Jay Luteran was worried.
The IT administrator for the city of Mentor, Ohio, knew employees were bringing their own mobile devices to work and accessing the network, but he didn't know which devices or what they were doing. With roughly 500 city workers and an IT staff of four, there was no way to adequately police usage.
"We were using a mix of vendors and devices, from smartphones to flip phones and everything in between," says Luteran, "and had no visibility into those devices or activity."
With team members Ali Seyhan and DuWayne Henke, city officials chose to partner with Aruba and AirWatch for wireless, mobile and application management, giving Mentor the tools to better respond to a growing mobile community.
"We are able to quickly enroll mobile devices, address and enforce security policies, audit and manage mobile applications and updates, identify rogue devices and produce real-time reports on user and network activity. We've never had that before."
Mentor's mobile deployment is gradually growing. So far, the city has issued about 50 iPhones and iPads and may institute a "bring your own device" initiative down the road. "Our population of mobile devices is certainly going to increase, especially with iPads," Luteran says. "We're seeing more and more business opportunities there."
Around the country, state and local agencies are crowded with employees who want to bring their personal devices to the office, creating a host of problems with security, management and reliability, among other issues. IT departments are tackling these challenges by deploying solutions such as mobile device management, encryption, virtual clients and policy.
Love and Loss
Since the birth of notebook computers (and later, BlackBerrys), mobile devices have always added an extra layer of concern for IT managers. Desktop PCs rarely go home with employees, fall off their desks or disappear with gigabytes of confidential information. The infusion of smartphones and tablets into the workplace has created an even bigger series of challenges.
Loss of sensitive or confidential data presents the greatest concern, says Alex Musicante, systems security architect for the city of Pittsburgh. That's why most notebooks are locked or bolted inside emergency vehicles, and any local data they contain is encrypted. But, he adds, the city is beginning to deploy virtual desktops to provide users access to sensitive data without having to store it locally.
72% Percentage of IT organizations that say employees who have consumer devices in the workplace are more productive
SOURCE:IDC Business IT Custom Survey (Unisys, May 2011)
"We're starting to leverage VMware View to loosen those restraints," Musicante says. "Remote access used to be a thing for an elite few, but now that we are more open with it, I dare say we are more secure than ever."
For Michael Armstrong, CIO for the city of Corpus Christi, Texas, the biggest worry is that an unauthorized person will gain access to protected data. "The neat thing about tablets is that you generally don't store a lot of data on them," Armstrong says. "Everything is accessed remotely, and if you lose one, you'll be able to remotely wipe it."
Armstrong intends to migrate Corpus Christi to a virtual desktop infrastructure over the next year so workers will have access to their desktops wherever they happen to be.
For similar reasons, the city of Honolulu recently launched a pilot of 100 tablets equipped with AirWatch to manage access to the network. "We've been testing this like crazy over the past three months," says CIO Gordon Bruce. "We want to make sure we have all the appropriate network and security protocols in place before we open this up."
One of the things Bruce likes about AirWatch is that it allows city departments to establish and enforce their own rules about device usage. "We can manage the underlying infrastructure, but it's up to the police or fire departments to manage their own users," he says. "If a police officer deletes AirWatch off his tablet, he'll have to go back to his commanding officer to reactivate his device."
Handle with Care
Though it's still early in the game, IT managers say damage and loss from mobile devices have been minimal. Tablets in particular have proved surprisingly robust.
"We've had less experience with iPads needing repair than we ever had with laptops," says Armstrong. "Part of that is the form factor — they're lightweight and don't bang up against things. And so far, I'm lucky to not have dropped mine."
Minneapolis CIO Otto Doll isn't so lucky. "Once in a blue moon, something is misplaced or lost, or someone drops an iPad," he says. "I dropped my personal iPad, and now it has a crack in the screen. But it still works."
While adding consumer-grade devices to an IT environment may be inevitable, Doll points out that it increases complexity and risk. That's one of the reasons Minneapolis partnered with an outside company for its IT services.
Luteran agrees. "Technology is such a moving target, the tools change almost weekly," he says. "My advice is to partner with someone who can do some of the legwork and help you figure out your strategy."