Friday, July 20, 2012

Considerations When Creating A Mobility Extension To The Corporate Network

Mobile strategy

This paper assumes your organisation has an established and accepted business case for mobility and you are now ready to proceed. When implementing a mobility solution the impacts are not just on the actual end-user but also the subtle and long-lasting effect to your I.T. strategy and implementation. Over the past decade we have seen the scope of I.T. grow from a private internal infrastructure view to publish information to external public access via the internet. I.T. is now faced with providing external access to internal systems information and must handle a new set of questions; how to support a broad range of mobile devices? How to manage access to information on internal systems by these devices? How to provide a secure and reliable experience?

Opening up the enterprise systems to mobile users requires careful planning to reduce the impact of change to the key stake holders; the end-users and the I.T. management. A strategy for mobility must include looking at the areas of:

    * Mobile devices and device management
    * Communications (wireless and wired), protocols and costs
    * Mobile applications, customisation and usability
    * Back-office data requirements and how the data integration points
    * Centralised mobile access platform for how data is accessible while mobile
    * Security for authentication and encryption
    * Solution delivery and pricing models

The desired outcome of analyzing these points will provide the functional requirements, usability and structural design represented as a mobile systems architecture for your enterprise. The considerations of these points are discussed in this paper.

Device and device management

The pace of technology for the mobile worker coming to market continues to increase, notebook and laptop sales now have surpassed desktop PC sales and the billions of mobile phones sold are increasingly capable of data applications. There is also a complete range of devices in the cross-over between these extremes comprising of smart phones, PDA's, handheld clamshells, tablets, and more. There is a seeming less unlimited number of form factors available, different screen sizes, some rotatable, input methods (keyboard, numeric keypad, pen, finger, scanners for barcode and RFID, speech, and more), processor types and performance, memory sizes from Kilobytes to Gigabytes, ruggerdised construction and not least of all the operating systems and application environments.

From an device selection point of view, the only reliable rule is to expect a mixed device environment as today's standard is likely to be unavailable in 24 months. However, minimizing I.T. costs and resources is about adopting and enforcing standards, so what is the solution? For mobility, the answer is to select the appropriate device that fits the requirements of the end-users, and use a mobility device management platform that can run across all the devices in the fleet. The mobility platform abstracts the management of the devices, hiding the individual differences.

A mobility platform must enable the management of the devices for enterprise applications, including configuring communications and updating of the applications on the devices to an individual user or groups of users.

Communications

In many ways mobile applications that can replace current manual paper based systems, may seem to require only limited communication methods for swapping the collected data to back-office systems. However, a simple requirement as this can lead to many options, a user could plug the device in to a phone line modem or even an intranet-connected PC to synchronise data, or should a wireless network be used such as a cellular network or a WiFi hotspot? Each method has it's own costs, performance and latencies, availability, infrastructure investments and security ramifications.

Advanced mobile applications that require more immediacy and collaborative solutions will require push capability that allows the back-office to send notifications in real-time to the devices.

Creating or buying mobile applications that run efficiently over one chosen communications network such as a wired LAN may perform poorly when changing to a wireless network. Conversely, when optimised for a low-bandwidth high latency dial-up or cellular network the same application may be unable to take advantage of the high-bandwidth WiFi networks or third generation wireless.

The best course of action is to select the most appropriate communications network(s) for the application requirements and use a mobility platform which removes the details of communications from the application. A Wireless Application Gateway (WAG) that manages communication between the device and back-office will optimise the communications. It also provides value added capability such as push notification support and compression irrespective of the chosen network.

Client access modes

Wired networks that have been around for decades provide a reliable and relatively high speed communication channel to back-office systems with several key enterprise application models existing as thin client terminal (citrix, web), and multi-tier (client, server and database logical tiers) thick clients. The separation of application execution and presentation to the user is largely an IT management issue and a key driver for which model is chosen. Both models tend to assume a communications connection is available to manage transactional integrity (record locking) and sharing resources in real-time.

For mobility, with its unreliable communications nature it is time to re-assess the appropriate access models. Networks are increasing in performance, however, the inherent nature of wireless means that coverage will never be ubiquitous, and interference will continue to have latency well above that of the wired networks, applications that run well on the wired network will not likely work well over wireless in all conditions.

The two most conventional methods were to chose between a thin or thick client model. Thin clients are typically a web browser or specially built client such as citrix, where the network must be available for the application to function. These thin client solutions have been unsuccessful in a number of enterprise mobility solutions due to the lack of capability of mobile web browsers and frustrating usability issues for end-users. Thick clients provide a fast, response and optimal user interface but suffer from the burden of managing and updating deployments.

Again, a mobility platform provides a solution as a best of both models, the so named, "smart" client model. This enables the optimsied experience of the thick client with the dynamic capability of the thin client. Applications and modules can be dynamically deployed to the mobile devices to provide newer functionality without the administrative burden of updating each device or finding out which software is installed.

Mobile applications

Most organisations that have invested in their own employee data collection processes and back-office systems are unlikely to find a pre-built mobile application will be an exact match. The most common choice is to take an existing application and re-train staff, or to create a customised solution that is tailor made and can grow as organizational needs demand.

Selecting a platform which can provide a rich but simple toolkit for creating mobile applications is essential to success. The application can then mirror current forms and processes which aid in reducing the impact of change to the end-users. The toolkit approach must encompass not only the user interface but the data structures and back-office communications as well, providing a one stop location for building a complete solution.

Many I.T. projects fail or exceed budgets because be-spoke software developments have complexity that is underestimated or the initial requirements were unclear. A mobility platform that targets non-programmers, such as business process engineers, keeps the focus on the business solution. Additionally, coupled with a device management platform, is the ability to easily deploy new versions of the application quickly for field testing and user acceptance.

Systems integration

Often quoted about standards, is that there are so many to choose from, and this is no truer than with Enterprise Application Integration (EAI) where each system or family of systems will have particular protocols for data exchange, typically ranging from the simplest text file import/export to the most complex information message bus brokers. New standards continue to emerge as the data access requirements and management change to adopt new capabilities.

Designing mobile applications to communication with a particular back-office system may seem to be the quickest and easiest way to move forward, but this locking in to a particular protocol will create a problem when the server system is changed or simply updated. Instead building mobile systems that are loosely connected to back-office systems is essential to success.

A mobility platform should provide a range of integration capabilities that are independent of the mobile application and can change by I.T. administration. The integration options should include how data is represented and persisted (such as raw text files, and XML) and the protocols used for sharing (such as network drive shares, FTP, HTTP or enterprise message brokers). Full audit logs are required to determine a history of data integration.

Security

For I.T. system security is the highest priority and protecting company information is paramount. The growth of internet technologies for accessing content has been paralleled with the development of encryption, identification and authentication. Enterprise firewalls, Virtual Private Networks (VPN), intrusion detection, central authentication servers are the norm for keeping intruders out.

Mobility has the potential to compromise a number of these standard security systems and weaken then protection of the enterprise networks allowing unauthorized users to gain access via security holes, or to obtain corporate information from a lost of stolen mobile device. Security options must be enforced on the mobile device and during communication with the enterprise.

A mobility platform should provide data synchronisation and access via secure channels, such as HTTPS or VPN. Multi-factor authentication of the user and the device, such as using unique identification built in to the device or network SIM (subscriber identification module) cards, or network features such as caller-id.

From an application design point only required data needs to be kept on the mobile device and other data can be purged.

Server

Mobile applications require an application gateway to communicate with that ensures back-office application services are always available. This in turn requires that the gateway itself be running on a stable and scalable Operating System and Application Server. This must also integrate into the enterprise network architecture for authenticating users and accessing back-office data. It should be capable of transactional growth as demand increases for mobile access to data and back-office services. Application platforms based on scalable architectures and industry-standards should be used, such as the J2EE or .NET architectures. These architectures can deliver enterprise or carrier based performance and reliability.

Management of the mobility platform server should allow multiple and custom administration roles to allow for delegated tasks within the I.T. team. Remote access to the server, via web, provides easy access to the system without additional client installation.

Solution delivery options

With the growth of internet e-mail there has been growing acceptance to the benefits of out-sourcing data systems for high availability and remote access to the systems without dependence on other corporate infrastructure. This is also the case with Wireless Application Gateway's, and the operational requirements and costs provide for the following licensing models:

    * Application Service Provider (ASP) - limits capital expenditure, system maintenance, etc. (ideal for non-IT based companies). Does not grow assets and is not an investment decision but rather operational expensed.
    * Managed Service - Similar to ASP, but requires capital expenditure for hardware by the company but out-source the management & monitoring.
    * Software - The most common model of software licensing seen today, which requires capital expenditure for hardware, software licensing and on-going operations are managed in-house.

Both ASP and managed service can provide a cost effective and fast to market capability. The mobility platform and service provider thus offer a flexible solution that can be launched quickly and business benefits can be assessed.

Conclusion

This paper has demonstrated a number of technical areas that should be considered before adding a mobile extension to the corporate network. This information can be used to comprehensively assess the capabilities of commercially available mobile application gateways. The gateway selected for the enterprise must have a history of proven and working solutions coupled with an on going ability to change that future proofs the investment with continually progressing mobile application technologies.

Article Source: Ezine Articles

No comments: