How to Perform the Mobile Maneuver
Security potholes, a flood of devices, and steep UI curves are making mobility a bumpy ride. Here’s how to steer through these roadblocks.
Anup Varier Jul 23rd 2013 A-A+
Summary:Security potholes, a flood of devices, and steep UI curves are making mobility a bumpy ride. Here’s how to steer through these roadblocks.

Mobile_Maneuver

In the not-so-distant future, if there’s anything that’ll dictate the way the world goes round, it’ll have to be the mobile phone.

Before you dismiss that as an overstatement, look around you.

Chances are you’re probably reading this on your Blackberry or iPhone. Or tweeting what you think about it, or checking-in to your flight, or using Google Maps to get to your client’s office, or reviewing your sales report­. All from your mobile device.

It’s hard to recall, even imagine, how stuff worked in an age when mobile devices were inexistent. Little wonder then that this millennium will go down in history as the Mobile Age. It isn’t hard to see why.

In its 2013 Mobile Workforce Adoption Trends report, Forrester characterizes 29 percent of the global workforce as anytime, anywhere information workers—those who use three or more devices, work from multiple locations, and use many apps. This number has risen from 23 percent of the global workforce in 2011 and will continue to rise, as the world witnesses close to a billion, yes, a billion, tablets in use for work and home globally by 2017.

While this in itself is awe-inspiring, it also has a direct bearing on mobile application development projects targeting smartphones and tablets, which the research firm predicts will outnumber native PC projects by a ratio of 4:1 by 2015.

While CIOs acknowledge the impact of mobility on their businesses, they are still struggling with the challenges of getting a mobile initiative off the ground. But some of them have figured it out. Here are three of the biggest mobility hurdles that your peers have tactfully maneuvered.

The Security Conundrum

No surprises here. Security is one of the biggest pain points for CIOs when it comes to any disruptive technology. With mobility, security concerns circle around three issues: Device and app control, heterogeneity of devices, and data security.

Device and app control was something RJ Corp needed when it set out to implement its sales and inventory tracking application. The sales force of RJ Corp (a diversified group known for being PepsiCo’s largest franchise bottler in India) is armed with Android smartphones that run the app. “Our sales force is involved in placing orders with both distributors and retailers of PepsiCo products. So, we needed transparency and real-time updates of stock at our end and inventory at the customer’s end so that we can manage our production,” says Kamal Karnatak, group CIO, RJ Corp.

Without such a system, the distributor would lose out on popular flavors and the company would lose out on sales. So, Karnatak decided to create a mobile app for it. “The app gives us an insight into our customers’ inventory and helps us push the flavors they don’t have. This helps us increase sales,” says Karnatak.

Kamal_Karnatak_RJ_Corp

For the ease of deployment, Karnatak chose to develop the app on the Android platform as it offers a wider range of device options. But managing these devices was going to be a bottleneck. “There weren’t too many established MDM solutions for Android in the market. Even the ones that were, didn’t work well with the low-cost device that we had chosen to roll out,” says Karnatak.

A lack of options for customization made flexibility to introduce security checks difficult. Karnatak wanted to control the type of applications that could be installed. He also wanted control over lost or stolen devices. “We did POCs with multiple partners, but for the particular device that we had chosen, no MDM could give us a satisfactory result,” says Karnatak.

Undeterred, Karnatak decided to take the road less travelled and work with an MDM startup. The startup was willing to make all the necessary tweaks for Karnatak. Encouraged, he then did a POC and is today in the process of rolling it out. “Now, we can track and restrict user rights on devices. This alleviates security concerns,” says Karnatak.

While MDM is a potent solution to fix the device control challenge, in their haste to implement it, some companies often ignore a lurking threat in the background: Third-party apps. “Enterprises need to look at a tiered security framework beginning with network access controls and MDM to mobile application management and go all the way through to virtualization, encryption, and DLP,” says Katyayan Gupta, analyst, Forrester Research.

Sandboxing is yet another technique that allows compartmentalization and containerization of risks and gives security teams an easier means to counter attacks.  “As a first step, it is best not to allow anything to be stored locally on the device,” says A. Balakrishnan, CTO, Geojit BNP Paribas and CEO, Geojit Technologies.

A share-broking and retail financial services company, Geojit BNP Paribas was among the first in its business to provide its traders with a mobile application that created a new channel of revenue for the company. “The traffic has to be secured with https and important data has to be encrypted. We also promote two-factor authentication,” he adds.

The company’s employees are also being provided with an approval and workflow management application that is currently being offered on company-provided Blackberry devices.

Swaminathan Narayanan, GM-IS, TVS Motor Company, also swears by the Blackberry. The sales force of the company requires information at its fingertips to uncover hidden opportunities.

Narayanan has developed and deployed in-house mobile applications that cater to each of these groups, but run only on Blackberry devices. “We have used Blackberry, which is known for its encryption and security,” he says. “We have also deployed MDM solutions to take control of the device and wipe data if it gets into wrong hands,” he adds.

Narayanan believes it is better to not keep systems too open and invite trouble. “Limit the type of devices so that management—from a security and administration standpoint—is much easier,” he says.

Multiple Platforms, Multiple Problems

There are more mobile platforms today than there were known planets in 1781—the year Uranus was discovered. Add to this the complexity of screen sizes and input styles and organizations hoping to create mobile applications have quite a job on their hands. This, however, is not an insurmountable challenge. CIOs can breathe easy as there is the popular ‘native’ route and other application development methodologies—such as HTML5 and hybrid—that are gaining ground.

It is well established that native apps are the best looking of the lot as they are specific to a given mobile platform and utilize the development tools and language that the respective platform supports. “People are not comfortable with browser-based applications and this necessitates the development of native applications and the maintenance of three to five different versions based on the OS,” says Balakrishnan.

And that’s what Karnatak has done. He decided to go for an existing sales automation application to which he could map his manual sales processes and customized the application. “This app has been integrated with the backend ERP systems. So, transactions get immediately updated at the backend,” says Karnatak.

If CIOs don’t want to turn to native apps, they could look at HTML5 apps. These apps use Web technologies that allow a write-once-run-anywhere approach to mobile development and make it easy to create cross-platform mobile apps that work on every device. But it suffers from limitations with respect to offline storage and security.

Hybrid apps, as the name suggests, bring the best (and worst) elements of both together by embedding HTML5 apps inside a thin native container. “While these are yet to reach the level of maturity that would entice enterprises to use them, hybrid will evolve to be the preferred method of mobile application development,” says Forrester’s Gupta.

And that’s a choice CIOs would have to make when they dive into the muddy waters of BYOD. Like Karnatak. “We want to be able to track any device that accesses corporate information,” says Karnatak. Which is why, multiple-platform capability was a major factor in RJ Corp’s evaluation of an MDM solution provider.

That’s something any CIO looking to deploy a BYOD strategy should do because being able to track devices is one of biggest needs for organizations. “Most Indian CIOs have little or no clue about the devices owned by their employees,” says Gupta. A good starting point is conducting a simple internal survey that can help CIOs understand the mobile landscape within the enterprise. This will highlight some clear trends in terms of the most popular platforms among employees. Thereon, any application your IT team develops will only need to cater to, on an average, two of those platforms. The minority that chooses to work on the less popular devices can be encouraged to migrate to one of the platforms supported by the organization.

“Not only does this save time and cost but also helps reduce the complexities that come with multiple platforms,” says Gupta. “But if you wish to reach out to your customers, then your application should be available on all the major mobile operating systems and across devices like tablets and smartphones,” says Balakrishnan.

And if a company—like Religare Health Insurance, for example—needs to deal with agents and partners who bring in business without being on the company’s rolls, then their mobile application would have to be available on most platforms. Instead of depending solely on providing information on a printed brochure, Kolla Suresh, founder team member and head-Technology at Religare Health Insurance, built an application for the company’s agents and partners. This application was designed to give the agents a quote illustrator where they can capture basic details of the customer, based on which the app would throw up respective premium rates. “We did a study of our partner community and realized that a majority of them use Android but a lot of them also use Blackberry and Symbian phones,” says Suresh.

Moreover, with quite a few agents in tier-two and tier-three cities, Religare Insurance wanted to ensure they get access to the proposed facility as well. “With a limited budget and the fact that we were unsure about its adoption, we treated this as a pilot project and opted for native application development,” he says.

In case of a change or an update, the company modifies one OS and thoroughly tests the functionality. “Once the backend integration and UI is seen to be working fine, we develop it for other OSes,” says Suresh.

To negotiate the challenge of relevant information updates on the native app, Suresh incorporated an end date for the application. “This would typically follow the financial year and it asks the user to download the updated version and get access to the revised information,” says Suresh.
Moreover, new devices with varying form factors keep cropping up. While some of these would run the version of its nearest configuration, some others would not. “In such cases, we need to take a call on whether to continuously engage with vendors to add new devices as they are introduced or wait till a demand for that device comes up and build something for it,” says Suresh. That is a cost that is usually unaccounted for and CIOs need to determine whether they need to constantly keep investing in it.

While it might be able to leverage the device and platform capabilities to the hilt, native platforms do introduce multiplicity of effort. “There are additional costs involved in the management and maintenance of multiple versions of the application,” says Suresh. There are platforms that allow developers to code once and then render it for multiple platforms. But this has become difficult as established solutions are increasingly becoming expensive or they tend to strip the application to its bare bones—taking a lot away from user experience.

User Un-friendly Experience

Among the most underrated challenges of mobility is user experience.  Delivering great user experience over high-latency mobile connections is a challenge not many CIOs give thought to until user adoption rates for a mobile application plummets. “There is a dearth of technically skilled user-experience professionals,” says Gupta.

And the problem creeps in when you think any application can be made available on mobile devices with minor tweaks on the front end. “While it might not be a bad place to start for an enterprise, an application that is designed for a mouse will not do too well when working with touch simply because it wasn’t designed for it,” he adds.

And if CIOs choose to force fit applications that aren’t built for mobiles, it’ll have an adverse impact on user experience.

“Even when you are porting legacy applications onto mobiles, the logic for the application doesn’t change but the user interface needs to appeal to the users, and easy readability must be accounted for,” says Balakrishnan who plans to make all the corporate applications at Geojit BNP Paribas available on mobiles in the next 18-24 months.

Like Balakrishnan, Religare’s Suresh also emphasized on the importance of design in his application for insurance agents. “Building the application for tablets and then rendering it on smartphones would have posed challenges in terms of the number of details that could be entered, the size of the text fields, and overall readability.”

Clearly, this means organizations that want to design applications for mobiles cannot borrow designs created or meant for tablets or laptops. And this is a whole new project in itself.

“Making an application available on smartphones requires a complete rethinking on the design front,” says Gupta. Else, you would end up with a vanilla offering which might not find the enthusiastic adoption and the consequent benefits the business hopes to derive. “Organizations must start early and hire people with niche skill sets like Android and iOS app development to provision and manage mobility,” he says. Networks too have a bearing on user experience and in order to support the growing mobile devices connecting to the enterprise network, networking engineers and administrators also need to be trained in advanced WLAN skills. “If you are deploying applications for people to use, then user experience is very important,” says Narayanan.

And for any application at TVS Motor Company which deals with information that might be needed by people on the move, Narayanan and his team make sure the architecture, development, and delivery are such that it is available on desktops, laptops, and mobiles.  “At the time of app development, you must be clear what the user base is and develop accordingly. Do a pilot and roll it out to a small portion of your target audience, get their feedback, and make sure they are comfortable before going in for a large-scale deployment,” he says.

Clearly, in a world that is mired in wireless devices, CIOs are well-advised to muddy their hands before mobility zooms past and kicks dirt on their faces. 

Anup Varier is principal correspondent. Send feedback to anup_varier@idgindia.com