Something occurred this past week that indicates to me that the industry for mobile development tools is maturing. The OSLC (Open Services for Lifecycle Collaboration) has announced the formation of a group to explore standardization for the APIs used by tools related to mobile application development. OSLC is a industry standards group formed to define common APIs for the integration of software development tools. The fact that tools for mobile development are being considered for standardization means that there is enough critical mass of such tools and that the realization that a comprehensive development solution for mobile projects requires these tools to be integrated. Open standards is the best way to make integration easy (or easier anyway). So this seems like a very key step in the maturity of the mobile app development industry.
The Mobile Frontier
Leigh_Williamson 060000DVGQ Tags:  ibm_mobilefirst mobile-development mobile-appdev-group mobile-app-dev-sig rational rational-sig mobile rational-cop-group ibmmobilefirst williamson 10,087 Views
There are now over one billion smartphones in use across the globe. This figure is expected to double by 2015. Tablet sales are also exploding. The software landscape is changing, so shouldn't our design strategy change too? Modern users expect their services and information to travel with them and in a form that scales appropriately to their platform of choice.
While desktop and web applications excel at offering a high degree of detail and customization, mobile and tablet applications must present a more task-focused design, yet with a consistent and familiar feel. Designing for mobile can bring new design influences back to the desktop, making your overall product better. Stark evidence of this can be seen in the latest wave of web applications and desktop operating systems, which are steadily moving toward a mobile first strategy.
When designing for mobile first, we should follow some emerging rules of thumb.
The design should be context aware and predictive.
If the user reads though two pages of a document, we should assume they will read the third. If it's evening time and the user has left the office, we can assume they are traveling home.
User interface navigation should be clear and follow a similar pattern across all platforms.
The user should already know how to use the desktop application simply because they've already used the tablet version. The reality is that any large-scale product will be comprised of use cases that are more suited to desktop (data entry, file manipulation) and others more suited to mobile (location-aware, audio/video capture, opportunistic). A mobile first design should capitalize on this, enriching the experiences that make the most sense on mobile rather than trying to fit a square into a circle.
There are countless statistics showing that mobile traffic across all sorts of industries is exploding. Those who capitalize on the mobile wave will yield the most success. Designers must forget some of what was previously expected. Fast Internet, an always-on power source and a large screen are no longer guaranteed and cannot be expected. Connectivity from anywhere, anytime, with data about location, proximity, contacts, calendar and a phone can be expected. Rule 101 of design still applies: know your user.
Mobile design cannot be an afterthought; instead it should drive the entire application and web design process. The easiest way to design for mobile first is to craft the experience for tablets and create modifications for desktop and phones. Mobile designers must rethink how mobile users interact with software. The usage patterns are more transient in nature. Think bus stops, sandwich queues, commuter trails, bedtimes—these are when your users will rapidly flick between apps and web pages. Your job is to grab their attention. Polish is key—if an app only does one thing, but does it right, people will use it.
At IBM, we too believe in putting mobile first. Our recently announced portfolio IBM MobileFirst clearly demonstrates this. Our goal is to provide businesses with a true end-to-end set of mobile solutions that combines security, analytics and app development. Coupled with our unique set of business services and deep mobile expertise, we enable everyone to transform their business model and become mobile first.
What do you think? Let me know on Twitter @jreddin.
Christian Karasiewicz 270005XS4E Tags:  mobile_device_management junggun_cho mobile_enterprise mdm mobile-apps mobile_security 9,552 Views
This blog post is contributed by Jungun Cho, a member of the IBM Global Technology Services Workplace Architecture team within the IBM Mobility Center of Competency.
In part 1 of this series I discussed the development of mobile strategy, policy and education to help companies become a successful mobile enterprise. Now I want to talk about another very important issue: security.
Most companies approach mobile security with a focus on the device, whereas IBM thinks that all three areas—devices and operating systems (OS), network or back office, mobile apps—should be comprehensively secured for sufficient security. Let's examine each area.
Device and OS security
When I’ve showcased IBM to the customer, I've often found that many of them still tend to approach mobile security from the same perspective as PC security. It is true that we need to manage mobile security to the same level; however, the security risk of mobile devices is different from that of PCs.
Mobile device risk overview[/caption] As shown in the above figure, most security risks for mobile devices are not caused by malware but by loss, theft and seizure. Therefore you have two options: (1) Don’t store sensitive information in your mobile devices, and use Virtual Desktop Infrastructure (VDI) instead. (2) If you choose to store sensitive information, appropriate security policies should be established for device registration, corporate compliance, information wipe, device lock, encryption and so on.
For instance, a certain company I know found that as many as 5 percent of their employees’ mobile phones are reported to have been lost, 40 percent of which were permanently lost. Nobody knows what kind of damage could result if the company's confidential information was stored on those lost mobiles.
As for OS security, a policy needs to be set in place that only allows devices with properly secured OS versions to be connected to the corporate network. A corporate guideline for a minimum required OS version should be provided, as mobile operating systems are continuously patched and updated with security patches just like those for PC. However, security of smart devices is much less developed than that of PCs. Mobile phone providers need to strengthen security features for enterprise users.
To mitigate device security risk, mobile device management (MDM) should be used; it is the most basic of basics and generally regarded as a must. However, implementing an MDM solution does not necessarily guarantee mobile security. It is the CIO organization's task to determine how to optimize the settings of this tool.
Device-level configurations that can be enforced by MDM are:
Network and back office security
The second security area is network and back office.
In the long term, IBM plans to allow access to IBM systems regardless of OS or ownership of devices and is designing its security system based on this vision. This is a system that only allows devices confirmed secure to access the in-house network through internal WiFi or external virtual private network (VPN). In this system, mobile users and devices should be identified first to be allowed or denied access.
Many considerations need to be put into VPN implementation. You can categorize users and then grant higher access privileges to power users (and raise the device security level instead); or allow access per application by means of reverse proxy (and lower the device security level instead). Mobile devices mainly use wireless communication, so the traffic might be intercepted unless proper protection is provided by encryption. This makes the proper choice of VPN solution even more important.
Mobile app security
The third security area is mobile apps. Applications are developed by humans, so the level of security applied during application coding can vary greatly, unless proper management tools are used. For this end, you must identify an application’s vulnerabilities and select proper development tools to handle them and ensure consistent updates of the applications.
In addition, the enterprise app store should be properly managed too. Unlike other applications, mobile applications can be freely developed and distributed by anyone, which also means that malicious apps can be easily distributed. I therefore recommend that you create an enterprise app store where you can download only authorized enterprise apps and easily update those apps.
"High-level security” cannot be achieved by whatever security tools you might use to care for the above three security areas. Mobile devices are portable, so their confidential data can be exposed to anyone at any time, and no security tool can completely prevent such information exposure. Security training for users is therefore indispensable.
Implementing a secure environment with limited in-house security resources is not easy unless done by a specialized IT company, as it requires lots of testing and research. I recommend that companies get consulting service on mobile security. IBM can recommend an optimized security level for your enterprise based upon its successful security consulting experiences, ranging from internal customers to various industries including finance, health care and so on.
Smart devices are always carried with the user, which requires consideration for user's convenience and privacy. While users focus on convenience, companies have to balance between security cost and security level. Determining an appropriate security level for your environment while considering the cost is the trickiest problem.
What are your experiences with security in a mobile enterprise? Share your comments below, and please stay tuned for the next installment in my series, “How to be a successful mobile enterprise.”Junggun Cho helps oversee security, network and mobility areas in Korea BT/IT. She is also an IBM Redbooks thought leader. Follow Junggun on Twitter at @junggun_cho.
Christian Karasiewicz 270005XS4E Tags:  virginijus_kaminas google_android emulator 19,942 Views
This blog post is contributed by Virginijus Kaminas, a software engineer for a newly formed Mobile Center of Competency team for Industry Solutions. He has been a part of the Extreme Blue program and helped to develop Android/iOS applications which optimize Portal/WCM content consumption on tablet devices.
Android Virtual Device, more commonly referred to as AVD, is utilized by the emulator and allows you to define various useful configurations such as:
When the emulator and AVD are set up, and an application is finally ready for a test run, starting the emulator for the first time can be quite underwhelming. It just feels slow. The startup speeds can vary, and the simplest solution for this is to have the same emulator instance running at all times of testing.
What if you need to test an application against a different Android environment, where you might be required to change the version of the application programming interface (API) being used or enable camera support? The same process has to be repeated, and it can be somewhat slow at times.
In order to speed up the whole development and testing process I highly recommended using Intel x86 Hardware Accelerated Execution Manager (HAXM). HAXM provides extensions that allow for a more manageable running of virtual machines. Not everyone can take advantage of this feature; only specific CPUs that support the following technologies are eligible for this type of acceleration:
Here’s the list of all supported Intel CPUs: Virtualization Technology supported list.
I am a proud owner of a Windows 7 laptop with an Intel i7 CPU, which means I’m one of the lucky ones. If you happen to own a supported machine, here are the steps to install HAXM:
Step 1: Download HAXM through Android SDK Manager
If the installation fails there’s no need to panic. It could just mean that Intel Virtualization Technology (VT) must be manually enabled within the basic input/output system (BIOS) setup utility.
In order to enable VT for Lenovo laptops, complete the following steps:
For Lenovo ThinkPad W510:
For Lenovo ThinkPad W520:
If there are additional errors with the installation I recommend reading through Intel Installation Instructions.
Step 2: Install Intel x86 system image for Android emulator
If you experience any additional problems with this step I recommend referring to the Install Intel x86 System Image for Android emulator guide.
From my experience using HAXM I have noticed a considerable increase in the emulator execution speeds, and I would advise anyone who is focused on Android development to use this technology.
If you are already using HAXM feel free to comment. I’d be interested in seeing the steps you took to enable Virtualization Technology on your machine, as the steps seem to vary based on the manufacturer. You can also connect with me on Twitter @VKaminas.
Christian Karasiewicz 270005XS4E Tags:  nguyen_van_duy websockets mobile_security 11,724 Views
This blog post is contributed by Nguyen Van Duy, an IBM Associate Certified IT Architect with GTS Vietnam, working for GBS Innovation Center as the development team leader in Vietnam.
When you’re developing interactive applications with simultaneous editing ability (for example, a virtual collaborative whiteboard, chat, online game or real-time reporting system over the web), using the traditional loosely coupled HTTP request/response web model is obviously not an efficient way to go. That approach is simply not designed for a real-time model. We need a more lightweight protocol that can provide a full-duplex communication channel between endpoints of the system to achieve as near a real-time experience as possible.
This need is becoming critical as such applications are deployed and run in the mobile world, where the resources for staying connected are sometimes very limited: limited bandwidth, limited memory, lots of potential latency.
A number of creative approaches—work-arounds—aiming to create a real-time feeling for users have been implemented (for example, Ajax, Comet). So far these have served the connected world well by bringing together good user experience with the ability to shorten the time in which data is being sent between client and server. But these approaches still have several limitations from a resource-consumption perspective: a huge redundancy of network traffic, server demands and the complication of maintaining two HTTP connections between endpoints (one for the upstream and another for the downstream).
Using WebSockets is a big step forward in the effort to create an engaging, interactive user experience. It could provide capabilities such as real bidirectional communication, low latency, significant reduction of overhead and dramatically reduced complexity of implementation.
From a security standpoint, though, some people are afraid of using
WebSockets due to some risks that would create vulnerabilities.
WebSockets’ application programming interface (API) allows establishing
WebSockets connections across domains without the user’s
acknowledgement, and requests are sent without notifying the user. This
into the victim’s client application (the user agent; for example,
browser, mobile app and so forth) to establish a WebSockets connection
to an arbitrary target. The connection can then be utilized by the
attacker for malicious purposes, such as:
Friendship between WebSockets and proxies, firewalls
In November 2010, a serious security issue involving WebSockets was reported. WebSockets was still not adopted widely enough, so some transparent proxies didn’t correctly understand the HTTP upgrade mechanism being used for the handshaking of WebSockets and thus can potentially allow a cache poisoning attack. Frame-masking was added to avoid that vulnerability, but in turn the frame-masking and other natural lightweight features of the protocol (lack of metadata like HTTP header, content length) challenge the virus and malware scanning tools in analyzing the data patterns to detect malicious content in a malicious usage of WebSockets channel.
The vulnerabilities are mostly not specific to WebSockets API or the protocol, but the freedom of the new data exchange model opens up more threats and more attention is needed to secure the communication. Best practices for traditional web programming should still be applied for WebSockets.
Be well aware of the security vulnerabilities of using WebSockets. Dealing with them properly will help you to build a secure, interactive mobile application and enjoy the near real-time experience on your mobile devices in a collaborative world where time is precious and conserving resources is critical.
Christian Karasiewicz 270005XS4E Tags:  localmind happycow nike+ sukhvinder_aujla mobile_experience mobile_apps 4 Comments 8,767 Views
This blog post is contributed by Sukhvinder Aujla, is a Software Client Architect in the Insurance industry.
In this post, I’m going to think from a consumer’s perspective about the attitude I’d like to see a provider display when engaging customers through mobile. I think providers should always be asking themselves why someone would use their app or mobile site in preference to another. If they are not, then they will lose. In this post I’ve limited myself to just five approaches (though there are many more).
1. Make your purpose clear
Let me know what you stand for and how you will improve my life (this sounds a bit like branding). It’s not your product or service that is key, but the problem that you solve for me or the enhancement that you provide. For example, social networks enable me to keep in touch with my friends, tell them what I’m doing and know what they are doing. I recently came across an app called localmind that lets me tap into the local knowledge of complete strangers to ask for specific recommendations.
2. Take advantage if the fact that I am using mobile
When I use a mobile device, you have access to information such as my location, so use it to make my experience simpler, quicker and (can I say financially) more rewarding. A great blog on this subject, "Get More From Mobile With Locaiton-Based Services," looks at how others are using location. Take, for example, Starbucks, which users location info to provide special offers, coupons or just a reminder to stop by. Or consider how the new Samsung S4 introduced a humidity sensor; will it know when I'm in the sauna?
3. Engender trust
I share information about myself with you, the provider, so use it for the purpose intended and keep it safe. Security and privacy are really important to me, so your policy (and commitment) should be clear— and not hundreds of pages long. There are lots of examples of where this has failed; a high profile example is Facebook.
4. Help me make an informed choice
I’m human and have only my own experience to guide me. Please help me make better-informed choices by making it easier for me to access information available online—for example, other people’s restaurant reviews. I’m a vegetarian and it can be difficult to find somewhere to eat, especially if I don’t want pizza again. In the past I had to search manually using Google and base my decision only on the menu. I now use an app called Happycow that allows me to see restaurant reviews from likeminded people, arranged in order of distance from my location. Not only do I save time, but I’ve also found some good places to eat.
5. Make it functional or make it fun
There are things I need to do, such as pay bills, and doing these through mobile should be simple and no fuss. There are other things I want to do that should be fun. Consider the example of my wife, who is planning to do an 18-mile walk for charity. She is using the nike+running app to keep track of her training (distance, time, improvement and so on). It adds an extra social layer to what could be a mundane activity, so that she can and her friends can compare their progress, making it more of a game.
Every organization will take their own journey on the road of mobile enablement, and they need to realize that the mobile user experience will be the premiere interaction point. It encompasses many facets, from relevance to simplicity. It is not about the same old; it is about the new and bold. Success will come to those that listen and adapt, but hasn’t that always been the case?
I’d love to hear your thoughts on user experience and how providers
can better engage customers. Please respond in the comments below or
connect with me on Twitter.
Christian Karasiewicz 270005XS4E Tags:  mobile_world_congress barcelona hackathon ibm_worklight daniel_ruizn krzysztof_kucharewicz appplanet 8,479 Views
This blog post is contributed by Krzysztof Kucharewicz, an Android Developer with Mobile Jazz.
Background: IBM Worklight hosted its first Hackathon this year at Mobile World congress Barcelona.
The hackathon process and execution was kept simple. Developers with no prior Worklight experience were short-listed and asked to build a GrubCart app on IBM Worklight platform in two hours. The developers were paired in teams of two.
All teams managed to build a functional app and deploy it in on real android device within the specified timeframe of two hours. These developers had never used Worklight before!
Here is a first hand experience from Krzysztof Kucharewicz on using IBM Worklight. Krzysztof Kucharewicz was part of the IBM Worklight Hackathon winning team.
During the first day of Mobile World Congress in Barcelona we attended the IBM session in the AppPlanet together with my former co-worker Daniel Ruizn. We heard of IBM Worklight Hackathon at the AppPlanet. In fact this was a very quick (around two hours) hackathon. We arrived late, but we were curious about the Worklight development tools presented by IBM.
Previously, I had worked together with Dani on a cloud-based platform at BCNTouch company based in Barcelona. I was responsible for the Android application and Dani designing and implementing the website and server using the Google App Engine. We've configured our Eclipse SDKs with the Worklight plugin and started coding. In fact almost half of the time was already gone, so we didn't have much left to astound the judges with the next Twitter or Instagram application. Instead we decided to play around with the code and create a simple application that would work like a "shopping list" / "cart" to aggregate items of choice and present them to the user.
There are probably thousand ways to code this kind of application, but our goal was very specific, to present this application working on the Android device. Worklight itself is a tool designed for development of hybrid cross-platform applications. So the obvious choice was to create the re-usable code that can run as well on iPhone, Windows Phone, Blackberry, etc.
The content of our application was created with HTML5 using the jQuery library for the quick integration of mobile-friendly UI components and PhoneGap for integration of the native capabilities of target platforms. Worklight itself is a very intuitive tool with easy learning curve. We could quickly find ourselves around the code. There's no mystery, we were ready quite promptly with the functionality of aggregating selected elements to the list. The big issue is often deployment on real devices because requirements of integration and packaging of non-native elements might vary a lot on different platforms. Worklight impressed us here. It required only a couple of clicks to export the HTML project to a native Android app which could be already deployed on the device.
Since we finished our basic task ahead of time, we also had a couple of minutes left to add some social networking that would be an "eye candy" for the judges. I've previously integrated the Shareaholic API for sharing messages to social networks in a unified manner, so it only took us a couple of lines of code to integrate it with the PhoneGap API and let the device do the rest of redirections to handle Twitter and Facebook URLs natively.
But was it all really so great to use in the field and day-to-day development of commercial projects? Well,there are still a couple of details that need more attention and polishing. One of them is the size of the application generated by the SDK. Although there was only one page/activity in our app, the weight of the apk (installer) was around 8MB and it took twice as much of the cache/data space upon execution. That might be a huge barrier for users if we consider publishing the application for the general public. In the end many (majority of?) Android devices suffer from low specs and lack of storage space specifically.
But after all it didn't take us so much effort to build our "demo" application for the hackathon, and seems our result was the most impressive because we were announced the winners of the IBM hackathon (yay!). That was a honour for us and at the same a good time playing around with new development tools.
Special thanks to John Reddin (follow John on Twitter @jreddin) of IBM for technical support during the Hackathon and Miku Jha (follow Miku on Twitter @miku_jha) for keeping the spirits up.
Christian Karasiewicz 270005XS4E Tags:  byod declan_mcnamara corporate_security mobile_security mobile_enterprise_sevices 8,691 Views
This blog post is contributed by Declan McNamara, a Workplace Mobility Architect for IBM Mobile Enterprise Services.
The increasing adoption of Bring Your Own Device (BYOD) in all sectors of the market has the potential to cause conflict between corporate security and employees. On the one side, employees are keenly interested in using their own devices to access their work email or other data. On the other side, the enterprise is trying to ensure that all corporate data is secure.
It is an undeniable fact that mobile devices by their very nature are less secure than traditional computers or notebooks, and they are much more likely to be lost or stolen. Security is therefore a key element of any BYOD program. Balanced with that, however, is the fact that the mobile device, especially in BYOD, is not just for email or corporate data; it is also the user’s camera, social media device, music player, satellite navigation system, games console and much more. The challenge is to protect the corporate data without negatively impacting user experience to the degree that they no longer wish to partake in the BYOD program at all.
The following are some of the areas to consider when balancing these seemingly conflicting requirements:
Passcodes are the primary security measure and will typically be required on any device being used to access corporate email or data. Simple PIN-based passcodes usually aren’t sufficient, so we are going to have to live with the complex alphanumeric type until a better system becomes mainstream (most likely some form of reliable biometric). However, one concession that can be made is the “grace period” that is typically supported on all mobile devices. This is the period after the device locks during which it can be unlocked without requiring the passcode. A typical setting for this would be up to a maximum of 15 minutes.
The majority of devices now support some level of restricting native features of the device such as camera, app store and so on. While there are certainly valid use cases for “locking down” devices (for example, when they are used as a shared device or perhaps for one specific purpose, like a customer-facing app in retail), it is generally not the best practice to lock down or remove features from a device in the BYOD model. A better approach would be specific blacklisting of apps that are considered a risk to corporate security. If we use more advanced device management software, it may be possible to impose restrictions using geofencing techniques so that, for example, the camera may be disabled while within a secure work facility.
The use of containerization is certainly a strategy to consider, as it enables the personal data and the corporate data to be separated and secured to different levels. In certain industries strict rules apply in terms of encryption, audit tracking and so forth, and a secure email container may be the only option. The downside of this is that it may negatively impact the native device experience. The trend in the market, as demonstrated by the recent Samsung KNOX announcement for Android, is a dual persona on the device; this is containerization at a device level where email, apps and so on can be installed in a corporate secured area on the device while personal email, apps, data and the like are installed in the other persona of the device.
IBM is a recognized leader in providing managed mobility services, and as part of its Mobile Enterprise Services IBM can help you in defining your BYOD policies as well as managing your devices with flexible, subscription-based models.
How have corporate security policies impacted your use of your BYOD device? I’d love to hear your thoughts in the comments, or connect with me on Twitter @declan_mcnamara.
Leigh_Williamson 060000DVGQ Tags:  ibmmobilefirst rational rational-cop-group ibmimpact williamson ibmmobile app rational-sig ibm_worklight 1 Comment 12,702 Views
First of all, I want to especially emphasize that the content of this blog post is completely my own synapse connections and not those of my employer.
This recent article from ReadWrite.com (http://bit.ly/XUwvAF) got me thinking in terms of the old saying "what goes around, comes around". I spent a few years of my life passionately working on IBM's OS/2 operating system (a loooong time ago). I still believe that OS/2 was technically a product that led its market segment at the time ... technically. As an engineer, you could love it.
But Microsoft concentrated on other aspects of its Window OS and effectively captured market mind-share and applications quickly. By the time we realized their advantage, it was too late to recapture the industry focus & mind share. Users had to be willing to pay a hefty price in terms of giving up applications, and engrained habits, in order to switch to OS/2. I think that it is fair to say that OS/2 never overcame the entrenched advantage that Windows was able to rapidly establish. Many people said that Microsoft did a better job at marketing Windows than IBM did with OS/2, and that is what made the most difference in the eventual outcome. I don't mean to reopen any of those debates, but instead consider whether there are similarities with the situation today where Microsoft is playing a very different part in the story.
Fast forward almost 20 years. Today, Microsoft has a new system that can be considered to be technically ground-breaking in some ways. However, the user base has already shifted and become entrenched with the applications and engrained habits of either Apple iOS devices or Android. No matter whether Windows 8 and Windows Phone and Surface are impressive (or not), the fact remains that a lot of people have already made their "choice". As Brian Hall points out in his article: "To succeed in this environment, Microsoft ... has to ... demonstrate how its product is so utterly superior that customers should leave behind all their iPhone or Android content, apps and familiarity. This is a tall order, indeed".
Maybe I am wrong about this, but it seems to me as though Microsoft has gotten itself into the exact same situation that OS/2 was in when that product was struggling to compete with Windows OS, back "in the day"....
Leigh_Williamson 060000DVGQ Tags:  app-development ibmmobile rational ibmmobilefirst williamson rational-sig 8,424 Views
What does a conference with over 70,000 attendees look like?
I recently chatted with Paridhi Verma about some of the things that stood out to me at MWC 2013:
Christian Karasiewicz 270005XS4E Tags:  junggun_cho mobile_enterprise mobile_strategy 9,216 Views
This blog post is contributed by Jungun Cho, a member of the IBM Global Technology Services Workplace Architecture team within the IBM Mobility Center of Competency.
In “2013: The year of the snake and the year of mobile!” I explained the importance of becoming a mobile enterprise. In this series I will explain how to do so, beginning with development of a mobile strategy and policies, as well as the education of employees to overcome barriers to the use of mobile devices.
Start with strategy
Many companies hastily start their environment conversion (for example, implementing Bring Your Own Device [BYOD]) by activating email features on smartphones and tablets, and then thinking about what they can apply next. I don’t recommend this; a CIO organization should first set up a long-term roadmap and then choose the proper security level in order to minimize investment cost and carry out a successful project that satisfies everybody.
Working with personal mobile devices is completely different from working in the traditional work environment, and it’s accompanied by lots of security and legal issues. First, enterprises need to sufficiently consider how to support working with mobile devices. In particular, privacy and license issues are very sensitive in a BYOD environment and you should operate BYOD services only after you provide proper education and warnings. (And, of course, you should bring in solutions to minimize security risks.)
Every corporation has guidelines and standards for its operation. Before considering technical matters, the CIO and legal team should revise these policy documents in order to implement mobile enterprise. For years IBM has been continuously revising its business conduct guidelines and security standards in accordance with the currents of the times—consumerization and a mobile environment.
I’ve observed a company in Korea that has been preparing to convert itself into a mobile enterprise and now has all necessary technical infrastructure in-house. However, only a few persons are able to use the infrastructure outside of the company, as its internal regulations strictly prohibit information leakage. Because the company started its conversion without properly establishing policy, this might cause a waste of investment.
Educate your workforce
I also cannot overemphasize the importance of overcoming cultural and generational barriers with proper training for users. Here is an example from my experience. In 2011, I expected employees of IBM Korea to be happy when I planned to provide email, calendar and contacts features for their smart devices, including non-BlackBerry devices such as iOS and Android devices. It seemed to be a reasonable expectation, since the pilot program had shown that the satisfaction rate of most employees was encouragingly high.
Like now in 2013, in 2011 Korea was one of the top countries in terms of smartphone ownership rates under the influence of Samsung Electronics, one of the biggest mobile producers in the world. IBM Korea employees’ smartphone usage rate was almost 80 percent when the email service for smart devices was provided in IBM Korea. WiFi and WiMAX services were almost everywhere, and all wireless data services including tethering service were provided without limit. However, to my surprise, the usage rate of mobile email service remained around 50 percent after three months, and I had a hard time increasing users in order to meet return on investment (ROI).
What should’ve been done to successfully convert IBM Korea into a mobile enterprise? What caused this situation? The reasons I’ve found are:
Let’s look into each one of these problems. First, an eight-digit password and storage encryption are essential requirements for protecting a company’s information if a mobile device is lost; these should be enforced right away. However, many employees just give up using company email because of the inconvenience of entering the eight-digit password every time. This inconvenience can be reduced by a containerization technique, which asks users to enter their passwords only for using the company applications. IBM is still pilot-testing this technique, and users’ feedback is very positive.
Second, peculiar cultural characteristics might cause concerns over working time increase and work-life balance. In some Asian countries, strict respect for seniors is expected, and there is pressure upon employees to carry out their seniors’ requests any time and right away. The management was pleased when email services were enabled on mobile devices, but many employees did not ask for the email service because they felt pressure to check email all the time and work around the clock.
This problem can cause labor-management conflicts in companies or countries where overtime compensation is strictly calculated and paid. To prevent this, “A Toolkit to Support Federal Agencies Implementing Bring Your Own Device (BYOD) Programs,” written by the US Digital Services Advisory Group and Federal Chief Information Officers Council, recommends that a company should discuss the BYOD program with a joint labor-management conference (or a labor union) from the beginning and operate the program together. There must be a shared understanding that the conversion into mobile enterprise should be considered from the perspective of employees’ efficient working environment, instead of the perspective of a company’s profits, and that it can actually help work-life balance, as against the prejudices of lots of employees.
It’s a misjudgment that everyone who has a smartphone naturally uses Twitter, runs a blog and uses social apps as well. I’ve seen many people who don’t know how to tweet and think that it’s enough to use camera, texting and navigation features. They find it hard to install and use email service, and cannot use even the half of the email service features. So some workers simply don’t want to adapt to a mobile environment.
Effective ways to change this passive attitude and overall environment in a company include training, active engagement of top management and utilization of social tools by way of internal communication channels.
IBM is using its own social tool named IBM Connections for communication between management and employees, which facilitates active responses and prompt feedback from anywhere in the world. Some people are more active in using social tools than they would be in public, and the participation of employees was highly improved when management took the lead in using social tools.
The first step for a social tools–friendly environment is to train employees. Just as extensive training was provided for employees when converting into a Windows-based environment, trainings for using social tools and collaboration tools should be provided to employees—especially for senior-level workers and non-technical workers. Virtual education can be useful. And this should include non-functional trainings such as social tool usage etiquette and social guidelines.
A prerequisite for a successful mobile enterprise is that a large number of employees utilize social tools. When seniors with accumulated knowledge actively participate in socializing and sharing their knowledge, more people will participate and a true synergy will be achieved.
Stay tuned for future installments in my series, “How to be a successful mobile enterprise.”Junggun Cho helps oversee security, network and mobility areas in Korea BT/IT. She is also an IBM Redbooks thought leader. Follow Junggun on Twitter at @junggun_cho.
Christian Karasiewicz 270005XS4E Tags:  juarez_barbosa ibm_mobile_database android ibm_informix 2 Comments 24,434 Views
This blog post is contributed by Juarez Barbosa Junior, an IT Specialist working for WW Development Support Team (DST) at IBM.
IBM Mobile Database is a free product for Android applications. It has many enterprise features that ease the development of complex applications, making it possible to integrate and synchronize the Android application's data sets into larger database (DB) deployments using existing IBM DB2 or IBM Informix databases. It also allows your Android application to operate in offline mode and then conciliate the data with the remote DB2 or Informix databases.
When we develop mobile applications, there are several use cases and scenarios that require us to use a mobile database. We have to deal with intermittent connections, avoid poor usability and responsiveness, cope with limited bandwidth by reducing network communication (less traffic may mean less charges), reduce battery drain and respond to many other mobile computing constraints.
IBM Mobile Database can address all those requirements as well as provide many other enterprise features by allowing us to build complex, robust applications. One might say that we have many other mobile database options for Android, including the native SQLite. While this is true, depending on your enterprise requirements, you will need to build several custom, in-house mechanisms to allow for truly robust integration with back-end databases and systems. This is a hard, error-prone task!
So these are the key differentiators of the IBM Mobile Database: its enterprise-ready capabilities, tight integration with IBM DB2 and Informix, and leverage of IBM InfoSphere Change Data Capture to support advanced replication, synchronization and caching schemes.
Some outstanding features of IBM Mobile Database are:
So, with so many facilitators and enterprise-ready features, this amazing database solution has the mechanisms to allow you to approach your next Android application solution the right way.
Would you consider the IBM Mobile Database for your your next Android application?
Juarez Barbosa Junior is an IT Specialist working for WW Development Support Team (DST) at IBM and an IBM Redbooks Thought Leader for IBM Mobile. Follow Juarez Junior on Twitter.