Smartphones: Business Tool and IT Burden

Jim Linn, IT director at the American Gas Association in Washington,

D.C., knows the benefits of smartphones that offer voice and data

functionality.

But he also knows the risks.

Like many of his colleagues, Linn is worried about the liability of data

loss or corruption if users send and receive corporate emails over their

cell phones and handhelds. ”I know there’s a need for mobile devices and

I want to meet that need. But my feeling is that I’m ultimately

responsible for the data going back and forth over anything,” says Linn,

who oversees the network for the energy trade association, which serves

195 local utility companies.

To that end, Linn has told employees they only can use company-managed

BlackBerry devices to access their corporate email. The approach has been

successful as 60 of his 80 users have Research in Motion BlackBerrys that

they use regularly. ”It’s one of the most amazing productivity

boosters,” he says.

In fact, Linn says that the devices offer more than just voice and

e-mail, they also give users remote and synchronized access to their

contacts and other important data. The management of smartphones is just

one more headache for already overloaded IT staffs.

But not managing them opens IT teams up to tremendous risks.

Linn says he chose the BlackBerry phone and PDA combination devices

because he could control and secure them at every level using the

accompanying enterprise server platform. With the server and device

linked so tightly, Linn says he is confident that data, including

customer information stored in contacts databases, is not comprised.

”When you have wireless devices of any kind, you open yourself up to

security risks. At least I know with the BlackBerry that I can control

that risk,” he says.

In fact, if one of the devices is lost, Linn immediately, and remotely,

can lock down that device and erase it so others can’t access the

information stored on it. He also can make sure the device software is

updated regularly and that messages are encrypted.

Taking no Chances

But Tom Gonzales, senior network administrator at Colorado State

Employees Credit Union in Denver, Colo., is not convinced.

He is opposed to the use of smartphones and handhelds for any corporate

information. In fact, Gonzales only uses his Blackberry to receive pages

that tell him to log on to his company mail through the VPN. ”I don’t

believe you should send anything more than what you’d write on a postcard

across [smartphones],” he says.

Gonzales adds ”all data has to be protected and respected.”

As an IT pro for a financial institution, he says he is working under

regulations such as the Gramm-Leach-Bliley Act. ”If you lose your

[smartphone], you could give away your recently called list, which might

have confidential customer information,” he says.

Instead, Gonzales has each of the 230 employees at the credit union sign

a mobile electronics policy agreement that states the strict rules

regarding company data, including a rule that mandates that no credit

union member data can be sent over an unencrypted voice or data line.

”We let them know the high numbers of cell phones and PDAs that are

stolen or lost in taxis and elsewhere,” he says.

Gonzales says it’s important to explain to users in a clear policy why

the restrictions are in place. ”Otherwise, there’s no recourse to take

action if phones and PDAs are being misused,” he says.

Randy Giusto, group vice president for clients and mobility at the IDC

research firm in Framingham, Mass., agrees that setting policy is key to

protecting company assets. Traditionally, companies have worried more

about PC risks, he says. ”It’s a good practice for the IT organization

to create policies as small mobile devices do pose threats,” he says.

Because ”the corporation owns the customer names and addresses in those

devices,” they have to be protected like parts of the network, he adds.

Brian Schwartz, a technology specialist at CDW Corp., a provider of

technology services and products in Vernon Hills, Ill., says the policies

that IT creates should include tips for users.

”If they lose their phone or data device and it contains sensitive data,

they need to alert their IT administrator right away,” he says.

Schwartz adds that IT should use every security option available in their

tool box.

For instance, ”To make sure that important information is saved on

smartphones, they should use the setting that allows e-mail to be deleted

on the phone, but retained in the corporate server where it can easily be

archived and restored if the phone is damaged or lost,” Scwhartz says.

This also helps with compliance mandates, he adds.

Overall, Giusto is seeing companies turn away from supporting mobile

devices as the support and maintenance is too time-consuming. ”Who’s

going to integrate a Treo or some other device into the back-end

[enterprise mail] servers? Users can’t do that on their own,” he says.

He adds that IT organizations have to be savvy about the devices being

used in the network. ”Not only do they have to lock each device down and

know what data is on them, but they have to be able to identify them and

update them. That’s a huge cost in time and personnel,” he says.

”IT managers do need to make sure that devices have the latest

software,” says CDW’s Schwartz. ”It is very similar to patching PCs or

updating anti-virus definitions.”

Linn is all too aware of all of these burdens on IT.

”I wouldn’t want to be in an environment where people can bring in

whatever they want. We have enough responsibility in managing what we

have,” he says. ”That’s why I recommend picking one device or family of

devices and sticking to them.”

RELATED NEWS AND ANALYSIS

• Ethics and Artificial Intelligence: Driving Greater Equality

  FEATURE |  By James Maguire,
  December 16, 2020

• AI vs. Machine Learning vs. Deep Learning

  FEATURE |  By Cynthia Harvey,
  December 11, 2020

• Huawei’s AI Update: Things Are Moving Faster Than We Think

  FEATURE |  By Rob Enderle,
  December 04, 2020

• Keeping Machine Learning Algorithms Honest in the ‘Ethics-First’ Era

  ARTIFICIAL INTELLIGENCE |  By Guest Author,
  November 18, 2020

• Key Trends in Chatbots and RPA

  FEATURE |  By Guest Author,
  November 10, 2020

• Top 10 AIOps Companies

  FEATURE |  By Samuel Greengard,
  November 05, 2020

• What is Text Analysis?

  ARTIFICIAL INTELLIGENCE |  By Guest Author,
  November 02, 2020

• How Intel’s Work With Autonomous Cars Could Redefine General Purpose AI

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  October 29, 2020

• Dell Technologies World: Weaving Together Human And Machine Interaction For AI And Robotics

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  October 23, 2020

• The Super Moderator, or How IBM Project Debater Could Save Social Media

  FEATURE |  By Rob Enderle,
  October 16, 2020

• Top 10 Chatbot Platforms

  FEATURE |  By Cynthia Harvey,
  October 07, 2020

• Finding a Career Path in AI

  ARTIFICIAL INTELLIGENCE |  By Guest Author,
  October 05, 2020

• CIOs Discuss the Promise of AI and Data Science

  FEATURE |  By Guest Author,
  September 25, 2020

• Microsoft Is Building An AI Product That Could Predict The Future

  FEATURE |  By Rob Enderle,
  September 25, 2020

• Top 10 Machine Learning Companies 2021

  FEATURE |  By Cynthia Harvey,
  September 22, 2020

• NVIDIA and ARM: Massively Changing The AI Landscape

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  September 18, 2020

• Continuous Intelligence: Expert Discussion [Video and Podcast]

  ARTIFICIAL INTELLIGENCE |  By James Maguire,
  September 14, 2020

• Artificial Intelligence: Governance and Ethics [Video]

  ARTIFICIAL INTELLIGENCE |  By James Maguire,
  September 13, 2020

• IBM Watson At The US Open: Showcasing The Power Of A Mature Enterprise-Class AI

  FEATURE |  By Rob Enderle,
  September 11, 2020

• Artificial Intelligence: Perception vs. Reality

  FEATURE |  By James Maguire,
  September 09, 2020