Separation of Mobile “Church” and “States”

By Art Rosenberg, The Unified-View/ UC Strategies Expert

Multi-modal mobile devices are having a huge impact on both consumers and business users who only want to carry a single, personalized device to do all of the following:

1. Communicate dynamically with people in a variety of ways for either business or personal contacts
2. Access information and self-service applications as consumers or employees in various modes
3. Control personalized automated notifications
4. Because mobility requires dynamic flexibility of interaction, UC enablement will be very important for both contact initiators and contact recipients

The technology is still evolving to support all of the above, but the biggest hang-up seems to be keeping the “separation of church and state” for supporting the device, the public network access, and the mobile application middleware that must reside within the different endpoint devices. The big argument is concerned with security of any information that can be accessed by the mobile device and most IT folks think they need to control the device, rather than the data that must be protected.

Several years ago, when Apple came out with the first “smartphone,” I remember posting an article that suggested that access security to enterprise data should be controlled at the application levels, not at the device or network levels. I still believe this is a viable approach. Obviously, it will be a combination of authentication and encryption that will enable maximum end-to end security in the mobile Web environment that smartphones and tablets will exploit.

The BYOD game is forcing organizations to accommodate user choice of mobile device for both person-to-person communications and business applications access. Mobile devices should have thin clients to primarily provide wireless access to applications that control data access, and not store either applications and data that will be in ‘private” or “public” clouds. That will minimize enterprise responsibilities for supporting end user mobile devices for employees, business partners, and customers to different levels of control on the device for what my colleague, Michael Finneran, describes as “Secure Containers” and all the MDM (Mobile Device Management) platforms have them.

I used to employ the term “Dual Persona” for describing the above mobile device management requirement, but if you think about it, every mobile user is not just an employee of a particular organization, but, as a consumer, in addition to personal/social contacts, they have business relationships all over the place, each of which require the same kind of security protection of authentication and encryption. I suggest that the personal mobile device must be controlled primarily by the end users, especially when it comes to privacy issues, and supported by the network service provider they subscribe to, while specific business application access should be controlled by the organization that provides such applications and authorizes such access.

So, we really can have “separation of church and state” within a mobile device, except that there can be many “states,” i.e., online applications from different service providers that will be personalized for individual mobile users, employees, partners, or consumers.

What do you think?

Copyright © 2013 The Unified-View, All Rights Reserved Worldwide

Leave a Reply