Technology, Big Data

The app trap and children of the revolution

Research Article by,

“Mobile” and “Social” are the buzziest buzzwords in the application space right now, and the place where they converge is the app, the nifty little downloadable application that makes your mobile device integral to your work.  Anything you want to do to get work done wherever you are, you’ll find “there’s an app for that.”

But this is a play we’ve seen before and we all know how it turns out in the end.  We did this with PCs in the enterprise, early on, and eventually came to see that everybody was going their own way in finding the best fit for their unique ways of working.  The PC was marvelous for the standalone user, but gave those charged with protecting the enterprise data assets fits.

Here’s some of the things we overlooked in that iteration of  BYO:

  • A level playing field and mutual support.  Everyone going their own way meant fewer people using any given solution. That meant a smaller chance of them all being able to do the same things or have community help in learning or mastering the tools.
  • Data standardization and data sharing.  People using different tools would represent the same data in different ways. Cross-platform data exchange standards evolved, solving part of the problem, but never quite as fast as the feature sets of the tools. That left folks with two options: not fully sharing data as it got lost in translation or sharing fully only with the subset of folks using the same tools.
  • Data security.  The more often data was dumped into cross-platform formats, the less often security features could be fully used – you couldn’t password protect in a way that six different spreadsheets understood, assuming you could get your data and formulas from into each of them in the first place.

 

These are also the limitations that jeopardize the current app revolution. This time around, though, we have our experience to draw on from the PC revolution to help make better decisions about how to bring this new level of personal empowerment into the enterprise without dragging along the old baggage.

First and foremost, IT needs to get out there with guidance on selecting tools and apps. And IT should help integrate these tools into a functioning infrastructure.   

If an app is going to help the business, it’ll have to meet  standards for data handling.   So IT needs to be out there educating users on data encryption, password strength and myriad other topics such as a mobile device management. If apps are going to work with a company’s data sources, it’ll have to use standard means of getting to them – REST (Representational Transfer State) APIs, perhaps, or WebDAV.  IT will have to make sure such means are available.   

And if the app front-ends some kind of cloud-based service (a document drop box, a slide bank, a content management system) then IT will have to help the lines of business vet the service to make sure it lives up to security requirements or train users on what kinds of content can live in it if it doesn’t.

Ideally, there’d be some process for IT to vet apps as users discover them and put them on a green-lighted list for downloads if they check out. And there needs to be a process for preventing use of red-lighted apps that fail to live up to standards.  This can be implemented through some kinds of MDM software, but runs the risk of choking off the very innovation that makes the app universe so exciting for users.

Bottom line:  IT needs to keeps its eye on risk management as it helps users navigate through the new oceans of apps and tools. Learning from the past, IT needs to focus on enabling staff to find the tools and apps they need be more flexible in a way that doesn’t undercut the requirements 

 


Discussion
Would you like to comment on this content? Log in or Register.
pcalento
Paul Calento 256 Points | Sun, 05/27/2012 - 14:21

Interesting take on BYO from a risk management perspective, notably the need to deal with many of these issues, like vetting cloud services for LOB BEFORE they're implemented. Saying "no" is still too common in many IT departments, but when looking at BYOD from a risk management perspective there's an implication that there's no silver bullet, just expected and managed risk. Setting expectations key.

--Paul Calento

(note: I work on projects sponsored by EnterpriseCIOForum.com and HP)