Originally posted on Chuck’s blog 6/25/2012:
Just about every aspect of enterprise IT is in play these days, if you think about it.
One of the more challenging aspects is fully embracing the new endpoint for IT service consumption — the ubiquitous mobile device.
To be clear, we’re not simply talking about a BYOD (bring your own device) program, or re-hosting legacy apps on mobile devices via VDI — although those are pieces of the bigger picture.
No, what we’re really talking a fundamental re-thinking about how application experiences are built, distributed and consumed. Mobile first, if you prefer.
And whether that new capability is pointed at your employees, your partners or your customers — the changes are turning out to be very far reaching indeed.
EMC’s own IT group is no stranger to these forces. For the last few quarters, a small team has been working towards enabling mobility across our entire organization and business model. I first introduced this story back in January of this year.
Now, five months later, I thought it would be good to circle back with the EMC IT team and get a status report: what have we done, and what have we learned?
Quite a bit, it turns out.
The rationale behind this transition is pretty obvious to just about everyone: we live in a mobile world. We all carry powerful easy-to-use mobile devices, and we all prefer easy-to-consume application experiences to go with them. The desktops and laptops are getting less use; the tablets and smartphones have quickly become our first go-to device.
We — as IT consumers — have made our preferences pretty clear. Now it’s up to enterprise IT organizations to figure out what to do about it.
And it’s not easy. For example, IT has to think about devices and networks differently. We have to think about security differently. We have to think about how applications are constructed and consumed differently. And, oh by the way, there are still plenty of desktops and laptops hanging around that aren’t going away anytime soon.
But — like most things in life — there really isn’t a choice about the general direction: it’s pretty much a given. The devil is in the details: how to organize, how to build capabilities, and how to mainstream into the general flow of activities.
In a nutshell, that’s the idea behind an enterprise mobility platform and overall strategy: move the organization into the new world, and — hopefully — make it better than the world it replaced.
Catching Up With KK
One of my favorite characters at EMC is KK — Narayanan Krishnakumar, the chief architect within EMC IT. He’s always working on cool stuff, including playing a very strong role in the definition and execution of EMC IT’s approach to the mobility challenge.
So, KK, where is the team today?
We’ve made good progress over the last two quarters.
We’ve got our MDM (mobile device management) platform up and we now are actively managing 4500 mobile devices around the globe. Once a device is registered, we essentially take control of the device from a security standpoint.
We’ve had a few issues in certain countries where it’s not acceptable to remotely wipe an employee’s device, but — generally speaking — we’ve seen strong adoption.
Part of the adoption success has been an important “carrot” we’ve created, which we call mWiFi. If you walk into an EMC facility anywhere and have registered your device with us, you’re instantly on our wireless network: no need to manually configure and authenticate. It sounds like a little thing, but it’s enough of a practical convenience that it’s driving adoption nicely.
We have an enterprise app store that enables us to make available the right apps for the right users and manage the distribution. We now have three categories of apps in our enterprise app store. One, obviously, are pointers to useful apps in the Apple app store. Another category are mobile applications from enterprise vendors, such as SAP BI. And there’s a third category of EMC IT-developed applications.
Securing the first category is fairly straightforward, as is the category of our internally-developed applications. We’re still working through the best way to secure vendor-supplied enterprise mobile apps, but we’re making progress.
Our EMC enterprise app store authenticates you, it validates your device characteristics, shows you the applications you’re entitled to, manages the installs and updates, logs all the relevant data, and so on. We had to do a significant amount of building on top of the vendor-supplied platform to achieve all of this, though.
There’s a lot to talk about here, so let’s start with security — that’s a big issue with everyone.
As it should be.
Our approach starts with securing the device, for example, we can detect if someone has jailbroken their phone. We’ve created an EMC container that provides local encryption services, as well as REST API access to EMC authentication mechanisms.
Ultimately, the application designer has to be responsible for how they’d like to handle security; we supply the services they’ll need to accomplish that.
We’ve tried out the approach on applications that aren’t all that demanding, like our conference room finder, as well as around applications that handle secure data, like our employee lookup database. We’ve been very pleased with the results at both ends of the security spectrum. Now we believe the right approach is to provide the services that application developers need.
You mentioned that EMC IT had created a mobile application container — can you say more about that?
Well, we discovered that people were using groups of applications during the day, rather than just an isolated one once in a while. By using a container-based approach, we can provide, for example, a persistent security identity across multiple applications in a container vs. forcing the user to re-authenticate themselves with each and every application. The same sort of thing applies to data sharing between applications, like cut and paste.
We couldn’t find anything we really liked on the marketplace, so we decided to build our own lightweight container which enables the user experience with key shared services. It’s turning out to be a win for the application developers as well as our infrastructure and operations groups. And it results in a notably better user experience across applications.
What about application development — how are you approaching that?
Well, I think we all realize that mobile application development is somewhat different than traditional enterprise application development. You’re not simply miniaturizing a desktop application, you’re thinking about finger-friendly applications that run natively on the mobile device.
And one thing we’ve learned is that a great user experience is absolutely paramount. People’s patience with mobile apps is incredibly short; they hit any sort of bump and they’re off doing something else.
And of course, we have to always balance the user experience with risk, so we strive for as seamless a model for sensitive data access as possible.
Early on, we created a small design center around mobile technology competencies. Initially, we had high hopes around HTML5, but we’re not waiting for the standard to stabilize – we have been going after more of a hybrid approach to native app development.
Our Mobility Technical Competency Centre team supports anyone interested in building a mobile app — be it a business user, or an IT application developer who needs to build a mobile version of some sort of application. The goal is to slipstream mobile application competencies into our day-to-day application development work so it’s just a normal part of how we do things going forward.
The implication is that you’re embracing iOS and leaving Android and others for later?
We started off saying that we would rather support one platform really well, rather than spread our efforts across multiple user devices. While not everyone is a 100% fan of that approach, it’s what we have been doing, and it’s worked out rather well.
However, the cross-mobile-platform development environment I mentioned allows us to reuse the code base for Android as well. We are doing exactly that for a customer-facing service request app.
You didn’t go for a MEAP — a mobile enterprise application platform?
No, we really didn’t find anything we liked. For one thing, the marketplace is moving very fast, and we’d like to make as few big bets as possible, or at least to delay them as long as we need to. We’re a large enterprise with many hundreds of potential use cases, and we didn’t want to limit our abilities by signing up for a finite and bounded approach.
More importantly, we’ve got our own application integration cloud that we’re using for all enterprise applications going forward, and we really don’t want to have some vendor’s idea of an application architecture impacting what we’re creating for ourselves.
So it seems that we’ve made a great start — what do you think will really drive adoption?
Well, one big driver is our new SAP implementation — we’re using it as one of the cores of our business. We expect that most EMC employees — and, over time, partners and customers — will be interacting with our SAP implementation at least at some level.
We’ve made the decision to think “mobile first”, so we fully expect that most everyone will be interacting with SAP through a mobile device.
Now that the EMC IT team is well down the road, what advice would you offer for others?
The first point might seem obvious, but it needs to be stated anyway: you’ll need to organize for success. When we started, we didn’t have the skills, the team and the organizational structure to make progress. From a modest start, we’ve augmented and enhanced our organizational model as we’ve progressed, but it all centers around having the right model.
Second, we realized our goal was to enable mobility across EMC’s entire ecosystem, and not just stand up a handful of mobile apps. We want to think mobile first and foremost going forward, which means you tend to think in terms of sustainable and scalable platforms and processes vs. specific point technologies and isolated use cases. We also think in terms of the entire “stack” of app use cases, app user experience, security and risk, access, and supporting services.
Third, we realized we had to learn our way into this arena, and that means a healthy incubation period followed by branding your efforts as “beta” for quite a while. We’ll be running as beta for at least three quarters, maybe longer.
And, as I mentioned before, no matter how well you think you’ve got the user experience nailed, you can always do better. That’s turning out to be very important.
We also realize that the broader IT industry is also learning their way into this space. There are very few off-the-shelf approaches we found that met our needs. That’s OK, those will come in time. As I mentioned before, we’re trying to delay any big technology bets in this space as long as we can.
Finally, we’re very mindful of enlisting our users and our business partners as part of the journey. We’re very open and transparent as to what our capabilities are, where the potential problems may be, here’s what we can do now, here’s what we can do later. While I’m sure there are some who’d like to have everything today, we’re getting extremely positive feedback on where we are and where we’ll be before too long.
For example we use our internal social platform (EMC|One) to communicate, get feedback and improve the user support experience. In particular, we’re using our internal Innovation Conference to sponsor a contest to come up with a list of potential “killer apps” for mobile devices. There are literally dozens of great ideas there to go consider, and I’m sure we’ll see more in the future.
If I had to offer a single big thought, it’s that you’re investing in a new way of delivering IT services that people want to consume. It’s not really just about saving money, it’s about delivering new forms of value based on what the technology can now do.
Not only are we excited within IT — it’s a great project to be associated with — but the business is seriously excited as well. We have established great collaborations with the business groups and we’re all changing the traditional way of thinking about applications.
Great work, KK, and a great story. My congratulations to the EMC IT team.
Thanks — it’s been a big effort on the part of a lot of people. And we’re not done yet — not by any stretch of the imagination. But we’re confident that we’ve turned a corner and can plainly see where we’ll be next quarter, and the quarters after that.
It’s very exciting stuff, indeed.