There's a big fat mess on the doorstep of any IT shop that needs to support users on mobile devices these days. You know what I'm talking about if you've struggled to figure out which mobile platform is the best choice for your business in terms of security and manageability. You know what I'm talking about if you've had executives dictate which type of mobile dervices their workforces should use, regardless of cost or current IT policies for device procurement. You know what I'm talking about if you've had users ask to have their personal smartphones connected to the corporate Microsoft Exchange server.
So as an IT pro, you're looking at that flaming bag on the doorstep and you know it's your job to stomp on it to put out the fire—even though that's likely just to create a bigger mess. As Brian C. Reed of BoxTone said with regard to the mobility support space, "Pandora's box is open." And that's a fairly apt metaphor. Let's take a look at the trends in enterprise smartphones, see how we got where we are, and figure out where we're headed.
What Is a Smartphone—and Why?
To start, it might be useful to think about what exactly the term smartphone really means. “In the past, it was essentially a phone that had PDA functionality and maybe some form of Internet connection or web browsing and email,” said Paul Thurrott, senior technical analyst for Windows IT Pro. “I think a modern smartphone—and this would apply to the ones that are being used in enterprises—is really that stuff but also the apps platform—a formalized application platform.” In other words, it’s not enough anymore to get your email and even browse the web—along with, oh yeah, that’s right, actually make phone calls—on your smartphone: Users want or need to run applications on the device as well.
Whether or not you accept that as a useful definition, there’s no denying the impact Apple’s iPhone has had on the development of the smartphone market. From Apple’s initial announcement of the iPhone back in 2007, it’s been a must-have device among consumers, and although no one necessarily expected it to move into the enterprise, it has done just that. Various reports place iPhone market share at 25 percent or higher. As Thurrott said, “The iPhone is a force of nature. Apple, thus, is responsible for how we define what a smartphone is these days. You have to have that stuff that the iPhone has essentially because that’s what a smartphone is.” Thurrott went on to say that “the iPhone has been so popular that these consumer-oriented devices suddenly are being allowed into the business.”
And it's not just the iPhone; certainly phones using Google's Android OS have benefited from the trend the iPhone started, and even Windows Mobile and RIM BlackBerry devices have released more consumer-oriented devices—smartphones with full touch screens tied to some form of app store. "Enterprises used to be very restrictive about which phones their users could get and what features they had to have," Thurrott said. "And as these things have gained in acceptance, that \\[restrictiveness\\] has gone away."
It's not just that consumer-oriented smartphones are being allowed into the enterprise: Users are choosing the phones that IT departments need to support. "Users feel they have the right to demand which devices they use," said Reed, who is the chief marketing officer for BoxTone, makers of mobile service management software. "Users feel like they're in charge, especially the executives, so IT is being forced to react. . . . I've never seen a wave like this before in my 20 years of tech, where the users were in so much control."
Where We Are: A Snapshot
It might seem strange to start off looking at where we are by talking about predictions for the future, but I do have a point. So, back in February, BoxTone released forecasts for the mobility space by 2015. You can see the full list of BoxTone's predictions on the company's website. First among these predictions is an expected rise in employees with mobile devices connected to the enterprise from 10 to 15 percent today up to 60 to 80 percent by 2015. However, in speaking with its customers about their current mobility plans, that progression might be moving much faster than BoxTone expected. "There's a tremendous growth in terms of adoption rate of mobile connected employees," Reed said. "We have customers who floated at 10, 20 percent, 30 percent of their employees connected to the enterprise from a mobile device who are expecting to double that this year."
As a secondary point to its prediction about the rise in the number of connected mobile devices, BoxTone goes on to say that employee-owned devices will be a big part of this number. This is where end users are asking—or demanding—that they be allowed to connect their personal iPhone, or Droid, or whatever smartphone they've fallen in love with, to the corporate email server. "The only way an organization is going to rapidly mobilize in that period of time at a low cost is going to be by allowing employee-owned devices to connect to the enterprise," Reed said.
This point was echoed by Mark Gentile, president and CEO of Odyssey Software, makers of the mobile management solution Athena. "For mobile messaging, for corporate email access, we've definitely seen the trend to let employees buy their phone, maybe subsidize part of their plan, and let them hook it up to Exchange or their email servers," Gentile said. So businesses are getting cost-savings by not supplying the mobile device or the connection plan—unless they choose to offer some sort of subsidy—but the down side is the additional complexity in management to the IT department.
Letting customers bring their own devices opens the door to supporting multiple mobile OSs within the organization. In the past, most companies probably chose a single mobile platform for all employees; BlackBerry or Windows Mobile have traditionally been the most enterprise-friendly, offering the security and provisioning features that businesses typically want. The iPhone and Android phones have yet to offer the full set of security features for best business integration. As Reed said, "Employee liability is a huge, intense debate for IT because, most specifically, this is the first time in history IT has had to deal with putting data and corporate information on an asset they do not own or control."
There still seems to be an open question here about why smartphones have broken the rules of IT equipment supply. IT has always been able to control what PC or laptop you can use to connect to the corporate network. Why are smartphones different? I'm not sure there's a good answer. As Thurrott said, "For whatever reason, phones are seen as such a convenience and a necessity that \\[companies are\\] allowing that to happen." Chalk it up to the consumerization of IT.
So you've got rapid expansion in the number of mobile devices your business is supporting coupled with the need to support multiple mobile OSs. One of the factors that perhaps makes this situation bearable is the fact that Exchange ActiveSync (EAS) has become such a standard communication protocol. Recall that the first version of the iPhone released didn't offer EAS support, so getting connected to corporate email was difficult at best on that device. Only with the introduction of EAS to the iPhone 3G was corporate infiltration truly possible.
As Gentile pointed out, "Most of the handset makers are jumping on the Exchange ActiveSync protocol bandwagon." Microsoft developed the proprietary EAS so that Exchange Server could provide push synchronization of email, calendars, and other Outlook data to mobile devices. But eventually, the Exchange team realized they had a great resource in the protocol itself and began licensing it to third parties. As Exchange expert and Windows IT Pro senior contributing editor Paul Robichaux said, "It was a very wise move on their part because it's been very good for Exchange as a mobile communication platform. It hasn't been as good for Windows Mobile." The result of letting other phone OSs use EAS has been increased competition for Microsoft's own smartphone platform.
EAS lets mobile phones receive push email securely, and it's generally simple to set up the device to receive mail. EAS can also be used to enforce security policies and provide features such as remote device wipe. However, whether such features of the protocol are enabled is up to the individual handset maker that licenses it—and, as we've seen to this point, many of the features most wanted for enterprise security aren't being implemented yet or are being implemented slowly on the smartphones with the greatest user cachet.
The Players: Strengths & Weaknesses
The number of available mobile OSs is large. However, in the grand scheme, not all of them are going to be significant to businesses. Based on the discussions I've had with a variety of experts and from the reports and research I've read, four mobile platforms are worth watching: Android, BlackBerry, iPhone, and Windows Mobile. There might be others worth talking about. For instance, as Gentile said, "I wouldn't discount Nokia because they do have a pretty significant market share in Europe and even worldwide." Which is true; however, their presence in North America these days is almost nil. And it will be interesting to see what happens with Palm's WebOS after the HP purchase goes through, but there's nothing but speculation down that road today. So let's take a look at where each of the four current players excels, and the gaps they have that leave room for improvement.
Android strengths. According to Thurrott, Android "has simply duplicated Apple's strategy but they've done it with a product that is free—free for device makers to utilize on their own products." So they've got an OS with a really good user experience, and it's tied to an extensive app store, the Android Market. And because it's open source, Android attracts a lot of development, so you can find apps—both free and for a fee—that do just about everything. Another strength with Android is device choice; you can find Android-based smartphones from all the major handset makers and on a variety of carriers. "I fully expect Android to be one of the four major platforms going forward. And it's growing the fastest by far," Thurrott said.
Android weaknesses. Security, clearly, is a major concern with Android devices being used in the enterprise at this point. Android 2.2, which has just been made available, supports remote device wipe and other enterprise security features—an important step—but it remains for the individual device makers and carriers to get together on when the update is available for any given smartphone model. The open source nature of Android can also fall into the minus column because although there's a lot of third-party development, little is done to maintain overall quality of the apps available.
BlackBerry strengths. BlackBerry has long been the enterprise standard for smartphones and still by most accounts is the market leader for business use. As Robichaux put it, RIM's "focus has always been on the mobile device as an email platform. For a very long while, they had mobile email capabilities none of the other platforms could match. Now that the other platforms are starting to catch up, RIM is continuing to deliver device-management functionality that makes it really attractive to companies that want to have good control over what people can do with the devices, how they can be used." Security is a true strength of BlackBerry, achieved largely through BlackBerry Enterprise Server (BES), which lets IT departments tightly control device security and maintain company policies for mobile device use—such as blocking applications from being added. "Enterprises don't want users connecting to app stores and downloading applications," Gentile said. "That creates chaos for the Help desk. Enterprises like controlled distribution of software."
BlackBerry weaknesses. Although BES adds to security and performance, it also adds an extra level of management complexity. Robichaux described BES as a puppy: When you first get it, you have to work to train and housebreak it, but even past that initial phase it still requires care and feeding. "There are a lot of ongoing things you have to do to maintain it that you don't necessarily have to do if you're using just Exchange ActiveSync," he said. Additionally, the BlackBerry has always been aimed at the business market and therefore doesn't necessarily generate the user excitement of other platforms. RIM has launched an app store for BlackBerry, but as Thurrott said, "Their stuff has been a response to what's happened in the marketplace." Translation: They lag far behind in this area.
iPhone strengths. "The strength of the iPhone, of course, is the app platform," Thurrott said. That's right—you've all seen the commercials: "There's an app for that." Apple gets dinged sometimes for preventing certain apps from being sold in the Apple iTunes Store, but at least you know the apps are being vetted to maintain certain minimum standards. The iPhone also by all accounts presents a phenomenal user experience.
iPhone weaknesses. Like Android OS, the iPhone initially had a poor security story, although it's been steadily improving. However, it still has a major drawback in provisioning that other smartphones don't—namely, the need to connect to a computer with iTunes to get started out of the box. As Robichaux said, "That raises a problem. If I want to provision iPhones on my network, I have to do one of two things. I either have to let my end users take the phone home and provision it at home—not a great idea. Or I have to install iTunes on my corporate PCs—also not a great idea because as soon as I do that there are all kinds of attack-surface issues, patch-management issues, other desktop support issues that come into play that don't exist for these other devices." Other smartphones can typically be provisioned over the air without the need to dock to a PC. Another huge limitation with the iPhone is its availability only from a single carrier, AT&T, which in some businesses might not even be an option. But when it comes to the iPhone, Thurrott sums it up best: "It has many limitations with regards to technical issues around multitasking or management issues in the enterprise, and so forth. And it doesn't matter. It just doesn't matter."
Windows Mobile. It feels a little awkward, actually, to talk about Windows Mobile in this company. As Thurrott said it, Windows Mobile is "an orphan." It's a dead-end. Since Microsoft announced its forthcoming Windows Phone 7 platform, would anyone seriously consider deploying Windows Mobile? Microsoft has pledged to continue support for its original mobile platform, but clearly the company is betting its future in the mobile space on Windows Phone 7.
Nonetheless, Windows Mobile is still prevalent in businesses today, and as the original beneficiary of EAS, it's certainly designed with enterprise security in mind. As Thurrott said, "If you're interested in managing a mobile environment, mobile devices from a central server, Windows Mobile is right up there, and they don't get a lot of respect for that. If you're a Microsoft shop, it's a semi-obvious choice." In addition, Robichaux considers Outlook Mobile to be by far the best mobile email client, particularly for heavy email users.
Windows Phone 7
So let's talk about the real future for Microsoft. First announced at the Mobile World Congress in Barcelona last February, Windows Phone 7 is a completely new platform, not a continuation of Windows Mobile. You won't be able to upgrade Windows Mobile phones to Windows Phone 7 (although if Microsoft was really smart, they'd come up with some sort of exchange program to prevent current WinMo organizations from switching to a competing platform), but the new Microsoft platform has been designed with the user experience as a very high priority. As Gentile said, Microsoft "definitely took a look at this and reevaluated from top to bottom. It's an incredible platform. We'll see what the hardware looks like, how well it performs, but so far it looks incredible."
Although Windows Phone 7 is a new platform, it benefits from the experience Microsoft already has in enterprise deployments in mobility. "Microsoft has not done a good job of telling this story yet, but Windows Phone will be enterprise-ready on day one," Thurrott said. "They've been talking up the consumer stuff because that's where all the excitement is in the market. But the truth is they're going to be exactly where Windows Mobile is from an enterprise perspective." So companies should feel comfortable deploying the new platform from a security standpoint. Gentile also mentioned being impressed with the developer story around Windows Phone 7, based on Silverlight, which promises a fertile field for app development and third-party add-ons.
Naturally, it remains to be seen what sort of impact Windows Phone 7 will have, whether it can reestablish Microsoft as a major player in the mobility space. If you scan the blogosphere, you'll find a lot of people sounding the death knell for Microsoft or claiming that no business would bother with Microsoft's new smartphone platform. But from those who have actually tested the platform, all indications seem to be fairly positive. Ultimately, I think that while individuals may passionately dislike (or love) a particular company and its products, enterprises are less prone to being ruled by emotion and will tend to stick with what has worked for them in the past. Furthermore, as long as the trend for user choice of mobile devices continues, the success of Windows Phone 7 seems to rest on Microsoft to generate excitement out there among those users. We shall see.
Where Is It All Going?
As I said at the beginning, it's a big mess out there. It seems clear that no single mobile platform is going to dominate the market in the foreseeable future, and all indications are that businesses are expanding from supporting a single mobile OS to supporting at least two or three. In a poll I posted back in January, just under 28 percent of respondents indicated their companies were supporting only one mobile OS, and 12 percent were already supporting more than four different mobile OSs. Managing smartphones in the enterprise will continue to be a complex issue.
A couple of interesting suggestions came out of the discussions I had with some mobility experts. For instance, Mark Gentile thought that the way to address the security problem with user-owned mobile devices would be to develop what he called "bi-modal profiles." The idea is that you could have a business profile on the phone that could adhere to all the corporate policies for application use and so forth and a separate personal profile, partitioned at the OS level, that you could switch the phone into during off hours so that you could download apps, play games, and all the other things businesses typically don't want you to do—all without jeopardizing the security of corporate data. Seems like a great idea—any developers out there paying attention?
And Brian C. Reed talked about the smartphone as a social media tool. "Organizations are going to start looking at the mobile device as being a customer revenue driver," he said. Traditionally, a smartphone has been seen as a productivity tool. However, with the rise of social media websites such as Facebook and Twitter, and their continued integration into business—witness Outlook 2010's Social Media Connector—and consumers' increased reliance on smartphones, it makes sense that savvy businesses will need to use these devices to connect with their customers. And that leads back to more employees needing support for their phones from IT.
The Foreseeable Future
The four major players all have big updates expected before the end of this year. In the case of the more consumer-oriented platforms, Android and iPhone, their updates are expected to add better security and features to generally make them more attractive to businesses. Windows and BlackBerry already excel in enterprise features; their updates are aimed at appealing more to the consumer market. Yes, the more you look at it, the more of a hodgepodge the picture becomes. So if it's your turn to answer the door when that flaming bag shows up, I hope you're wearing your muck boots—or better yet, take a fire extinguisher.