Thursday, May 24, 2012

IBM bans Siri - loose lips a security risks


A new wrinkle was introduced in the BYOD argument today as IBM announced they are banning use of SIRI in its networks viewing SIRI as a potential security risk.
Where's the rub?

Siri captures your voice input and sends the data to Apple's servers in North Carolina where it processes the voice inputs to send the query results back to the device. It is unclear who has access to this information and for how long.  IBM is concerned that anyone with access to these servers could glean information from these transmissions.

While IBM is prohibiting the use of Siri within their networks what happens when an IBM employee is off campus? They still have access to Siri.

I've noticed  a greater concern about BYOD the past couple of months. This puts a new wrinkle in the BYOD argument.  While on the surface BYOD seems a great idea with the promise of greater employee productivity, IT costs being shifted to employees and worker satisfaction. There are significant risks that are bubbling to the surface that companies are have ing to address with stronger BYOD policies.

IBM's banning Siri highlights the criticality of protecting company data. It is imperative that companies establish BYOD policies that address company needs and provide clear acceptable policies for a personal device. IBM is finding this balance is a  little difficult to manage  and in the end zipping the lips of Siri. 

I'm curious to see what other BYOD policy changes are coming down the pike.


Jody Sedrick
Follow me on Twitter: @jodysedrick and @zenewareinc

Thursday, May 3, 2012

Enterprise Mobility - "While we are benefiting, it's a mobility mess!"


This morning I visited with a significantly larger enterprise client that has divisions that provide services in  mining, oil and gas exploration, environmental impact studies, building engineering, water conservation and more. In our conversation he commented, "My biggest challenge is that we have come to realize we all have all these disparate mobile solutions that service individual business silos, but can not interact with each other. Each division is running their own mobile strategy. Some have mobile apps, some are still on spread sheets, others have no mobile solution but considering and I just learned we currently have two MEAP solutions running. And we haven't even discussed the mobile device issues. While we are all benefiting individually, it's a mobility mess."

In my experience companies who have rolled out mobile solutions have deployed them in an opportunistic fashion. Typically a field manager has caught the mobile vision early. Through his ingenuity, tenacity and budget maneuvering has implemented a mobile solution specific to his group. The positive impact of his mobile solution inevitably catches the eye and envy of other departments who eagerly clamor to adopt mobile solutions.

While this approach provides a strong, quantifiable internal use case for mobile solutions it often leads to a reevaluation of the first mobile solution. Especially, if the first mobile implementation only addressed a specific business need, was limited in scope, didn't plan for the broader needs of the company and was not scalable.

Developing a strategic plan is critical for the on-going adoption of enterprise mobile solution. The key is understanding "why you are going mobile". Evaluate what you trying to accomplish from an enterprise level all the way down to the individual level. Then develop a strategy that addresses this across the enterprise. Companies need to focus on the following key areas
  1. Identify key business processes that will benefit from mobilization.
  2. Determine how individual mobile projects integrate with a central mobile management, backend databases and security infrastructure?
  3. Establish security policies for data accessibility, network accessibility, application distribution, device management, BYOD policies, etc.
  4. Identify supported mobile devices; SmartPhone, TabletsPCs, Rugged devices
  5. What supporting hardware is needed? Mobile Printing, GPS, RFID, etc.
  6. Determine if mobile apps will be available on different mobile form factors; SmartPhone, TabletPCs, Rugged devices, etc.
  7. Identify mobile user roles. User will roles determine data accessibility, security rules, appropriate device options.
  8. Determine if mobile roles are transactional, informational or collaborative
  9. Identify if mobile business processes and user roles are B2B, Internally driven or B2c
  10. How many mobile users are targeted?
  11. How will deployment and support of mobile users scale over-time?
  12. What mobile architecture do you need to have in place?
  13. How will mobile apps be developed, deployed and managed? Who will oversee this?
  14. What types of apps will be supported? Custom-built, off-the shelf, modified mobile app templates, HTML5 mobile apps
  15. Determine how success will be measured
Yes enterprise mobility brings new challenges and opportunities. Investing the time to conduct a full enterprise mobility assessment and developing the appropriate strategic mobility plan is critical for long-term sustainability and scalability of mobile solutions in the enterprise.

Like my client said, "We've been dabbling in mobility long enough. It's time to get serious and unify our mobile strategy and get out of this mobility mess."


Jody Sedrick
Follow me on Twitter: @jodysedrick and @zenewareinc