Industry experts have warned of an increase in unauthorised IT systems within organisations as IT departments fail to keep pace with employees' technology demands and the consumerisation of IT.
Speaking at an event organised by Vodafone Global Enterprise, Sukhi Gill, HP enterprise services chief technologist for Europe, said there has been an increase of "shadow IT", whereby employees are working around IT departments and company security policies to access corporate data using consumer mobile applications and cloud-based services on personal devices.
Gill said enterprises are falling behind employee demand: "CIOs are not getting money from the board, there is a backlog of projects and consumers are blaming devices."
He added that enterprises need to rewrite legacy applications beyond e-mail clients to make them more like a consumer experience. But legal considerations still act as a barrier.
Legal complications stall mobilisation
HP's legal department is grappling with who is liable if a corporate network is compromised via an employee-owned device.
"The legal department is blaming the end user for corporate downtime and still trying to decide what contract to make them sign," said Gill.
While contractual issues are yet to be resolved, Gill advises companies to accept that consumerisation of IT has happened and to start trials of mobilising some non-core applications, such as giving field workers access to some corporate data and services.
IT departments must work with users
Nicholas McQuire, research director for Europe in enterprise mobility at analyst IDC, said customer-facing mobile apps are a priority for many businesses, forcing some marketing departments to hire app designers to develop products, "flying under the radar of the IT department" and bypassing IT governance.
This means IT departments need to work more closely with users to protect sensitive data.
"The key performance indicators (KPIs) for IT used to be measured by availability. There is a transition going on. Equally there will be performance-based measurement around how users perform," he said.
McQuire said companies must segment applications before upgrading to new operating systems, such as Windows 7, to decide what applications should be mobilised and which need to be secured to protect data.
Making mobile technology work for the business
Paul Domnick, CIO at law firm Freshfields Bruckhaus Deringer, said companies have focused attention on protecting infrastructure and systems instead of sensitive data. "The elephant in the room is the need to protect data on multiple platforms at the same time to allow the technology to be exploited," he said.
Despite being generally "scared" of deploying mobile apps, Freshfields has recently enabled a remote time-recording app to allow lawyers to record their working hours more easily.
The company also started using enterprise social network, Yammer two years ago in a pilot with 12 IT staff. The IT department was forced to prevent attachments as the user base grew rapidly to 56. Now a quarter of the firm uses the tool for sharing news, company knowledge and even mobile app recommendations.
While Domnick believes platforms such as Yammer allow employees to self-support devices to an extent, the proliferation of personal consumer devices will have an impact on support resources.
"At some point, the firm is expecting something like Apple's Genius Bar, perhaps in the form of video support," said Domnick.
But beyond the firm's spend on IT people, Domnick said his biggest spend is on security hardware, software and networks.
Educate staff about mobile security risks
Bryan Littlefair, global chief information security officer at Vodafone Group, said companies have a responsibility to educate employees about security risks to allow personal mobile devices to be supported.
But he believes there should be a shift to protect data rather than individual devices. "Security professionals need to accept being at the losing end of argument and start rolling out enterprise mobility programmes," Littlefair said.
Tips for supporting mobile devices
Nicholas McQuire, research director for Europe in enterprise mobility at analyst IDC, gives four tips for moving towards supporting employee-owned mobile devices
Register with Computer Weekly to download more information on mobile technology in the enterprise:
- Computer Weekly buyers guide: Mobile technology
- CW+: Mobile security opportunities: Strategies for tablets, smartphones & feature phones
- Whitepaper: Human centered mobility
- eBook: Mobility Management For Dummies
- CW+: Sybase mobile commerce guide - a downloadable book
- CW+: Sybase mobility guide - a downloadable book
- Whitepaper: Social media in the enterprise