MobileIron is one of the biggest players in the enterprise mobility market, with a share of 9.2 percent of the EMM software market, behind AirWatch, Good Technology and BlackBerry. The company was founded in 2007 to capitalise on the era of the smartphone and tablet and their proliferation into enterprises.

So, naturally, the company would be well placed to comment on what to expect from the market in coming years. CBR spoke to Sean Ginevan, MobileIron’s senior director of strategy, to hear some of his thoughts.

 

CBR: What can we expect in the next five years from enterprise mobility?

The model of enterprise computing is changing; laptops used to be endpoints that were primarily used in the office and occasionally used on the road. Now we’re seeing that model change, where mixed enterprise and personal use is increasingly the norm and remote work is increasingly common.

The operating systems, iOS, Android and now Windows 10 have caught up to that usage model, the data security models are far improved. How things are going to change over the next five years is really going to be a lot more work anywhere, any time computing enabled by the OSs and form factors that are being shipped today.

 

CBR: How are the operating systems being influenced by enterprise mobility requirements?

If you look at iOS 3, when the iPhone 3GS first shipped, it was the first iPhone that supported encryption and the first business-ready iPhone. When that device came to market you couldn’t remotely install an app, you couldn’t do selective wipe, you couldn’t automatically update policies over the air.

So, over the past five years or so, Apple has been putting incremental improvements to the OS year-over-year, adding things like the ability to deploy an enterprise app store, adding things like the ability to remotely update policies, adding features like selective wipe and even hardcore enterprise features like certificate installation, certificate-based authentication and S/MIME.

Those are features that consumers flat out don’t care about. I don’t know any tween that wakes up and says, "I don’t care about Candy Crush, I care about the ability to encrypt email." So there’s definitely a lot of seriousness being taken out to the enterprise.

 

CBR: What about other vendors?

Android has followed suit, with certainly incremental improvements of the last several versions of Android. Now with the addition of Android for Work, there have been a lot of the features around better segmentation and architectural capabilities around segmentation of work versus personal data.

So the outlier has been Windows, the laptops that folks were using in their day-to-day computing uses. Windows 32, XP and 7 didn’t have the ability to segment work and personal.

Now with Windows 10, we’re seeing Microsoft follow that same trend, building upon the lessons learned from iOS and Android to basically solve a lot of those mobile challenges.

We’re seeing in the market that irrespective of who owns the device, whether it’s corporate IT owning the device or whether it’s BYOD, the usage of devices is blending.

Users are increasingly using their devices to blend work and personal. At the same time 61 percent of workers in a recent survey we ran said that they expected their employers to keep personal data such as emails, photos and text messages private.

In the UK specifically, over a third said they would leave their job if their employer did view personal information on the mobile device.

In the traditional laptop world, if I did my taxes on my work laptop, that data was getting backed up to corporate whether I wanted that data or not.

Now we have the ability to segment that data and enterprises can focus on the enterprise resources that they’re provisioning to the end-user. So a lot of investment is coming from all the OS manufacturers.

 

CBR: Some of these features are protecting employees. Is it because employees are driving this?

Apple has set a lot of this agenda. When Apple took the iPhone to market and started to build enterprise features, they really took this idea of privacy seriously.

The end-users are demanding this work and personal blend. In another survey that we ran, we found that there’s a strong percentage of folks who would leave their job if their employer took the ability to work remotely away.

If you start to look at it, the end-users are driving this idea of wanting to blend work and personal, of wanting to maintain their own work-life balance, of wanting to work any time or anywhere.

With that comes a different security and architecture model. The days of the group policy object in Windows, when I got my updates when I opened my laptop on the corporate LAN, that goes away.

We have customers where they never enter into an office. I do think a lot of the end-users are driving it, but I also think that the OS manufacturers are seeing what is going on in a lot of these broader market trends and responding accordingly.

 

CBR: How can IT get ahead of this?

I think they absolutely can. In addition to changing the architecture of how they’re looking at security and management, the biggest thing that IT needs to focus on is agility. Security is table-sticks, and we’ve seen this in our own surveys and engagements with financial services and other regulated verticals.

There are a lot of ways technologically to ensure the security of the device and the security of data. What IT needs to be able to do is be agile because the market is moving extraordinarily quickly.

We often tell customers that if you’re going to be deploying mobile devices, there is a lingering concern about privacy among your employees.

You need to build a communications plan that explains what you as IT are going to view on the device and what you won’t view.

Some of it is going to be architecturally driven, like on an iPhone you can’t view SMS messages, and some of it is going to be procedure and policy-driven. You may choose not to view application data or what apps are installed because it could be indicative of somebody’s lifestyle.

CBR: How is this a break with the past?

The trick is that old IT built a policy, put it in a three-ring binder and then put the binder on the shelf. Then the next project comes along and they blow the dust off the binder because they built their policy ten years ago. That doesn’t work anymore. Going back to the comms plan example, we have customers who have a privacy policy from two years ago.

When Apple released HealthKit, we had customers coming to us on behalf of their employees asking what HealthKit is going to mean, whether their employer is going to be monitoring their fitness activity, or if they have a connected device, their blood glucose levels.

The good news is that architecturally that data is kept private. However, it means that IT needs to get in front of things, and as new features come to market like HealthKit, IT needs to come back and say, what does HealthKit mean for my enterprise, am I going to use this data and what will it mean for broader employee privacy.

 

CBR: What else should IT be doing?

IT needs to be continually tracking what’s going on in the market, revisiting what these changes mean both from a policy perspective and from an architecture and security perspective.

The final thing is I think they really need to be aligned to the line of business. When IT went and deployed a new emailing system for ediscovery, the employees didn’t cheer. When IT deploys new tools for mobile, the end-users cheer. That’s an itch that end-users want scratched and the line of business wants scratched.

The ideas of how anytime, anywhere computing can change workstyles; we’ve seen the most successful projects come from end-users who are engaged in business processes every day. They’re the ones that are going to say, if I had this form or this procedure on a tablet, smartphone or wearable I’d be much more productive.

 

CBR: How does this differ from IT leadership?

IT is not going to come up with that because they’re not in the trenches. The flip side is if IT is not engaged in the line of business, you end up with shadow IT.

The introduction of cloud, mobile and always-on connectivity makes it way too easy for the line of business to circumvent IT and invent their own solution, regardless of either regulatory or IT corporate security and compliance.

IT needs to be much more agile than they were before. IT also needs to be much more aligned to the line of business than they were before. I think if both goals can be accomplished they can be very successful in adopting mobile to drive productivity.

It is, I think, a pretty fundamental shift from where IT has traditionally been.

 

CBR: Where will IT departments come from? Will they be drawn from other departments?

What we’re seeing is that IT remains as a team, because they are the technical enablers for a project and the executors for a project. We’re seeing organisations are building centres of excellence around mobile.

Those centres of excellence, which are basically there to figure out what needs to be done, and in conjunction with IT figure out the how as well, are comprised of a whole bunch of different stakeholders, of which the line of business is certainly at the table.

HR, which defines what’s acceptable and what’s not, is at the table. Legal is at the table, because the line of business can say I really want this mobile tool, but if it exposes the organisation to significant risk or violates a regulatory or compliance issue, the line of business probably doesn’t know about those externalities or those factors.

We see the most successful projects being driven by these cross-functional teams.

Does that replace IT? Probably not. It gets tricky to run these massive matrix organisations, but I do think in this broader theme of agility that IT will end up working in these more cross-functional teams as opposed to their own silo which is taking direction from the top-down, from the CEO to the CIO in a more waterfall fashion.