Sign In | Register | Select a Gartner site

Search
WHY GARTNER ANALYSTS RESEARCH EVENTS CONSULTING ABOUT Tweet

16 April 2012 G00233483 Learn the benefits of becoming

Analyst(s): Paul DeBeasi | Guy Creese | Mark Diodati | a Gartner client.
Michael Disabato | Kirk Knoernschild | Eric Maiwald | Jack
Santos | Eric Siegel | Chris Wolf

Free preview of Gartner R E S E A R C H

MORE
research 08 October 2015

Summary
Article Top View for Gartner for Technical Professionals
mobility micro-site Sign in to view more Gartner research.

Enter Username
Table of Contents
Enter Password
Analysis

Analysis SIGN IN
Forgot username or password?
Recommended Reading
17 July 2015

Figures
Figure 1. Mobile Decisions Require Tradeoffs

Figure 2. Mobile Architecture Requirements

Figure 3. Mobile Endpoint Uncertainty

Figure 4. End-to-End Service Delivery

Figure 5. Mobile Users, Applications and Data

Figure 6. Mobile Device Management Capabilities

Analysis
The media tablet market did not exist in early 2010. But now, millions of workers use these tablets in the W E B I N A R S
MORE
enterprise every day, and the tablet market is just the tip of the mobility iceberg. Just below the surface lies a
04 Apr 2016
torrent of innovations that includes mobile applications, social media, mobile health, cloud computing, mobile
payments, interconnected machines, mobile collaboration and wireless technologies.

Mobile innovations have accelerated the change in the relationship between IT and users. In the past, IT had
the exclusive technical expertise to know which technologies were both feasible and useful, whereas users
did not. IT also had the tools, time and charter to establish the necessary management and monitoring
infrastructure to support those technologies. However, IT increasingly no longer has the tools, time or
exclusivity that it had in the past.

Unfortunately, IT is burdened by an overwhelming array of regulatory, compliance, security, privacy,

expense, organizational, policy and legacy technology constraints that dramatically shapes IT's response to
these changes. Simply put, the innovation rate in mobile devices, social software and cloud computing is
accelerating faster than the enterprise adaptation rate. IT organizations that fail to adapt to this new reality
will lose their relevance in the era of pervasive mobility.

Enterprise Mobility 07 Apr 2016

A recurring theme in many of our conversations with Gartner clients is their struggle with mobile
governance. We define governance as the management of the people , policy and process issues.
Enterprises often organize their people into functional silos (for example, human resources, legal, business
managers, security group, networking group, application group or workstation group) to improve operational
efficiency. Such an organizational structure makes it difficult to solve mobility problems because the
solutions often span many operational domains. A good example of this is the bring your own device
(BYOD) policy challenge. BYOD policies are not simply a matter of asking the security team to assess risk;
they will also require input from users, business units, human resources, legal, support personnel,
application developers and the networking team.

Many enterprises tend to focus on a single overriding mobility issue (for example, security). However, the
desire to focus on a single issue can mask other important issues and result in unintended consequences.
For instance, IT may decide to minimize risk by mandating that all BYOD devices access enterprise
resources using server-hosted virtual desktop (SHVD) technology so that sensitive data is kept off the
device. But the decision to use SHVD technology may worsen user experience (thereby decreasing
productivity) and increase wireless LAN (WLAN) dependency (possibly requiring WLAN capital Why Gartner
improvements) compared with other mobile solutions. Gartner delivers the
The process of creating mobile solutions often requires that enterprises make decisions between various technology-related insight you
conflicting tradeoffs (see Figure 1). The enterprise may believe that maximizing user experience is important need to make the right
for a particular mobile solution and therefore decide to build a resident mobile application instead of decisions, every day.
mandating the use of SHVD. The effect of "sliding" the user experience tab from "worse" to "better," moves
Find out more
the security risk tab from "less" to "more" (because sensitive data is stored on the mobile device) and moves
the network dependency tab from "more" to "less" (because mobile data is stored on the device instead of
on a remote server).

Figure 1. Mobile Decisions Require Tradeoffs

SOURCE: GARTNER (APRIL 2012)

Enterprises should create mobile solutions using an enterprisewide architectural methodology. An

architectural methodology helps IT by providing a framework to consider all of the major issues, highlight
interdependencies and facilitate decision making between conflicting tradeoffs. Before creating a mobile
architecture, the enterprise should create a cross-functional architecture team that includes representatives
from not only the IT organization but also business leaders, HR, legal and the user community. The
architecture team should use a repeatable and defensible methodology that iterates among many
interdependent tradeoffs to create and refine its mobile architecture. Refer to "A Methodology to Achieve
Mobile Endpoint Independence."

The mobile team should consider the needs of all stakeholders by aligning business, user and IT
perspectives. The mobile team should create a mobile architecture that:

Addresses a broad set of mobile requirements such as data mobility, application architecture, identity
and security, wireless communication, management and governance (see Figure 2)

Facilitates iterative decision making by guiding the team through a process of methodically making
tradeoffs among conflicting requirements

Adapts to changing requirements by encouraging continuous experimentation and learning

Figure 2. Mobile Architecture Requirements

 SOURCE: GARTNER (APRIL 2012)

Endpoint independence refers to a mobile architecture that enables an enterprise to protect sensitive
information regardless of the type of mobile device or who owns that device. IT organizations do not know
what type of device or mobile operating system workers will want to use next year or next month (see Figure
3). That uncertainty is pressuring enterprises to create endpoint-independent mobile solutions. Mobile
endpoint independence will enable enterprises to support and manage application service levels, regardless
of which devices their users want to leverage.

Figure 3. Mobile Endpoint Uncertainty

SOURCE: GARTNER (APRIL 2012)

Perspectives

The following sections examine mobility from several perspectives:

Infrastructure

Users, applications and data

Security and identity

Professional effectiveness

Infrastructure

Mobile infrastructure provides the foundation upon which enterprises build their mobile solutions. It includes
WLAN technology such as Wi-Fi access points (APs), mobile cellular equipment such as distributed antenna
systems (DASs) and virtualization technology such as SHVD. Mobile infrastructure also includes the system
management tools that enable enterprises to provision mobile equipment and to efficiently triage, diagnose
and mitigate problems.

Enterprise mobility is dependent upon the existence of a well-designed and pervasive infrastructure of
WLAN and mobile cellular technology. Wireless began as a "nice to have" convenience, but it has quickly
evolved into a "must have" necessity. Users expect pervasive service, high performance and seamless
mobility. Satisfying this expectation is difficult for IT organizations because the number of mobile devices,
and mobile communications traffic, is growing exponentially. In addition, most wireless systems were not
designed for mission-critical performance and seamless mobility. Many enterprises need to invest time and
capital in order to improve network capacity, reliability and manageability.

Many enterprises have neglected their wireless networks because they were focused on more pressing
issues (for example, BYOD policies, mobile device management tools and mobile applications) and most
users were not complaining about the wireless network. But enterprises are slowly realizing that they will
need to invest in WLAN and mobile cellular technologies in order to ensure a robust wireless foundation.

Most enterprises define application delivery by physical devices. Any type of failure (for example, power
supply or hard disk), device loss or theft, can halt user productivity. An alternative to device-centric
application delivery is emerging and is often referred to as user-centric or people-centric application delivery.
Delivering traditional applications to people instead of to devices requires new investments in technologies
such as SHVD, persistent personalization and application virtualization. Although virtualization may increase
the reliance on the wireless network, compared to a resident mobile application, the result can yield
considerable total cost of ownership (TCO) savings.

Virtualization affords many benefits, such as improved security, business continuity and access to legacy
applications. Still, the path forward is difficult and can have a significant impact on IT processes, application
delivery architectures, management tools and security (for example, data, endpoint and network access
control). Complementary technologies such as persistent personalization and server-based computing also
have a significant role in supporting mobile compute models.

System management is considerably more complex for mobile communication. Radio signals are difficult to
control, easy to disturb, and impossible to see. Many factors can negatively affect wireless performance,
including poor network design, unpredictable station behavior, and interference. In addition, modern
communication systems consist of intertwined mazes of servers (physical, virtual and cloud-based), which
communicate with endpoints (mobile and fixed) through networks (wired, wireless LAN and wireless WAN)
run by different organizations. The enterprise may not own the endpoint, the network or the servers, but must
ultimately ensure end-to-end service delivery and must support users when problems arise (see Figure 4).

Figure 4. End-to-End Service Delivery

SOURCE: GARTNER (APRIL 2012)

Enterprises should establish a system management team that is chartered with supporting this complex
communication system. The team should ensure that the enterprise is collecting relevant, accurate and
timely performance metrics. These metrics provide a basis to help optimize enterprise investments in
technologies and people, meet required service levels and ensure user productivity. The metrics also justify
charges to users and help the enterprise more quickly detect and manage incidents and problems. The
group should also define network triage responsibility domains, document diagnostic processes and ensure
staff are well trained and have access to the necessary tools.

Users, Applications and Data

Mobile users (for example, employees, customers and partners) increasingly expect to integrate their
personal and professional information using mobile devices. This expectation is driving enterprises to build
mobile applications that enable users to access enterprise data at any time, anywhere and on any device.

For many employees, the terms "office hours" and "work place" are anachronisms. Work flexibility is a
necessity, not an option. They integrate their professional/personal lives on their consumer devices and use
social media to share, communicate and collaborate. Users often have a better sense than IT of what mobile
products and services are feasible. They also feel empowered to use them, regardless of security concerns.
The growing wave of consumerization, expectation and sophistication has created a powerful force for
change.

Mobile technology has also dramatically changed customer expectations. Customers expect to use mobile
technologies to research, buy, sell, rent and rate virtually any product and service. Enterprises have an
opportunity to grow market share and expand addressable markets by using mobile technologies to provide
qualified customers with the specific products and services that they need, at the right time and wherever
they need them.

Business partners such as suppliers, distributors and value added resellers (VARs), expect to use mobile
technology to accelerate time to market, improve customer satisfaction and increase profit margins. For
instance, enterprises can use mobile applications to improve VAR training, shorten the sales cycle and
streamline supply chain logistics. These mobile initiatives require thoughtful planning, development,
deployment and continuous mobile application refinement.
The rush to develop mobile applications is similar to the rapid introduction of websites in the late 1990s. At
that time, enterprises viewed websites as a powerful channel through which to sell goods/services and to
communicate with employees, customers and partners. Enterprises view mobile applications as providing
many of the same opportunities. However, unlike the 1990s, where deploying a simple website was good
enough to get started, simply having a mobile application is not. Increasingly sophisticated user
requirements are driving the enterprise to buy and develop applications that deliver an elegant, powerful and
intuitive user experience. The application needs to leverage the underlying native capabilities (for example,
GPS, camera and accelerometer) of the mobile device operating system and hardware. In addition,
applications must increasingly incorporate location-aware capabilities (for example, mobile marketing) and
social networking integration. Users want to be impressed.

As if this were not challenging enough, enterprises must also deal with many complicating factors such as
short device life cycles (less than 12 months), lack of mobile-friendly legacy applications, immature mobile
application development tools, privacy concerns, security risks, development costs, competing application
architectures and inadequate mobile application development expertise. The combination of these
complicating factors, coupled with increasingly demanding user requirements, increases the complexity of
mobile application development.

Mobile technology is an equal opportunity disrupter of communication, collaboration, content and social
(3CS) software management technologies. Unified communications (UC) clients must run on a wide variety
of smartphones and tablets; today, most of them don't. Collaborative workspaces such as IBM Connections
and Microsoft SharePoint must allow mobile workers to be full-fledged members of communities. That's
often impossible today — in-house implementations of Connections and SharePoint are frequently
inaccessible from tablets, and workflow approvals sometimes can't be executed from mobile devices.

Enterprises need to create mobile-friendly portals and websites so that employees and customers can easily
access and read documents on varying screen sizes. Unfortunately, many companies still don't do so. In
addition, the proliferation of devices has made a manual content synchronization process too onerous,
thereby driving employees to rely on consumer services such as Dropbox. Social networks often blossom
via mobile devices — workers can notify others where they are, take and post pictures and otherwise
generate a steady stream of comments and questions. However, enterprises often continue to think of social
software within the context of working at a desk and, therefore, don't unlock its full potential.

Mobile data requirements are emerging as a key factor in the design of mobile applications and user
experience (see Figure 5). Enterprises must consider requirements such as data input/output (for example,
transaction rate), accuracy (for example, accurate up to the second, hour or day), synchronization, mobile
device storage, back-end storage, processing complexity, risk sensitivity and privacy. The decisions that
enterprises make to satisfy their mobile data requirements can affect user experience, mobile application
design, security, and privacy.

Figure 5. Mobile Users, Applications and Data

SOURCE: GARTNER (APRIL 2012)

Security and Identity

Mobility has not changed the fundamental types of information security risks that enterprises must confront.
Risks such as malicious software, device theft and sensitive data loss existed prior to mobile devices. But
mobility adds new twists, such as endpoint ownership, no dominant operating system, very short device life
cycle, and immature management and security tools. Although sensitive data requires protection, the data
must be available to authorized users. Traditionally, enterprises protect the data by placing controls on the
endpoint, but it may not be possible to place controls on the endpoint in a BYOD environment.

Enterprise security teams have lost control over the mobile endpoint. They increasingly do not own the
hardware or control the software on the device. The variety of devices and short product introduction life
cycles make it impractical for security teams to lock down every mobile device. Content-aware data loss
prevention (DLP) solutions for mobile devices are at a nascent stage with little or no local native device
capabilities. In addition, endpoint protection platforms (EPPs) have little, if any, support for smartphones and
tablets. Although security controls such as encryption, device firewalls and application controls vary from
device to device, third-party products are available to augment the controls and to provide management of
heterogeneous devices. Refer to "Endpoint Protection Platforms: Blending Security, System Management,
and Data Protection," and "Comparing Security Controls for Handheld Devices" for further information.

IT organizations must address how users authenticate when operating smartphones and tablets. Gartner
defines authentication as "the procedure through which a user provides sufficient credentials to satisfy
requirements for access to resources." Implicit within this definition is the concept of proof; the organization
must have confidence that the entity at the other end of the transaction is a legitimate user. Without first
assuring that the entity using the device is a legitimate user, the enterprise cannot take comfort in its other
logical access controls to business systems. Although authentication is a major concern within mobility
architectures, it is important to note that identity management systems have little to nothing to say in terms
of how a legitimate user authenticates to the mobile device.

The discussion of mobile devices and identity has focused upon the use of mobile device services as an
authenticator for accessing resources via another computing platform. For example, users may enter a one-
time password that is generated on a mobile device for access to resources via their PC or Mac. Because
smartphones and tablets have become viable computing platforms for end users, enterprises should also
focus on user access to corporate resources via the mobile device, facilitated by authentication methods
such as X.509 certificates, software one-time password (OTP) clients and out-of-band communication. Refer
to "The Evolving Intersection of Mobile Computing and Authentication" for further information.

Third-party management software vendors are rushing to fill the void created by the immature endpoint
security and identity controls. Mobile device management (MDM) software provides the ability to define and
enforce mobile policies across a variety of hardware and software platforms. Some MDM solutions provide
container technology to isolate enterprise information from personal information. Managed containers
separate enterprise information from nonenterprise information on a mobile endpoint. The information held
within a managed container is protected through the use of authentication (the user is forced to authenticate
to the container prior to accessing information held within it) and usually, but not always, encryption. The
MDM centrally manages the container so that configurations can be set by the enterprise. Information held
within a managed container can be removed without affecting other information or applications on the mobile
endpoint device.

Enterprises often struggle with tablet and smartphone management. The variety of smartphone operating-
system features, rapid evolution of smartphone devices and the inability of MDM solutions to support every
feature and device make the evaluation of MDM systems an enormous challenge (see Figure 6).
Exacerbating this challenge is a fragmented MDM market that makes it difficult to establish a baseline
definition as to what MDM functionality is necessary and sufficient for most enterprises. Products vary
considerably in their product features, methods of device control, application management controls and
ability to segregate personal and professional information. Enterprises should select an MDM system as a
short-term, tactical investment. Refer to "Mobile Device Management Evaluation Criteria" for additional
information.

Figure 6. Mobile Device Management Capabilities

SOURCE: GARTNER (APRIL 2012)

Professional Effectiveness

Enterprises are struggling to adapt to new employment norms — norms that have been in place for
generations but are changing because of wireless networks, handheld devices, social media and cloud-
based solutions. In the past, employees were expected to work "9 to 5" at "the office." They used company-
owned computers, servers and networks to perform their duties. Management discouraged employees from
engaging in personal activities while at work, and most employees collaborated only while in face-to-face
meetings.

New norms have rapidly replaced the old ones. Employees now work at any time and from any location.
They often use personally owned mobile devices and communicate over home Wi-Fi networks. Employees
regularly integrate personal and professional activities and use their mobile phones to help them unify those
activities. They store enterprise data on public cloud servers and synchronize the data between employer
and employee-owned devices. Collaboration can now occur anywhere using social platforms such as Apple
FaceTime, Google Chat and Microsoft Lync. Traditional protocols about "how to use the phone" are giving
way to protocols such as "IM before calling, call before visiting."

Mobility has changed the way employees interact with their tools. Rather than using the desktop PC to do
everything, workers now have the option of doing portions of their work on different devices, using the best
device for the current task. A worker can get an email notification on a smartphone, dash off a quick reply on
a tablet, gather more facts via some phone calls from the car, and then author a detailed document — with
supporting spreadsheets — once back at the office via a desktop PC.

Doing work on a desktop PC often means opening up multiple applications (for example, email, a
collaborative workspace and a content management system) and then copying and pasting information
between them. Smartphones and tablets come with that integration built in. For example, a real estate agent
taking pictures (content) via a smartphone can use several button clicks to email it (communications) it to
coworkers for their help in estimating an appropriate sale price (collaboration) as well as post it to Facebook
and Twitter (social) for viewing by prospects. It isn't that the same thing couldn't be done using other devices
(for example, PC, camera and GPS) — it's just quicker, easier and can be done from more locations.

Conclusion

The explosive growth in mobility, social media and cloud computing presents the enterprise with enormous
opportunities and challenges. Mobility requires that enterprises make decisions among many interdependent
tradeoffs. Gartner recommends that enterprises create mobile solutions using an enterprisewide
architectural methodology. An architectural methodology helps IT by providing a framework to consider all of
the major issues, highlight the interdependencies and facilitate decision making between conflicting
tradeoffs.

Some documents may not be available as part of your current Gartner subscription.

"Data Mobility and the Information Requirements for Mobile Solutions"

"2012 Planning Guide: Mobile Strategies"

"A Methodology to Achieve Mobile Endpoint Independence"

"Comparing Security Controls for Handheld Devices"

"Mobile Endpoint Security"

"Field Research: Mobility and Security"

"Cross-Platform Mobile Development Frameworks"

3CS communication, collaboration, content and social

AP access point

BYOD bring your own device

DAS distributed antenna systems

DLP data loss prevention

EPP endpoint protection platforms

MDM mobile device management

OTP one-time password

SHVD server-hosted virtual desktop

TCO total cost of ownership

UC unified communications

VAR value-added reseller

WLAN wireless LAN

© 2012 Gartner, Inc. and/or its Affiliates. All Rights Reserved. Reproduction and distribution of this publication in any
form without prior written permission is forbidden. The information contained herein has been obtained from sources
believed to be reliable. Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such
information. Although Gartners research may discuss legal issues related to the information technology business,
Gartner does not provide legal advice or services and its research should not be construed or used as such. Gartner
shall have no liability for errors, omissions or inadequacies in the information contained herein or for interpretations
 thereof. The opinions expressed herein are subject to change without notice.

About | Careers | Contact | Gartner Blog Network | IT Glossary | Newsroom | Policies | Privacy | Site Index | Webinars

© 2016 Gartner, Inc. and/or its Affiliates. All Rights Reserved.