But neither Slater nor Ferguson says the Storm's consumer-ish enhancements are a deterrent. In fact, Slater has already begun to roll the devices out to some of the company's global users and sees great potential for it, such as enabling employees to receive corporate video communications on their mobile device. And Ferguson says he'll adopt the Storm when it is offered by his primary carrier, AT&T.
Rather than fighting the CrackBerry contingent, IT managers should thoroughly test-drive the Storm, map its capabilities to their acceptable use policies and compliance mandates, and then apply sophisticated network- and device-level controls.
Before IT teams can begin to manage the Storm on a technical basis, however, they must first dust off their acceptable use policies and make sure they've addressed the organization's tolerance level for mobile access to social networking, Web sites, multimedia, and corporate assets, according to Phil Hochmuth, an analyst at Yankee Group Research.
"You might already have regulations that ban you from allowing users to access those types of applications on the desktop, but you have to make sure those policies are being extended to mobile devices," he says.
For instance, although Slater's first propensity as a technology pro in the highly regulated financial services field was to ban enterprise social networking tools, he admits that's not practical because they improve his users' productivity and collaboration. Instead, he's spent time updating the acceptable use policy and making sure all applications accessed on the Storm are as secure as BlackBerry e-mail, he says.
For his part, Ferguson reminds employees about the Technical College System's acceptable use policy and its relation to BlackBerry applications. For example, college employees can use IT-installed applications, but they are not allowed to download their own. "We caution them about their usage and explain that anything they do is logged, no different than their desktop," he says.
While the Storm might seem to be a consumer-driven device, Ferguson says he appreciates its ability to be centrally managed. Using the BES, he can wirelessly configure and deploy the Storm as well as synchronize it to multiple enterprise applications. He can also apply security policies to the device via the BES integration with Microsoft's Active Directory. However, to take full advantage of this benefit, organizations should purchase and provision the devices via the IT group, rather than allowing individuals to bring them in-house.
"Because the Technical College System is a government agency, we have to account for what's done on the device and make sure we're following the state's IT policies. Therefore, we need to manage it from the start," he says. With that level of control, he can ensure that device configuration, deployment, licensing, updating, patching, and security are all managed through the BES.
Companies can also develop standard configurations for the Storm to block users from ad hoc downloads through the Storm's "Application Center" feature as well as prevent other unsanctioned configuration changes.