Road warriors threaten company defences

Wireless in the enterprise, Financial Times, 18/06/2003

Viruses, rogue software, user error, hardware hang-ups and spilt coffee can all devastate a company's desktop PCs, but at least an IT manager knows where the hardware is.

With enterprises increasingly sending their staff out into the world armed with laptops, tablet PCs, smart phones and PDAs, the IT manager faces a whole new set of headaches.

The problems of securing wireless Lans (local area networks) have been widely reported. But wireless devices present many other dangers - they can be lost or stolen, with all the sensitive company data stored on them. They can be loaded with unapproved software, damaging the device or the company network.

Even if nothing goes wrong, they have to be managed, updated and looked after. Quite a task for IT staff already struggling to manage the company's desktops and networks.

The laptop loss problem is enormous. According to figures from Gartner, the research group, 350,000 laptops, 35,000 PDAs and 232,000 mobile phones were lost or stolen in the US in 2001. Most devices are protected with a password, which makes it difficult for the casual thief to access the data stored on them.

Extra features such as thumbprint readers are available, which can prevent access or in some cases erase data if too many failed attempts at authentication are made.

Microsoft is currently deploying a smartcard-based system to its own employees, which makes it impossible to log on to the company's network from a laptop or PDA without the smartcard and a separate Pin number.

Software which encrypts data on hard disks and removable data storage modules is also available, making data unreadable without a password. However, these more extreme security devices cost money, and come with a strong risk that they will accidentally lock out legitimate users, so organisations have been slow to adopt them.

"Power-on passwords are enough for 90 per cent of the users we speak to," says Kenneth Smiley, a director at Forrester Research. "Although other systems have been available for some time, people just aren't using them. The only clients we see have been in financial services and in healthcare. It has been marginally more popular in Japan, but only as a novelty."

Many businesses have been using laptops for some years, and they generally run the same operating systems as desktops. PDAs, on the other hand, are a relatively new arrival in the corporate IT world, and they are rather more challenging to manage.

Where large PDA-based applications such as wireless customer relationship management (CRM) or field-force automation are rolled out from the headquarters to a group of employees, staff are generally equipped with the same or very similar devices.

Often, however, employees buy PDAs or smart phones on their own initiative and then ask IT departments to connect them to desktops and provide support.

IT managers find themselves being asked to take care of a dizzying range of machines of different ages, from different manufacturers and also running different software.

Consequently, IT departments are increasingly taking control of PDA-buying policies, either purchasing devices centrally, or mandating a certain model or models for customers to buy, and declining to provide support for other devices.

In many cases, businesses are choosing devices based on the Microsoft Windows CE platform, based on the logic that if their desktops and servers are already running Microsoft, it will be the easiest platform to manage.

"We felt that most people are running Microsoft on the desktop, so we felt that it would be easier to run on the PC," says Simon Bennett, IT director at Tarlo Lyons, a UK law firm.

He requires staff to buy HP iPaq PDAs, running Microsoft's operating system, and supports other devices only on a "best efforts" basis.

Other organisations, such as IT consultancy EDS, are looking at a range of platforms, such as Palm, Symbian, Linux or BlackBerry, choosing the most appropriate for each separate task.

EDS is piloting a solution for its 15,000-20,000 staff in its solutions consulting business. "We are going through a series of assessments, to accredit devices for different purposes, and we're agnostic about operating systems. Our thinking is that one device is not necessarily suitable for all purposes," says Bill Crawford, senior vice-president and global offering executive for wireless services at EDS.

Even with a single set of clients, the management of a mobile fleet remains a considerable chore. Devices have to be repaired, updated, monitored, tracked, backed up, and secured.

Ideally, this will be done remotely, without making users return to headquarters every time they need something done to their device.

Remote management has been available on fixed-line desktop networks for some time, and with the availability of always-on wireless networks, these management tools are being offered for mobile clients too.

Companies including XcelleNet, Computer Associates, Novell, Synchrologic, Altiris, Marimba, LANDesk Software, and Novadigm all provide software that addresses some or all of these functions. Pfizer, the big US pharmaceutical company, has equipped 100 agents in its Finnish sales force with Nokia Communicators to access wireless e-mail and a CRM application.

The company uses XcelleNet's Afaria software for remote software downloading, updating and troubleshooting.

"It saves a lot of time," says Mikko Vasama, senior IT manager at Pfizer Finland. "I think it is important to have this system in place, it would be very difficult and time consuming to do it without it."

Once a mobile fleet reaches a certain size, automated management tools start to become an attractive proposition, says Fred Broussard, senior analyst at IDC, the technology research company.

"The larger and more disparate your fleet the more you need these kinds of tools. But they aren't intuitive to use, and there is a significant training requirement - often several weeks or months."

Wireless e-mail and other mobility systems can provide considerable benefits to customers, but companies need to take care when implementing them to ensure that this is delivered.

As with any IT project, companies need to make sure that they are solving a clear business need in a focused way.

But reducing cost of ownership is also an important part of making sure wireless applications do provide their promised return on investment.

Companies will have to pay increasing attention to the demanding task of managing and securing their wireless devices.