Even though clouds may facilitate end-user access to mobile apps, IT organizations and developers must address a number of serious issues to correctly position an enterprise private cloud to accommodate mobile computing. Among them, Golden says: "Identity management has to be extended to mobile devices. You also want to be able to control what resides on the device should you decide to replace it, or if it gets lost."
Further, he explains, applications have to be architected correctly, so that apps running on mobile devices can access back-end corporate software and data residing on the cloud. App developers also "have to account for the fact that mobile devices have lower bandwidth ability and intermittent connectivity," Golden says.
Kamesh Pemmaraju, an analyst at the Sand Hill Group, says that mobile will act to accelerate corporate cloud adoption. "At the enterprise level, more and more employees are using mobile devices to read email, access calendars, and access databases" in read-only mode.
Tony Iams, senior vice president and senior analyst at Ideas Technologies, says, "Cloud computing and mobile computing are parallel developments" because both in some way involve moving "state" -- applications and/or data -- from the client to the server. "This creates a relationship between the two."
Creating a mobile cloud environment
Because data (and some applications) move between mobile devices and the cloud via off-premises networks, security is a major consideration. But application development and device management are also extremely important.
How organizations approach each of these issues will greatly affect the usability of the mobile cloud.
- Security --- ensuring that applications and data are protected during normal use and when mobile devices are lost
- Mobile application development --- Build your own apps or purchase apps from third parties? Provide your own app store or use the iPhone App Store or Android App Store? Limit employees to a specific set of apps?
- Mobile device management --- Provide employees with mobile devices or institute BYOD (bring your own device)? Limit employees to specific devices or let them pick their favorites?
Enterprises can enhance their private cloud with mobile device management, mobile app management and specific mobile processes to create what we refer to as a mobile cloud.
Shoring up security for your mobile OSes
Jeff Deacon, director of corporate strategy at Verizon Business, says that in most organizations today, mobile devices are coming in straight across the Internet, and this is not a good idea. "If you poke a hole in your firewall for access from a mobile device you have effectively poked a hole in your firewall for anyone in the world. Securing a gateway specific to mobile devices that can support various operating systems -- iOS, Android, Windows -- is very important."
Deacon says that many companies do not allow access to back-office data across the Internet. Access to secured data with smartphones or tablets should be done via a VPN. Richard Peltz says that agents at Marcus-Millichap use iPhones or iPads through a secured login or VPN residing on the iPhone.
BYOD also opens up a whole can of worms with respect to security, says Pemmaraju. "The question is how do you make sure that these apps are secure and, when they get downloaded to the device, that they don't accidentally get lost or get into the wrong hands?" A hacker could grab the app itself as it's being downloaded to the device, or intercept just the data going back and forth between the cloud and the device.