In previous decades there was a mismatch between information technology and its availability, which meant that influential workers only got access to information when they were chained to their desk. Today the CIO has a responsibility to fix that scenario.

Organisations now recognise that the rewards of mobilising the enterprise will be significant, as process efficiencies are made and new opportunities grasped, but those same organisations must learn to realise how complex this will be.

The consumerisation of IT was the catalyst for mass adoption of enterprise mobility. Surrendering to user demands for apps could be fatal, analysts warn, unless you can manage expectations over availability and security. The most obvious case in point being the popularity of file synchronisation and sharing apps, like DropBox, Skydrive and iCloud, which have helped companies to become much more free and easy with their information, which is great for users but a nightmare for compliance conscious CIOs.

One of the most worrying misconceptions about enterprise mobility goes right to the heart of the CIO’s well being. Creating a secure, potent and yet entirely pervasive IT infrastructure is a massive challenge for which the CIO doesn’t seem to reap any perceptible benefits. Why, some may ask, should they take on such an ambitious project if they are not going to get any recognition for it?

Though enterprise mobility can reap huge productivity dividends, the departmental heads who benefit are not the same people who did all the research, made the judgements and took all the risk. “The challenge for CIOs over enterprise mobility is that they are stuck with all the cost and virtually none of the benefit,” says analyst Leif Olof-Wallin, research VP for Gartner.

While the effectiveness of IT might well be appreciated by everyone, even at board level, all the core value is in the business processes. If costs are slashed from the transport and logistics of a retailer, it’s likely that the relevant head of operations will enjoy the benefits and even enjoy the kudos. While one would assume that the board appreciate that the CIO’s efforts have brought about this improvement, assumption is a dangerous game when dealing with assessors with no technical understanding, argues Olof-Wallin.

The key performance indicators for a CIO are usually about how well they manage their IT budgets. But this is not in step with a sophisticated enterprise mobility strategy. So a CIO’s first step might be to re-negotiate their performance indicators. “Mobility creates value by improving efficiency,” says Olof-Wallin. The first step of your mobile app strategy might be to change the criteria for which you seek recognition.

Having said that, some of the broader applications of mobility are harder to measure, so choose your criteria carefully. “What’s the value in giving everyone a mobile onto which they can receive spam,” he says.

The easiest way to mass mobilise the workforce, however, was to give in to consumer demand and accept the bring your own device (BYOD) trend. There are cases of CIOs who managed to hold back the invasion of the Androids and the tablets for as long as 24 months, says Olof-Wallin, but resistance is futile. Eventually, the president or the CEO is likely to ask you to support their handset and from that moment of collapse, the CIO’s mobile application strategy will be compromised. Your only choice will be over how much security violation you can work with, according to Olof-Wallin.

As we shall see later, there is a raft of simple but very useful apps that will become available; whose accumulative effect will boost productivity. The CIO’s first priority, however, should be security apps. You may not get the credit for the efficiency divided that mobility brings, but you will certainly get the blame for violations.

“Controlling mobile apps is a nightmare and can derail any BYOD plan,” says Clive Longbottom, principle analyst with Quocirca. He advises that CIOs start researching virtualisation in anticipation of problems that will inevitably beset all mobile enterprises in the coming years.

“Wherever possible, we advocate using a virtual approach, so the user is not using an app at all, but just holding everything in a virtual environment, accessible via a browser,” says Longbottom. This isn't always possible, particularly as the necessary always-on connection for mobile apps may not be available. In which case, mobile applications will be required. And these will need securing.

“Keep it as simple as possible;” says Longbototm, “that way you will spend less time needing to update the app.” Try and write it in a write once, run anywhere manner too, he advises, so use HTML5 rather than any device specific language. Your most important priority when devising your applications will be your ability to ‘sandbox’ an app running on a tablet - to isolate it from the rest of the device when it’s running corporate apps.  “Sandbox any application from the rest of the device wherever possible, to avoid cross contamination from viruses and malware on the user's own device,” says Longbottom.

Sandboxing also gives greater control over corporate information - that sandboxed area can be bombed if the device is lost or stolen, or if the person leaves the company.

Companies like US-based Box run these sandboxing functions as a cloud service, granting all mobile users access to data for their particular apps, but revokes that access when a device is lost or a employee leaves. “If your sales manager leaves the company, they are no longer able to take all the company secrets away with them,” says Box CEO Aaron Levie.

The Box managed service supports a variety of corporate applications, which run from its own servers. In effect, this means all corporate applications can be extended to any mobile device, which is made safe because the sandboxing process – where a distinct area of a tablet or smartphone is ring fenced for work purposes. Effectively this turns every mobile device into a dumb terminal. This could, if it worked, potentially make all corporate apps run on any gadget, with data completely locked down. Mobile operator O2’s Media division uses Box’s content management security suite to manage apps running on its sales teams iPads.

Meanwhile consumerisation has ushered in a new generation of apps that could save time for execs on everything from dialling into conference calls to using corporate social network services like Tibbr. Matt Quinn, CTO at TIBCO, says some cost savings come from unexpected sources. A simple app that helps him dial in to phone conferences has “been a life saver” because it saves him hours of configuring about when he is on the road.

Every CIO that Quinn meets is faced with the challenge of having to impose ID management as the onslaught of BYOD forces them to reshape their organisation for more tablets. But while they play down their Blackberry Enterprise Servers in favour of a crowd pleasing policy of issuing iPads, they are creating a hole that needs to be filled. A hole in the budget.

“The great thing about the Blackberry was it gave CIOs manageable costs,” says Gartner’s Olof-Wallin. “Some people are going to get a shock when the bill comes for their 120 top roaming executives.”

“Consumerisation of IT certainly changed the dynamics of enterprise mobility,” says Mike Gibson, director of enterprise at Blackberry. It has attempted to fight back by introducing its MDM solution, which provides organisations with one single console to maintain a strong level of management and control over both corporate liable and employee liable devices. But some critics fear the supply of Blackberry is to slow to satisfy voracious consumer demand. So the management advantages of giving users Blackberries will be lost.

Apple’s genius in creating a simple route to market for app developers (via the App store) does mean there will be new services and applications that can fine tune the machinery of the mobile enterprise, says TIBCO’s Quinn, who recommends expenses tracking apps.

It’s not a question of which apps you choose but how you control them, because ultimately there is no enterprise app that cannot technically made mobile. The most important discipline is to question whether you need it, says Olof-Wallin.

For example, there were many mobile broker applications for the financial services industry that, in retrospect, were never going to work. “Which broker suddenly gets inspiration to buy some stocks when they’re walking down the street or sitting in a coffee bar?” he says.

None of these mobile apps got taken up because brokers want to make their buying decisions when surrounded by several giant screens on their desk with tons of market data.

Similarly, mobile apps for one European police force were a complete waste of time, as few cops want to spend more time than is necessary sitting in their car. The only time they took their laptops out the glove compartment were for specific tasks, such as looking up number plates.