How to Leverage Mobile and Cloud Identity Management to Make Unfettered Access to Apps from Devices a Winning Proposition
It seems whenever a spiffy new mobile device or app is available in the market, IT departments around the world relate to a common reaction from their employees: “It’s new. It’s shiny. We want it!” The Bring Your Own Device (BYOD) phenomenon is alive and flesh in enterprises today. BYOD isn’t new of course, and is still growing. Gartner Research predicts that by 2017, around 50 percent of employers will require their employees to supply their own devices – so getting ahead of this curve is a good thing.
Despite the benefits of having employees bring their own devices to work and hooking them up to corporate resources, many companies have learned the hard way that there’s no free lunch. They simply do not want to deal with challenges around the co-existence of personal and business apps/data, multiple operating systems and apps, issues with security and compliance, problems with backup and recovery, and collaboration issues among employees with incompatible devices or apps. All this just adds complexity and extra costs.
This has sparked the advent of COPE: Corporate Owned, Personally Enabled devices. In the COPE model, a company supplies and owns the mobile devices, but rather than locking them down it enables personal use for its employees. And that is the best of both worlds. COPE solves challenges in securing information on a device that the business doesn’t own. Now when a company-owned device is lost or stolen, IT can remotely wipe it to prevent data loss without any questions asked.
With COPE, companies get to enable consumerization of IT for the employee by giving them the freedom they crave to load and use their own apps while ensuring the ability to control and protect corporate information.
Whether BYOD or COPE, what is common to both is that employees want to use both corporate and personal apps on their devices of choice. This is best captured in the Bring Your Own Apps (BYOA) trend around employees’ use of third-party applications and cloud services in the workplace. BYOA is really the key driver of the larger trend of consumerization of IT, as its associated benefits include greater employee engagement and satisfaction, as well as improved productivity.
So assuming any SMB or large enterprise organization out there has embraced some form of BYOD/COPE/BYOA, we now see them asking for the right measure of security and productivity – to ensure their increasingly mobile workforce connects to the corporate sanctioned apps remotely from their favorite laptops, smartphones or tablets.
The key challenges for businesses of all sizes adopting cloud & mobile is finding the right balance of usability and security. Users want to get 1-click access to an increasing number of apps without fat-fingering passwords for each app. As these mobile devices are increasingly the primary means of user access to apps, they must be trusted and need to be secured. The state of enterprise mobility today is that there is no “perimeter security” any more. The network boundaries are slowly disappearing while IT organizations still want to control access to any off-premise application from roaming mobile endpoints.
This state of enterprise mobility is forcing IT organizations to adopt solutions that unify management of user’s identities and their mobile devices and apps. This is most important and timely as the concept of “user identity” is becoming more relevant in the context of perimeter security.. Traditionally, identity was about managing users’ accounts and passwords, plus granting them access to authorized applications. Today, mobile device identity and cloud user identity allows leveraging this user and device context to determine who has access to what app from which device and location. This graphic best illustrates how a combination of an identity and mobile management service provides the necessary “glue” that intricately interlinks cloud services and devices that an organization may wish to use for enterprise mobility.
The mobile management service ensures the correct device posture and compliance while being used to access apps. It also provides a way for end users to easily track, locate and wipe their devices in the event of theft or compromise of the device. This is critical, as a good identity management solution will always ensure 1-click experiences to mobile apps without prompting the user for any passwords, thereby also introducing the associated risk if the user loses his device. Finally the identity service can provide the required controls to IT to easily define granular role, device and location-based access to apps, in effect providing “perimeter security 2.0”.
I foresee embracing identity to solve enterprise mobility challenges as a winning combination for IT organizations – it will ultimately let them claim their superhero titles and adorn BYOD, COPE and BYOA badges. Their only easy task at hand is to figure out the best-of-breed vendors that deliver both mobile device management and identity management solutions.