Employees are getting more mobile. I don’t need to tell you this – you experience it every day. But, the reality is that the world of the employee coming into the office everyday is over; the world of the employee using the locked down, managed desktop is over; the world of the crackberry is over. I mention these things because I constantly hear of organizations that are still managing corporate computing and mobility as if we live in the world of yester-year.
Recently, I have spoken to many enterprises about their challenges with the new requirements around employees’ need to work from anywhere; the expectation employees have to use their own, “cooler” devices; and the reality that iPhones are the most prominent phones in history. If I were to summarize the conversations, enterprises want to support these new demands, but struggle with how to:
- Securely enable BYO of all types devices
- Secure corporate data on these BYO devices
- Mobilize all corporate apps, including intranet, web and Windows apps
- Provide single sign-on to SaaS and web apps
- Securely deliver all of their new native mobile and HTML5 apps to users.
After discussing these challenges, the real question of how to design a solution for these new set of requirements comes up. While not all of our customers have these exact five same objectives for computing and mobility, they do all have elements of the above. Thankfully, there are common elements of a well-designed approach to mobility that any company can adopt as the objective of any mobility strategy should be to securely manage corporate data on any device, simplify the management of decentralized applications and improve control over app and data delivery.
Below are five steps to designing a mobility strategy that optimizes for the five most common objectives we hear around enterprises going mobile.
- Step 1: Secure access to Windows and web apps through controllers: A controller approach can provide necessary management across a broad array of application types. Delivering Windows desktop applications from the datacenter through virtualization is a cornerstone controller strategy for any enterprise. Since most Windows apps were designed for a keyboard and mouse, the key is to use a solution that can optimize the user experience for mobile devices. However, there are also SaaS and web apps that are already optimized for mobile, but need to be controlled and delivered to users securely. A controller provides access to these hosted apps and use VPN and single sign-on technologies.
- Step 2: Secure local content on mobile devices through containers: A better approach to device management is through device containers, which move access and security away from the device, putting fine-grain information control back in the hands of IT.
- For native mobile apps, there are two keys to securing and delivering mobile applications: ‘wrapping’ the application for native execution and providing flexibility for cross-platform development, such as HTML5 apps.
- For corporate data on mobile devices, this involves encrypting the data files on mobile devices, providing ‘follow-me’ access across devices, and supporting the ability to wipe the data if needed.
- Step 3: Provision apps based on identity: With the proliferation of apps in the enterprise, a key issue is mapping apps to job function. Core to this principle is role-based identity management. Solutions here include support for multiple authentication types, active directory federation, role mapping to appropriate applications and data stores, single sign-on, and “active” identity management to automatically provision and de-provision access to resources.
- Step 4: Control access based on policy: Policies must provide ‘contextually aware’ mobile information access. Key checks and policies need to include location, device type, network, authentication requirements and things such as jailbroken device detection. These policies should then be applied down to the specific application or file to allow or restrict access.
- Step 5: Empower users with a self-service app store: Once control steps above have been made, you’re ready for any app, device, or data. What’s left is balancing IT control with an end-user experience built around convenience through an enterprise app store. Key components of any enterprise app store should include unified store for all apps and data, app availability based on role, app request workflows, self-service subscriptions, native app delivery for mobile devices in use, and ‘follow-me’ access to information across devices.
Following these steps will enable employees to seamlessly use the devices of their choice and work from the locations that bet fit their workstyle while at the same time allowing IT to retain control over what matters to them – all the corporate apps and data in use by employees.
Citrix CloudGateway is a great way to get started on your mobility initiatives – pair it with ShareFile and XenDesktop and you have a solution that enable user choice and IT control over all apps and data. Try it out, tell us what you think!