LANDesk

Blog banner

The A-Z of the Service Desk and IT Support Show

We are slap bang in the middle of the ITSM Expo and Conference season. With less than a week away from the Service Desk and IT Support Show (SITS) in London Tuesday 29th April and Wednesday 30th April. Here is my A to Z of what to watch out for and cross off your list:

A – Top visitor tip to help you plan your visit, download the SITS App 

B – I’m looking forward to a presentation from Barclay Rae @barclayrae on Wednesday at 10:00 am entitled Respect the Service Desk explaining how to rethink the role of the Service Desk

What would you call this caption?

What would you call this caption?

C – Come up with a witty Caption to go with the image on the left and tweet it back to us @LANDESK for your chance to win a KINDLE Fire HD at #SITS14

D – For your chance to win either Dre Powerbeat headphones, a Pebblewatch or a Nike+Fuel band attend seminar on the LANDESK stand 400

E –  The Education Programme at SITS takes the form of Keynotes, seminars and roundtables.

F – I’ll be interested to see the reaction to the presentation from Fairday Research’s Peter Johnson @TechPsychSoc a work psychologist who will be asking us to question values and embrace chaos in his presentation on Wednesday at 12:30 pm.

G – Gartner’s Jeff Brooks @JeffintheFM  kicks off the keynote sessions on Tuesday by explaining how the ITSSM MQ and the Critical Capabilities for IT Service Catalog are compiled as well as presenting on  Business Value Dashboards – sessions not to be missed!

H –Make sure you participate in the Hot topic round tables available for practitioners to share and learn from peers about crucial topics to ITSM success such as measuring metrics.

I – A panel debate about ITIL, with Kaimar Karu from Axelos, Ian Aitchison @IanAitchison of LANDESK, Stuart Rance @StuartRance and others debating the future of ITIL (Wednesday April 30) is set to be lively.

J – G2G3 is the leading lights in the area of Gamification and Jason McClay of G2G3 hosts an interactive session that I think will be worth a visit.

K – Kaimar Karu @KaimarKaru will be delving into DevOps on Tuesday at 12:20 pm. Attend to hear what the new Head of ITSM at Axelos has to say.

Bunny With DeliveryL – LANDESK expo stand 400. There will be so much going on here, it’s hard to fit it into a few words – on stand presentations and demonstrations, PIMMs o’clock (4-5 pm), experts from around our business ready to listen to your requirements.

M – Meet up with others that are attending! ITSM practitioners are a really social bunch and ready to share their experiences. So, if you are waiting in a queue or sitting alone in one of the cafes, turn round and introduce yourself to the person next to you or pre-arrange a meet up via Social Media.

N – New to SITS this year is the ITSM contributor of the year. Nominations have been taken from the industry and the winning professional is planned to be announced by the organizers at the show.

O –  SITS is Organized by Diversified UK. I’m sure if you have suggestions for improvements after your visit, they would be happy to hear from you @DiversifiedUK

P – The Pink Elephant team will be on stand 916. These are the guys that ITIL verify ITSM vendor solutions such as ourselves as well as providing consulting and education services @PinkElephantUK

Q – Avoid the Queues and pre-book SITS sessions here

R – Re-energize ITSM is our theme for the LANDESK stand. Whether that is going back to basics or moving up the maturity ladder we want to help put some energy back into your world.

S – LANDESK has worked with the Service Desk Institute to research your thoughts on the future of the Service Desk. You can pick up a copy of the resultant report “The Future of the Service Desk… Shadow IT?” from our stand or @sdi_institute  stand 100

T – If you can’t visit the show, keep an eye on the SITS Twitter hashtag to hear the latest from the presentation theatres and more #SITS14

U – London Underground workers have unfortunately chosen the SITS week to go strike. West Brompton station, which is directly opposite the hall is however served by the over ground.

V – The change and release manager from Virgin Media, Vawns Murphy Guest @vawns  will be presenting on Software Asset Management. Hearing from other practitioners is what SITS is really all about.

W and X – Okay, I’ve cheated. With the end of life of Windows XP this month, we’ve had lots of requests to help migrate away so as well as talking about our trusted ITSM solutions, the LANDESK team will be on hand to provide advice on this topical concern and other client management or security requirements.

Y – You; if you are speaking to vendors on stands, make sure they are focused on you and your needs not them and what they can sell you.

Z – Zing! After re-energizing at the show, I guarantee that you’ll return to your respective organizations with a refreshed Zest for ITSM.

LANDESK takes action on Heartbleed. Updated: April 17, 2014

In light of the recent OpenSSL Heartbleed vulnerability news, LANDESK has analyzed our portfolio of products and websites and is providing the following update. For additional and continually updated information on this issue and LANDESK products, see: http://community.landesk.com/support/docs/DOC-31332. For updated information about other Wavelink products, see: http://community.landesk.com/support/docs/DOC-31375.

  • LANDESK Management Suite and Cloud Service Appliance ARE potentially affected by this vulnerability. It is unlikely that sensitive data is at risk due to the vulnerabilities within these products, but patches have been built for LDMS and CSA to remediate the vulnerabilities and are currently being tested. The patches will be available from LANDESK support as a hotfix, and will also be contained in the next set of patches that are released.
  • The following have been assessed and are NOT believed to be impacted by Heartbleed:
    • ServiceDesk
    • Service Desk as a Service (SDaaS)
    • Avalanche on Demand
    • LANDESK Mobility Manager
    • Asset Lifecycle Manager
    • Password Central
    • Shavlik products
    • Other LANDESK Cloud Services
    • The LANDESK customer- and partner-facing websites are NOT impacted by Heartbleed

Update (April 15, 2014):  A patch has been issued for the LANDESK Cloud Service Appliance (CSA). This can be applied through the CSA Update function inside the product. For additional information on this and the status of other potential LANDESK product exposures to the OpenSSL Heartbleed vulnerability, please refer to the knowledge base article http://community.landesk.com/support/docs/DOC-31332.

Update (April 17, 2014): LANDESK has released a patch addressing the OpenSSL Heartbleed vulnerability for the LANDESK Management Suite client. This patch applies to LANDESK Management Suite versions 9.5, 9.5 SP1, and 9.5 SP2. The patch was released as content in LANDESK updates in Patch Manager. LANDESK has released this patch as a content update, available via the Update function in Patch Manager inside the product. This update is available for all customers. For additional information on the OpenSSL Heartbleed vulnerability, please refer to the knowledge base article located at http://community.landesk.com/support/docs/DOC-31332

Please contact Customer Support if you have additional questions.

Heartbleed Vulnerability: What it Means for your Company and for You

It’s been a few days since the Heartbleed OpenSSL vulnerability was announced and I’m sure you’ve read some media coverage. Let’s cut to the chase on what you should do:

For your Company

  1. Patch any systems using OpenSSL 1.0.1 with version 1.0.1g
  2. Revoke certificates on impacted systems
  3. Issue new certificates for newly created keys
  4. Install new certificates on systems
  5. Change passwords for accounts on such systems
  6. Check with vendors to see if their software is vulnerable
  7. Follow vendor recommendations to update the software

For you Personally

  1. Check websites to see if they were vulnerable to this vulnerability –  most organizations are posting some reference to this. You can also check this list provided by Mashable.
  2. Change your password on those vulnerable websites once they have fixed the flaw. Note it’s key this is done after the flaw is removed.

If you want some additional context on why Heartbleed is different…

I’ve been in information security going back to the 90s and there are a few landmark security events I will never forget. Massive exploits like Melissa, Code Red, and Nimda are seared in my memory after cleaning up, responding to, or analyzing affected systems. Then in the later 00s, the world shifted to the targeted attack where exploits weren’t as widespread or well known, but more damaging: Aurora, Stuxnet, APT1. Ignorance is bliss, until the damage is done.

The OpenSSL Heartbleed vulnerability is a game changer and landmark moment in computer security because it is the first time the world is rushing to address a vulnerability (not a virus) en mass.

What steps are you taking?

What steps are you taking?

Heartbleed is a vulnerability (weakness in OpenSSL), not a virus, and yet there is as much buzz from tech and mainstream media as any mega viruses of the past. This is because websites and software using OpenSSL could be exploited and you wouldn’t even know!

In simple terms, one could send a web server running OpenSSL a message and get back data from memory on that web server. What information might be in that memory?

  • Encryption keys
  • Passwords
  • Account names

Oh, and did I mention that you can’t detect if you were exploited?

So, what web sites, products and technologies use OpenSSL?

  • Major websites such as Facebook, Google, and Yahoo
  • Email services, including Gmail and Yahoo Mail
  • File share services, such as Dropbox and Box
  • Countless variants of enterprise software
  • Older versions of Android
  • Routers and other embedded systems

Bottom line: OpenSSL is used all over the place and affects lots of different systems.

Mitigation

Let’s go deeper on the mitigation and why patching alone is not enough. Here is where it gets really ugly. There are multiple steps to ensure full protection.

  1. Patch vulnerable systems: Anything running OpenSSL should be patched. This includes websites, 3rd party software, cloud systems, and even Android devices. Patching closes the weakness and prevents information from being stolen from systems running the vulnerable version, but unlike other vulnerabilities, you may still be exposed after patching.
  2. Revoke, issue, and install new certificates: Yes this is a painful step, but if a hacker were able to compromise the encryption keys with the vulnerable OpenSSL, you could be at risk of having sessions being decrypted.
  3. Change passwords for accounts on compromised systems: Again this may feel extreme, but account passwords could have been discovered with the vulnerability exploit.

Reality Check

So, how bad is this really? On one hand, the prevalence of OpenSSL in software and websites means there are a lot of ways to compromise systems, sessions, and accounts. This is really bad when you consider the exploit is considered difficult to detect.

That said, the likelihood of your account and password being discovered is low. Take one of the big websites like Yahoo that has millions of accounts. It’s possible your information might not have been in the random memory that was returned when OpenSSL was exploited. Websites are probably not going to force you to change your password because of the overload on authentication systems and the potential fear that might induce. Nevertheless, let’s everyone should use this as a reason to change your passwords that you haven’t changed (let’s be honest this is all of them).

Some are recommending changing account names too – as those could have been exposed. This is a painful step and probably reserved for the most security paranoid.

So what should you definitely do vs consider doing?

  • Patch vulnerable software: definitely
  • Update certificates on affected systems: definitely
  • Check vendors and websites to see if they are vulnerable and fixed: definitely
  • Change passwords for affected websites and systems: yes, it hurts, but do it
  • Change your account names: good idea, but probably not practical
  • Bonus: Turn on two-factor authentication on your web services if they offer it

Resources

There are loads of websites with recommendations and information. I have seen conflicting information so check with the website \ vendor for the most authoritative response. Here are some of the better ones:

Don’t focus on the hype of Shadow IT, focus on the user and ROI

With the current trend of the industry, as IT professionals we have the opportunity to impact the business more than can be imaged. As we have seen from the Target security breach, a failure in IT can cost millions but the more typical issue is that a failure in IT just impedes the business. Shadow IT is the current buzz word for departments creating their own IT solutions. In one of my past lives,  I was part of a shadow IT project. We determined that for our department to be successful, it was imperative that we proceed with a project before our turn in the backlog. IT was willing to support the project and wanted to see us be successful. They just didn’t have time or resources to support the project. This project occurred years ago, long before shadow IT was a trend and point of discussion.

Shadow IT ROIRecent studies have shown that IT spending for 2013 was at least 2.68 trillion dollars. But the curious part of this is that over 80% of that will be spent on KTLO (Keeping the Lights On). As each new project is completed, it will have a new maintenance cost. Over the next few years without a change,  IT will run out of resources to implement new projects. This limited set of resources is causing IT to have a large backlog of projects furthering the desire for departments to run shadow IT projects. After a shadow IT project is implemented then the department wants to hand the project back to IT. In essence that project was able to circumvent the backlog and move to the top of the priority list.

As IT departments we need to make sure that we analyze that all projects are producing the ROI that we expect and require. What is the impact to the User? Are they more productive because of this project or product? What is the experience of the admin, is it a sustainable project, is it easy, can it be adopted? Does the solution solve a business problem? Is the ROI real, did we save money, did we get budget back from consolidation? If we focus on these areas, we will be able to transform to the IT department of the future.

End Users: The Locomotive Heading Directly for IT’s Covered Wagon

I have a confession. A few months ago, I went to our IT department and asked if they could help us implement a new service that would automate our win/loss analysis program. They said they could, but wouldn’t be able to get to it until 3-4 months out (granted, part of the time was during the holidays). I’m not the world’s most patient person, so I decided I’d take the bull by the horns and figure out how to do it myself. I’m sure I created some security concerns with my implementation, and I’m fairly certain IT doesn’t have any access to what I did, but that’s their problem. Sometimes work has to get done, and in this case, it did.

Moving trainI’m not the only one guilty of going around IT to get work done. We recently visited with a customer who had a policy that no one could use Dropbox to store work files. The policy worked for about three days, until a senior director came to IT and told them that his team required Dropbox to collaborate on important strategy documents, and IT could not restrict access to it. After fighting a long battle with the team and later executive staff, the IT department finally went to the board of directors and voiced their security concerns. The board, after hearing IT’s concerns, decided that the risk was worth the boost in productivity.

About a year ago, I wrote a blog post about IT getting circumvented by the end user. During that time, many IT organizations were forcing policies and procedures on end users that severely limited their productivity. Since then, the problem has been exacerbated immensely. Older, monolithic systems are keeping IT from being the deliverers of innovation to the business. On the other side of the coin, enterprise-grade services in the cloud are being developed just about as fast as pickup trucks in Texas. A study by IDC stated that 82 percent of net new applications are built for cloud delivery. These services provide huge productivity boosts, but IT can’t keep up with the pace of user demand. Gartner stated just a few months ago that by 2017, the CMO would own half of the overall IT budget. So what does this mean for IT?

Shadow IT – Get Ready for Change

Shadow IT- the notion that pockets of IT expertise are being hired by individual business departments to meet specific business requirements – is an indicator of big things to come. In this type of model, IT changes entirely. Internal process optimization and management of infrastructure is likely to get outsourced so IT can focus on the more important things: helping the end user. Gartner predicts that in 2014 IT departments adopting hybrid cloud services will likely be “filling the role of cloud service broker.” This will make IT a critical piece of the business, and will give IT the flexibility to quickly meet the demands of end users better than ever before.

This also indicates a fundamental shift of focus is in order for IT. No longer will IT be worrying about their problematic Exchange Server implementation, or their heavy ERP system they have to keep up and running. Instead, IT will be managing vendor relationships, ensuring that end users have access to critical business services, and optimizing the experience end users have on whatever device they might be on.

Where IT Lives in the Personal Cloud

If you’re following my train (no pun intended) of logic and you work in IT, you may be wondering what your personal responsibilities might look like in this new world. To answer Girl with tabletthis question, consider for a moment the world that an end user will live in. They will undoubtedly be using a combination of web, mobile, and desktop applications for personal use, and to get their job done. They might be getting those applications from an app store or from a departmental admin, but one thing’s for sure, there are a lot of them (and most of them aren’t built by Microsoft).

IT’s responsibility will be to manage the intersection of that personal cloud with the critical business services that the end users need. IT will be enablers, making sure users have the access they need to those services, that they are running properly, and that the data generated and stored with these services is secure. IT then will need to take a user-oriented approach.

Think you have some time to jump on the user-oriented IT bandwagon? Think again. This ships sailing baby, so hitch up the horse or get left behind. Time to unhook the trailer, and I’m not talking about that extra 10 pounds you put on to keep warm during winter. As President Barack Obama would say, change is ahead. The digital revolution is changing the way that end users work, and in turn, the way that IT gets their job done. IT professionals that are not willing to compromise with end users and embrace new technology will soon find themselves out of a job to do. Conversely, those who look to streamline their IT operations and adopt new practices and technology that improve end user productivity will find their contribution to the business bottom line invaluable.

What do you think? Is the digital revolution more hype than substance, or is IT in for some big changes just around the corner? Leave your comments below.

LANDESK Brings User Oriented IT to CeBIT

As part of the Arrow “Virtualisation & Storage Forum”, LANDESK attended CeBIT 2014. Holger Höft, LANDESK Region Central Sales Director, believed that this event was the ideal platform for LANDESK to show presence in the marketplace and have the opportunity to increase awareness of our user oriented IT offering.

LANDESK stand at CeBIT

Holger Höft chats user oriented IT at the Arrow stand

CeBIT markets itself as the world’s most important platform for innovation and business in the IT industry. This year it attracted a total of 210,000 visitors. According to the exhibitors, the fair drove around 25 billion euros in IT investment this year – 25% more than last year.

Contributing to the success was a new hall concept and tailor made “C-Level Programs” for decision makers along with a Global Conference which had 140 speakers across 70 lectures, including IT icons such as Steve Wozniak and Jimmy Wales. CeBIT was definitely looking to build the event to be the most important congress of the digital world.

LANDESK had a successful week. Presentations on the booth, including customer speakers Reiner Bierwirt from LOH Group and David Kreft from Wago, were well attended and gave the LANDESK team to talk to some great new customers.

Definitely an event we’ll be looking at again next year.

Help I’ve Forgotten My Password…again!

I’m writing this blog while waiting for a response from whom I shall refer to as “Your Company IT Failed Me” to my email – “Help I’ve Forgotten My Password”. Yes, once again I’ve forgotten my password and “Your Company IT Failed Me” doesn’t have any way of recovering or resetting passwords, so I’m twiddling my thumbs waiting for someone to email me and get me back into the system.

Woolley Headed End Users

Meanwhile it got me thinking. How many times has that email or phone call hit that company’s call queue in the last month and how much time have they wasted responding in person? For many of you in service desk land I guess it’s a pretty typical daily occurrence that takes up valuable time of analysts. Analysts, who at the same time are getting frustrated and annoyed with woolley headed end users like myself, because we are stopping them from doing real IT work.

As organizations attempt to secure their IT data and environments they implement ever Reset my password!more rigorous policies, which leads to more complex password rules that result in end users like me creating dozens of different passwords then promptly forgetting them. And if it’s forgotten outside of business hours then it might not get a fixed until the morning causing the kind of down time that no end user customer can afford.

Under Fire

It’s a complete productivity killer and can give rise to some pretty unhappy end user customers. Your call queues are blocked with lots of simple reset requests and other end users with more complex issues are still waiting for resolutions. The service desk then, once again, comes under fire for something that is easily solvable. An HDI survey found that more than 30%* of all service desk calls deal with password complexities and resets. Imagine what you could do if you got back that 30% of your time!

Of course long call queues and higher than necessary service desk headcount utilisation with a shrinking budget is an unnecessary cost that you just can’t afford. So both the end user and the service desk lose.

How can you both be on the same winning side again? Two words – Password Management. I say Password Management, because resets are only half the story. You can do a whole lot more from a productivity and security perspective if you broaden your thinking beyond simple Active Directory resets.

Imagine IT Done

  • Imagine opening a ticket, entering the service desk password reset request, storing the information, closing the ticket and capturing your information security metrics through automation. The cost savings would add up fast.
  • Imagine how happy your end users would be if you gave them not one but multiple ways to reset their passwords even if they are locked out of their computer
  • Imagine simplifying password maintenance by synchronizing passwords to one log in for all systems and applications per end user identity.
  • Imagine centrally enforcing corporate strong password rules and reducing vulnerabilities by making passwords more difficult to crack.
  • Imagine reducing your end user frustrations when a user tries to think of and change their password by coaching them with explanations of password policies, testing password strength, and recommending how susceptible a password is to brute force attacks.

It’s Time to Revolt

I say, it’s time to hand the power of password management back to the end user customer and eradicate password reset requests from your call queues. Eliminate time previously wasted by your service desk staff in conducting enterprise password management while still providing the IT security audit controls necessary to verify users while saving you money.

By employing password management you can change how the service desk operates; reduce unnecessary call volumes, improve service levels, reduce maintenance and administration, take care of security and improve end user productivity while at the same time dramatically reducing costs that are associated with password management.

Do you hear me “Your Company IT Failed Me” – I’m talking to You!

Password Management – Start Your Own Revolution

BYOD Now More Important to Workers Than Coffee

Using personal devices in the workplace is not a new topic and now pretty common practice across the European workforce. However, whilst many people are still talking about the effects BYOD is having on staff productivity and the remote working benefits it offers, the cost saving and corporate spending debate for organisations and users remains on the side-lines.

According to our recent research, having the latest consumer device to use in the boardroom or replacing a notepad for a tablet is proving to be so popular with employees that not only do 39% of employees now purchase their own device for work purposes, but they are actually spending more of their own money on them than they are on tea and coffee.

This is interesting for two reasons. The first reason being that users deem having items such as smartphones and tablets as more essential to their everyday lives than food and drink. The second is that they are happy to put their hand in their own pocket for the devices they want. Buying work based devices would never have been on employee’s agenda even as little as seven years ago, but now, ‘off the shelf’ devices have become so mainstream that it is now considered a business faux pas to turn up to work without one.

As a result of this businesses, are benefiting from having more devices in the workplace, which aren’t being funded by the IT budget and staff are easily able to work outside of the normal boundaries of 9-5. Whilst this might sound like a lose: lose situation for workers it is actually empowering them, allowing them to break away from their desks and enjoy working on the devices they want to be working on rather than the traditional, old, clunky work laptop.

My message to businesses who haven’t adopted a BYOD policy yet is to adopt now and put your users at the heart of everything you do. A user-centric approach is vital in empowering a workforce and whilst the amount of devices may double across the workplace, there are very easy ways of keeping track of who has what, and how information is shared on each and every device.

Whilst the initial stages might seem daunting, the long term benefits for all involved are tremendous and the money being saved by businesses can be reinvested not only in other resources, but also in employees to make their working lives easier and more enjoyable.

When it Rains it Pours – RSA Recap

Another year, another RSA Conference in the books. Each year more massive than the last; 2014 saw 25,000+ attendees sprawled across San Francisco’s familiar Moscone North and South and new to this year’s conference, Moscone West.

One thing everyone will remember from this year’s show will be the rain! A solid downpour on Wednesday pushed heavy traffic into the expo hall. Sponsors took advantage, but the most popular booths weren’t the ones with compelling messages and products, but rather the ones that offered umbrellas as give always. Purposed swag for next year’s LANDESK booth: branded galoshes.

The LANDESK booth at RSA

The LANDESK booth at RSA

For me, one surprise from the expo floor was the lack of mobile vendors. Aside from a token both here and there, it was clear that mobile companies chose to put their resources into Mobile World Congress, held the same week in Barcelona. With so many companies adopting a mobile first strategy, security around these devices is surely top of mind. RSA is going to need to pull mobile vendors back to their show.

The buzz word at RSA this year was the Internet of Things. The idea that everything around us will be connected. CISCO’s SVP Christopher Young stated in his keynote that 99% of devices that can be connected have yet to be connected. Cars, refrigerators, thermostats, key chains; endless possibilities and endless opportunity for the company that finds the right way to manage and secure these devices. It truly is a new model for security but it won’t be solved in the way people might think. You can’t chase devices; you’ve got to focus on the user.

The third standout message, and one that LANDESK knows intimately, was around that user. The expectation in security has changed: you need to protect more things, but you better not get in the way of the end-user experience. Our industry is backing away from the “rule with an iron fist” concept of control and compliance. Instead we look to users to play a part in their own security. “Empower your users to do xxx or yyy” was the tagline of many booths.

This is the opportunity for LANDESK. Our broad and integrated product portfolio allows us to not just focus on security, but to focus on the entire experience that IT offers to end-users. User expectations have changed. We will be successful by enabling users to be their most productive while helping IT embrace the speed of change.

User-Oriented Mobility: One Size Does Not Fit All

If you read the media, one would think that the whole world is going to be using their own device and that device will be mobile. While BYOD and mobility are indeed transformative, this monolithic view of the world misses some key differences based on different types of users and the job they do. Taking a user-oriented mobility view shows some key differences between people based on the job they do.

As you look at different users, you see some key differences in the devices they use, the ownership of the device, and the business concern for that device. In an attempt to simplify (but not oversimplify) mobile users, let’s look at 3-4 different user types:

  • Operational Task Workers
  • Customer Task Workers
  • Knowledge Workers: Corporate Controlled and BYOD

Operational Task Workers
Think of the person working in a warehouse or doing deliveries and this would be your operational task worker. What does user-oriented mobility mean here? This person is probably using a rugged mobile device that probably has a barcode scanner or takes signature input. This person is not going to be bringing their own device to work do to cost and specificity of the job. Organizations primary concern here is productivity so they are going to provide the device, standardize devices for consistent experiences, and the devices will be shared due to shift work. Without this device, the user is unable to do their job as it is mission critical to their work.

Knowledge Workers: Corporate Controlled
Accounts, lawyers, marketers, HR, engineers and many others make up the knowledge worker space. To date corporate control has been the norm and in many cases will remain the norm for certain industries and geographies. For example, many European countries privacy and work laws result in users having a personal smartphone and a work smartphone. Other regulated industries (finance, healthcare, government) want to maintain control to be in compliance with standards.

Security is the primary business concern in this situation. Here users will be provided the device (a smartphone and\or tablet) and in many cases the experience will be similar to desktops and laptops in that the devices have a higher level of standardization, control, and security. Unlike the operational task worker, this person isn’t crippled if their device goes down as they will likely have a laptop or desktop or another mobile device to fall back on.

Knowledge Workers: BYOD
Everyone’s favorite topic: the BYOD knowledge worker. In some cases this person is both BYOD and corporate controlled. This person has a new tablet or phone and wants access to corporate resources across all their devices. In other cases, this could be a contractor who has their own devices and needs to access a client’s ‘network, apps, and data. User-oriented mobility means less intrusion on the end user experience, but security is still paramount for the business. Herein lies the challenge: secure the user’s personal devices without disrupting their experience.

Customer Task Workers
I saved this one for last because it is an interesting segment. This might be a retail associate, a car salesman, a healthcare worker or anyone who is assisting customers with a sale or service. This person is interesting because they are most likely moving away from a shared PC or shared rugged mobile device to a tablet. This user’s device is typically corporate owned due to shift work and the need for standardization. There is a strong need for security and productivity here due to the type of information that is stored or accessible from this device (product information, customer information) and the purpose of the device (sales and customer transactions). Expect a lot of device proliferation here as they are coming from a shared device model.

Mobile is applicable to everyone. User-oriented mobility means organizations need to consider the types of devices and solutions that are most appropriate for the different users to do their job.