Broad adoption of personal mobile devices into government organisations has created new challenges as employees increasingly use personal preference to determine which apps they integrate into their everyday work.
With major app stores well past the million-app mark, this creates headaches for agencies focused on data protection and access control. And there is no immediate cure: the constant flow of new devices and operating system capabilities has created a new moving target that has significant implications for enterprise mobility, customer service, data integrity, security, and more.
For IT managers that already have their hands full, the last they needed was even more stress – but that’s what they’re encountering as they are called upon to rein in the challenges and opportunities
of mobility including bring your own app (BYOA) models; best practices for the rollout of mobile devices and corporate apps; and available technologies and best practices for making the most of
mobile devices in government agencies.
Yes, the expanding app culture is creating new opportunities and introducing a host of new issues – so how can agencies make the most of it? To find out, GTR brought together a number of experts including Matt Ball, managing director with BlackBerry ANZ; Steven Crutchfield, general manager of Motorola Solutions; Fadi Geha, CEO of mobile app development firm Acresta; and Amardeep Toor, general manager for enterprise mobility solutions with Telstra.
GTR: To what extent are mobile devices driving government IT strategy and execution?
GEHA:We are seeing two components to that. The first is how they are being used for government services for people who want to access information from government departments, and the second is how they’re using those devices for their own employees and workforces.
Government departments are very similar to large organisations where they’re wanting to look at what we’d call a hero app – something that is fairly flash, and attractive for an end user to be able to access information from.
But we’re finding government tends to be a bit behind the private sector in actually harnessing the power of mobility as a service front-end for their customers. And on the workforce mobility side of things, we haven’t seen state and federal governments taking up opportunities to use mobiles to improve business processes and efficiencies.
TOOR: We are starting to see some of them looking at B2C type apps and how they are supporting their customers. They’re starting to look into what they can do to improve the interaction or reduce the cost of those interactions. However, it’s still very early days – the concept stage, and not a mass rollout. I remember having discussions last year and was hoping that there would be more activity in terms of actual rollouts by this year, but they’re still in proof of concept phase. It is moving slower than I expected.
CRUTCHFIELD: The emergency services market is relatively conservative for a number of reasons, and therefore not necessarily the first adopter of new technology. But we have seen a pretty strong and fundamental shift in this space over the last 12 to 18 months. The reasons for this are not any different to most others: everyone’s being asked to do more with less. To enable police, fire or ambulance officers to do more in the field rather than returning to the office, is a great force multiplier – and it means they can get a lot more efficiency out of the resources they have today.
Some are in early days defining what mobility means for them, and putting business cases together. Others have rolled out mobility devices to every police office with some level of limited functionality, and others are somewhere in the middle. Others, that have had the full deployments, are looking to understand what the efficiencies are and how they can derive more. Overall, there are a lot of trials and experimentation.
GTR: What challenges are government bodies encountering as they move to embrace mobility and app-based strategies?
BALL: Many of the drivers that have put them down that path are similar to the private sector – reducing their overall capital expense on buying devices or hardware, and also wanting to enable their employees to have flexibility and an ability for those employees to determine what device they would particularly like to use.
But if you look at how it’s playing out in federal, state and local governments, it seems to be that a lot of agencies are looking at the level of importance of security, and that’s starting to shape a lot of what their mobility strategy is looking like. The information they’re carrying is data and citizen data, and the impacts of breaches of security has potentially catastrophic effects.
CRUTCHFIELD: Security is a no-brainer as an issue within mobility – whether that’s the security of the device, security of the carriage of the information to that device, security of where the information is stored, or the authentication of the user and device onto the network. The full coverage of security is a massive issue for mobility, and it’s probably exaggerated or accentuated inside emergency services because of what they do and the information they hold about the community.
TOOR: It’s not technology issues as such; it’s more about getting your head around everything the technology touches. This could be related to policies, HR issues, line-of-business outcomes, or a combination of all that. Previously there were a lot of buzzwords around BYOD and everyone thought ‘that’s a great way to save some money’ – but they are starting to realise that it’s not that simple.
You’ve still got to enable the connections to applications and infrastructure, and there is a cost around that. There’s also the security side, and what are the policies about what you can lock in on the device. These issues do tend to slow things down a little bit. Some of the more active organisations are calling in consultants to work through all that – but if you’re trying to do it inhouse, it becomes slower in that people are also doing their everyday work.
GTR: How can service providers work with agencies to get moving, and vice versa?
TOOR: We’re finding that companies don’t want to take device management inhouse, because the traditional IT teams don’t have our expertise in terms of how to set it up. So we’re doing a number of things: for example, we offer a cloud-based mobile device management (MDM) platform for our customers, which they can either just purchase licenses for or we offer bundles in some of our plans. That is growing quite rapidly, but there is still a long way to go to get the penetration high.
Customers are proving keen to outsource wherever they can, and they’re happy to use a cloud-based platform.
GEHA: The concept of ‘start small and grow the deployment’ isn’t quite how federal and state government agencies have engaged vendors in the past; they’ve always engaged them around the idea of spending a significant amount of time upfront on the strategy and searching for the solution, and they send out these documents written like old-school ERP documents – which were based on the idea that ‘we want to insure our business against change for the next 10 years’.
What this means is that organisations at a state and federal level are still doing what they said they wanted to do three years ago. That thinking, as hard as it may be to change it, has to be overhauled;
they’re just not coming on board with mobility like their peers in local government. When we can sign up five local governments in three months we’re not going to engage with a state government having procurement cycles that last 18 months.
BALL: There is a lot of diversity in governments and in mobility policies; we operate in a country where agencies and states have their own pretty significant degree of flexibility in terms of what IT or mobility solution they choose.
Enterprise mobility management and unified communications, coupled with things we’re doing in the machine to machine space on the back of our QNX acquisition, will play out extensively over the next couple of years. And while I think people know us for security, they don’t necessarily know us for the other parts of our business. And we all need to be flexible in terms of what we can do to help government agencies go mobile.
GTR: To what extent is cloud adoption driving mobility takeup, and vice versa?
GEHA: I don’t think mobility could have happened as quickly as it has, without cloud. Initially there was this whole perception around cloud, data sovereignty, and security. Once again, local government has outpaced state and federal government in this space as vendors offer a platform as a service solution, where it is hosted in Australia in government-certified data centres, and the actual data resides on the cloud.
Or, the data might be sitting back in the client’s IT system where they’ve got full control of the security over it. But without a cloud-enabled platform to give that flexibility, the deployment, speed, and turning on of activity-based apps just would not happen like it does without a cloud based offering. It’s really fundamental to the entire concept of mobility.
TOOR: Cloud services are definitely driving mobility, although sometimes it works the other way around. Cloud-based solutions facilitate mobility much more easily than on-premise type solutions – but in older environments it’s not easy to just replace your back-end systems with cloud-based platforms. It’s going fine with greenfields sites, but there’s still a long way to go on the traditional apps.
BALL: From a data perspective, it becomes a question of where that data is being stored and what is the pedigree of the organisations as it pertains to the security I’m using for my cloud solutions. Customers looking for cloud solutions are largely looking at larger businesses that offer their own versions of secure data centres.
GTR: How can organisations get past the security and other issues that cloud and mobility raise?
TOOR: The security issues are the same as you had on laptops, in terms of how to secure the information. But mobile devices are always on and that leaves them more open to risk. There is nothing wrong with those solutions; they are secure in their own sense. But there is a different level of security in terms of documents vs personal documents.
Enabling some secure way to share content is absolutely key – and device management makes it easy to enforce that properly. You can either go the MDM route or, if you’re more security conscious, you can lock it down more with a container type solution. Or, you can just go the apps management route, which is where you only allow certain apps to be deployed and there is no sharing of data between or across apps. There is no single way of doing these things.
GEHA: We strongly believe the first step any organisation should take is looking at MDM. They need to have a policy in place, establish whatever it is they want to use for control and distribution,
and then quickly get that embedded into the device rollout. That could apply for a BYOD strategy or for internally sourced devices – and it ticks the boxes in terms of being able to provide those tools of trade, and being able to perform those specific functions on the devices.
BALL: We’re seeing a huge trend around applications going mobile. And in that space, we provide the ability for organisations to take whatever applications they already have, and have already invested in, and wrap that securely in a container that quite literally sets all of them free. If they’ve already invested in their own application, we can enable that, which really is a big positive. And, within that container there is no crossover: apps cannot use information, share information, transact with other applications or gain access to applications they shouldn’t have access to.
CRUTCHFIELD: I don’t think security is holding things back; there is a level of security technology and maturity in policy design that enables this to happen. It starts with the policy and risk assessment, and with putting the right tools in place to ensure the agency is actually compliant with those security controls and goals. It’s a consideration and a concern, but not an insurmountable one.
In the way these applications will better enable mobility, it’s important to be able to enable and manage the applications to the carriage you’ve got available. The ability to prioritise by user and application, and to roam effectively across environments, will make it a much more effective mobility story. We often talk about containerising a set of applications on a device, so in some ways you’re creating multiple personalities on a device – one for home user, and one if you’re working in operations. Those types of capabilities are going to become more important, particularly as you move towards a BYOD environment.
GTR: Web apps were all about opening up the customer interface, but the trend now seems to be towards purpose-built apps. Which is more effective?
GEHA: A few years ago there were two streams of thinking, with one being that we build on one OS and assume that’s the device everyone is going to use – and that was iOS initially, then more recently everyone moved to Android and have woken up to Windows Phone. Then there were those that they were able to target by using an enterprise mobility platform so they weren’t beholden to whatever the operating system is.
Those organisations that have embraced an open enterprise mobility platform have had the ability to build once and deploy once across any operating system, which has meant the device hasn’t stood in the way of any technology being rolled out.
They have accepted the fact that they have multiple IT systems – and that by using a platform to connect them to various IT systems, they’re not waiting for independent vendors to slowly roll out their mobility solutions for specific enterprise IT systems. In this way the corporate space often waits for the mobility version of that to come from the vendor.
TOOR: There is definitely a trend towards the app. We are starting to see customers saying that they just want to get an app developed that meets our needs, rather than just buying something off the shelf. Cloud-based apps are much easier to integrate than traditional systems – but the challenge is, again, that if they have established back-end systems, they’re asking us about how to develop an app that’s specific to those back-end systems.
Even simple functions can be quite productive: an HR app, for example, means users don’t have to wait until they’re on their desks to do things like submitting leave forms. We have proven the concept of mobility, but the next step is how we make it an overall part of the business.
CRUTCHFIELD: The app trend is very much transferring into this sector. However, clearly for a mission-critical environment these applications need to be secure, well tested, and highly reliable. What we foresee is that probably, at least in the short term, customers are looking to us to create almost an app store environment where they can download their task-specific applications. Over time, rather than an app store created say for the Victorian emergency services, we may see one created for the Australian emergency service or even more broadly.
GTR: Does an app-based approach make the mobility business case easier?
TOOR: Awareness of the benefits is there, but especially in government environments they’re struggling with how they go about deploying it. That’s where the challenges are, especially with limited budgets. If they have hundreds of people in the field and an app can improve their productivity, for example, they can build their business case and then their app.
For leave approval, expense management and so on, those are harder to justify and get pushed down their own priority lists. They can be added later on, once they’ve got a few apps that prove the initial business case. It’s very much all about the user, all about activity-oriented processes – and picking the really low-hanging fruit by identifying which part of the workforce is the one most in need, and will achieve the most benefit from mobility. Once you start with them, you can let the savings implemented by the first project drive more traction and activity for other projects.
CRUTCHFIELD: Many police officers today might have a secure digital voice radio in their hands, which carries secure voice services and maybe some very basic data capability. But if they arrive at a crime scene and are standing next to your average citizen with at least one smart device in their possession, often the citizen will be better informed about what’s going on because they have access to large bandwidth pipes, collaborative applications, and the ability to share voice, data and video.
That’s where mobility is really going to drive significant change for emergency services – in their ability to receive information so they have a better understanding of the situation they’re coming into. Essentially I describe it as enabling them to see around corners: the combination of voice and text, but more importantly images – whether video or photos of the actual incident – give them all those types of information that they wouldn’t have access to today. That makes them able to do the job more effectively and safely, and to make better decisions when they get onsite and before.
GEHA: Local governments have embraced mobility because they’ve seen the business process efficiencies they can achieve. They have seen that, unlike the IT implementations of ERP or other very large, complex systems – where you have to design the system, make sure it’s 100% accurate and then hand over to the business – IT is now saying ‘let’s give the tools to the business and be agile, reacting to how they want to use the solutions in the field.’”
As a result, the takeup has been a lot faster and has spanned across various business functions. And, where mobility might have been looked at in the past and the decision made to keep them within the domain of the executive, the councillors already have the devices and they’re seeing the value of information on them – so they’re saying ‘it I can do more with less, let’s spend a few hundred dollars and send them to workers to also do more with less’.”
– David Braue
