The future of enterprise mobility and device management – Thoughts from a mobile developer
BYOD still poses a number of questions: How can organisations minimise the associated risks? What are the latest technological developments that can enable optimum results? How robust is your device management/BYOD policy?
Below I aim to answer these questions, or at least provide some guidance.
Security – Bring Your Own Device is more like Bring Your Own Disaster
BYOD is fraught with problems including:
- The nightmare of supporting a multitude of devices (though we at Microsec can test against scores of devices using Xamarin Test Cloud, where do we stop?)
- The legal minefield of remote wipe. Country jurisdictions have very different interpretations on whose data it is, and what if you wipe personal data by mistake?
You must have a robust, thought-through policy on security.
As a mobile developer, have a policy on security. If you’re supplying to an enterprise, have partnerships established, or a strategy identified that covers Mobile Device Management. This should include the need or availability of personal/corporate data segregation.
It’s essential to have this policy available as part of your sales or technical literature so that when the customer asks about it, you’ve got an answer. If they don’t ask about it, then it’s a great 'here’s something you may not have thought of' sales point.
Encrypt application data
The data store your mobile application uses should be encrypted. If you do this, then even if you don’t have remote wipe, data segregation, or other mechanisms in place, your customer’s data is secure (or at least you can demonstrate that you’ve taken reasonable steps to secure it).
The crux of the matter is that you have little control of what happens to the device. Will it get lost, broken, sold or stolen?
Mobile development strategies - Set up mobile layer, take small steps
Establish a neutral mobile API layer which insulates the mobile application from legacy/line of business systems.
Implement small, discreet, controllable business process on the mobile platform. Don’t go for a ‘big app to do everything’ approach. Small is controllable and gets better buy-in from customer stakeholders.
Don’t do it just because you or the device can
Just because a device can do something, don’t assume it will do it well enough. We’ve found this with mobile scanning – the device camera just doesn’t cut the mustard, so use a Bluetooth scanner which provides all-day enterprise scanning.
Next, think of practicalities - really simple ones. Can engineers really type productively on an iPhone? Where will an engineer put an iPad or large tablet?
Is mobile really the solution?
I recently took a call from a potential customer saying – effectively – 'I need a mobile app, but I’m not sure what it needs to do.' Mobile may be the latest thing, but it needs to have value.
Ultimately, the key message is encrypt your data – even that data which the customer says 'Oh, it’s not important, we’re not worried about it'. They’ll say this until it turns out that data was important, and no-one knows where the device has got to.
Microsec can help
There's no question that mobile apps are becoming increasingly important and valuable, so if you know your business could benefit from one, then get in touch with us. At Microsec, we have more than three decades of experience when it comes to bespoke software development and we've worked across a huge range of sectors, so give us a call on 023 9251 8250 today.