the choice of operating system on which to build embedded applications are more tightly associated with the underlying device that will house the application than in other areas of software development. Equally it might be that the relative youth of embedded systems development may also be having a major influence in these results. Do you have any opinions here? Please let us have your feedback in the comments section below.
However with this an area that is highly likely to grow in importance there are challenges ahead for all suppliers working in these areas.
A quick glance at the figure below highlights that embedded systems development is being undertaken in a wide cross section of industries. The figure also illustrates that many developers of such applications operate in multiple industries. Such a result is not terribly surprising given the increasing importance of solutions using embedded software and the relatively small numbers of skilled and experienced programmers comfortable in this space, at least when compared to traditional enterprise applications.
As the chart shows, embedded systems are popping up across all industrial sectors, everywhere from high consumer-touch areas such as automotive systems, mobile devices through to the heart of the business supply chain and manufacturing and along to specialised high value verticals such as aerospace, defence and medical systems.
With developers of embedded applications being in some demand, it begs the question of what do they look for in the operating systems that might be deployed to support these systems? Naturally enough the availability of target-specific development tools and testing tools / emulators top the list. Close behind comes a desire to be able to use standard development tools for the majority of the code work, again perhaps not too surprising given that many of the developers are likely to be working on a broad range of solutions.
The most interesting aspect of the second figure is that “standards conformance and / or interoperability” figure at the bottom of the list when developers are evaluating embedded operating systems options. The “ease of porting code to new target platforms” performs only slightly better as a desired attribute. These last two results are surprising as in other areas of applications development these are highly desirable attributes.
It might well be the case that decisions concerning the choice of operating system on which to build embedded applications are more tightly associated with the underlying device that will house the application than in other areas of software development. Equally it might be that the relative youth of embedded systems development may also be having a major influence in these results. Do you have any opinions here? Please let us have your feedback in the comments section below.
However with this an area that is highly likely to grow in importance there are challenges ahead for all suppliers working in these areas.
Wednesday, January 06, 2010
Data protection and identity management – are you sure you’re safe?
Data protection is an essential area for businesses, and an increasingly critical one to deal with, as volumes and complexity of data grow, along with the volume and complexity of interactions both within the business and with the outside world.
Complex it may be, but it is one that businesses can ill afford to bypass, as without it, they are vulnerable to both pre-meditated and opportunistic attacks, as well as exposures through negligence or even failure of systems. Companies are also exposed to threats from different sources both from within and outside of the business. Internal attacks are typically driven by company staff, be they more general end users, senior management or IT/admin staff, while external attacks might be as a result of someone hacking into the company system or users accessing compromised web sites and infecting their machines. Additionally, partners that have a business relationship with the company may also be a potential vulnerability unless well managed.
While it is very difficult to completely eliminate all security exposures that arise, be they external or internal, businesses need to ensure that all bases are covered, and that IT processes are closely linked to business ones. For example, a common vulnerability to which companies are often exposed relates to insufficient measures being in place dealing with visibility and accountability around systems that relate to partners. Companies must ensure that they continually monitor interactions with partners, and that any access by partners to internal systems is tightly controlled. Additionally, they should take steps to verify that the security practices of partners are adequate, and should revisit this on a regular basis.
A business may believe it is sufficiently protected because it has a set of security policies and procedures in place however this is not always sufficient. If these are not linked to specific people or groups, with accountability attached, then a company risks leaving itself exposed. Such policies and procedures need to address all essential areas, both inward and outward facing – rather than trying to focus on best-in-class for specific areas. Importantly, all policies need to be followed by staff, and must be executed in a timely manner.
More significantly, all users need to be properly educated with regards to the importance of protecting company data and, crucially, to the part they play in this. A key element of data protection – inextricably linked to end users – are access and identity management processes. These deal with the identification of users in a system and controlling their access to resources by linking identity to a set of rights and restrictions.
As companies often have a variety of systems that are not necessarily fully integrated, the issue of identity management can quickly escalate, with users having multiple points of entry across the various systems. Managing multiple identities is a challenge to system administrators and to users alike. If there are too many identities and passwords to be managed, users may seek to use a common password across multiple systems thereby exposing the most valuable systems to the level of security of the weakest. This is also likely to be a major procedural challenge when a user leaves a company, possibly leaving some accounts operational rather than being closed down promptly.
Companies may often consider that their approach to data security and identity management is sufficient. While it may be true for certain processes or systems, it is not an area that should be glossed over. Businesses are continually changing, internally, and in the way they link to the outside world. Sensible companies are well advised to ensure that security policies and procedures adapt accordingly and well polished and understood identity management policies, effectively implemented, hold the potential to help reduce both business risk and operational costs.
Subscribe to:
Posts (Atom)