Enterprise mobility and trends like bring your own device (BYOD) aren’t just hot topics of conversation. According to the over 1,600 IT and security professionals we surveyed, mobility is a top priority for most IT departments. Unfortunately, there is a critical gap between the vision these IT leaders have for enterprise mobility and the real-world implementations.
Gain insight into how organisations from around the world share many of the same priorities, challenges and risks.
Enterprise Mobility! Survey Report - UK A critical gap exists between the enterprise mobility vision and real-world implementations introduction Enterprise mobility and trends like bring your own device (BYOD) aren't just hot topics of conversation. According to the over 1,600 IT and security professionals we surveyed, mobility is a top priority for most IT departments. Unfortunately, there is a critical gap between the vision these IT leaders have for enterprise mobility and the real-world implementations. The insights gathered from IT professionals spanning the Americas, Asia Pacific, Europe, the Middle East, and Africa demonstrate that organisations from around the world share many of the same priorities, challenges and risks. This report analyses the UK survey findings Executive Brief vision vs execution A critical gap exists between the enterprise mobility vision and real-world implementations An IT roadmap that integrates with an organisation's operational goals and its existing IT infrastructure - one that provides for necessary resources and budget and also highlights potentia challenges - makes the difference between a successfu implementation and being derailed by unforeseen problems. This is especially true when it comes to mobility, which is particularly complex and touches most parts of an organisation's network nfrastructure. For this reason, it isn't surprising that of the 79% of respondents globally who classify mobility as a business priority, 69% already have a roadmap in place Similarly, of the 75% of IT respondents in the UK who classify mobility as a priority, 65% have a roadmap in place What is surprising however, is that two critical issues are not being addressed by a vast majority of those who are implementing a strategic mobility roadmap. Globally, only 29% of those who are implementing their roadmap have tested how well their core applications work on mobile devices and only 32% have conducted a security audit of applications touched by mobile devices - even though 71 % of them named data security as their greatest mobility-related concern. In the UK, only 25% of those who are implementing their roadmap have tested how well their core applications work on mobile devices and only 30% have conducted a security audit of applications touched by mobile devices 'Devices must be configured and managed with information assurance controls commensurate with the sensitivity of the underlying data as part of an overall risk management framework/ Respondent: IT manager - Large grocery store chain 75% UK respondent analysis Ranked mobility high/mid priority Do not have mobility roadmap 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% Testing how well core applications work on mobiles devices and conducting security audits of these applications are critical building blocks for a successful mobility rollout. Without taking these steps, IT departments will most likely deliver sub-optimal end-user experiences that will inhibit adoption - and as importantly, they will miss out on the chance to proactively identify and solve security challenges before they become threats. It is clear that mobility is a top priority for IT and that most IT departments have a clear vision of the role mobility can and will play in their organisation. Overall, they see both the opportunities and the risks. That said, responses to the survey point to a gap between that overall vision and the likely real-world outcomes organisations will face - given that a number of crucial initial steps that can ultimately save time, reduce costs, and most importantly, ensure security - are typically not taking place. Secure Mobility Survey Findings concern outweighs action There is critical underinvestment in security overall. 82% of global respondents indicated that employees at their organisations are utilising personal mobile devices for work purposes. Interestingly, only 49% of UK respondents enable employees to utilise their personal mobile devices for work purposes and 29% of UK respondents are not even tracking this. Surprisingly, 78% of UK respondents agreed with this statement, 'Employees use their devices to access our systems on their own. It is nearly impossible to stop. We need to establish clear policies to ncrease control, improve visibility and decrease risk.' Analysts advocate that organisations must have a clear mobility strategy that ensures mobile technology is an investment that works hard to deliver business value and meet the demands of an ncreasingly mobile workforce. To some extent, UK organisations are starting to listen to the analyst community because today, 53% of the UK respondents have a mobility roadmap of some kind But the findings of this survey also indicate that many of those organisations that have designed and are implementing a mobility strategy haven't followed further analyst advice which is to make time to determine precise mobility requirements and identify IT policies required to control deployments, manage risks and support users before they deploy. Given that employees will most likely use their personal mobile devices for work, the importance of data security and privacy concerns are not lost on IT leaders in the UK. Information security and privacy concerns ranked number one as the greatest challenge they expect to face when they build and implement their mobility strategy The concerns of these IT leaders reflect the real-world findings of Dimension Data's most recent Network Barometer Report. The report is based on data collected on devices throughout the infrastructures of over 300 leading enterprise-class networks. This is not an opinion-based analysis; it's the data recorded directly from the devices themselves. The 2013 report discovered that 67% of all devices, all of which are on mature networks, carry at least one known security vulnerability -which adds an increasing amount of complexity and opportunity for intrusion. It's not surprising to learn then that only 18% of UK respondents feel that they have well-defined network policies in place for mobility 'Employees use their devices to access our systems on their own. It is nearly impossible to stop. We need to establish clear policies to increase control, improve visibility and decrease risk.' Over 78% of UK respondents agreed with this statement. 'But, only 18% of these respondents indicated they have well-defined network policies around mobility overall.' 2 Executive Brief knowing where to start Given the security issues found on the vast majority of devices within mature networks, IT leaders are correct to be concerned about data security and access control issues relating to mobility The importance of protecting company data is a top mobility priority for 75% of UK respondents, while 61 % identified access control as another important priority What is surprising, given the extent to which they recognise the risk, is that the area where IT leaders have the greatest amount of control - conducting security audits of applications touched by mobile devices - has not been a priority. Only 30% of UK respondents have taken that step According to Dimension Data's Tim Boyd, 'As organisations have seen a steep rise in the number of employee owned devices requesting access to network resources, it can be difficult to know where to start. Securing critical data and your infrastructure is not just a "I want to get my iPad on the network" problem. One must look at the greater scope of enterprise mobility and consider many facets including security policy, risk assessment, costs of operationa support, and the effects on application service delivery and employee productivity. Ultimately the business case must establish a balance that maximizes the utility of a company's resources for each of the stakeholders involved.' UK respondent analysis h some stage of mobility roadmap Completed inventory of applications to test how well they work on mobile devices Completed security assessment of key applications touched by mobile devices 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% 3 Secure Mobility Survey Findings productivity, the user experience and security Real-world employee productivity improvements, user experience and security are not meeting expectations. Over 78% of UK respondents believe that employees will use their personal mobile devices to access enterprise systems on their own and that IT does not have the capability necessary to stop this activity IT leaders believe clear policies are needed to increase control, improve visibility and decrease risk. 'A usage policy needs to have clear, precise statements about the rights and duties of both the employeeand employer regarding ownership, access and data removal of BYOD.' Respondent: Independent security specialist However, 93% of UK respondents also seek to create a positive mobility experience for employees to help increase productivity. To a large extent, employee experience is important to IT leaders because 84% of them recognise that an increase in worker productivity is the greatest benefit offered by mobility Tim Boyd adds, 'When compounded, the benefits of an efficient and open enterprise mobility strategy that has adequately addressed business policy and limited risks, yields a much more competitive, profitable, and agile organisation.' IT leaders don't only view increased productivity in terms of gaining better utilisation of existing resources. Mobility isn't just about enabling employees to do more work, faster than before A majority of IT leaders want to embrace mobility to enable workers to resolve client issues more quickly and increase overal client satisfaction In the UK, custom built applications, web collaboration tools and nstant messaging have been optimised the most at 46%, 31 % and 29% respectively. However 40% of respondents indicated that employees are unable to access all the core applications they need to perform their job functions from their mobile devices Furthermore, although 53% of corporate headquarters in the UK are optimised for mobility, the intranet is only optimised for 18% of those organisations Much of the focus on mobility strategy and implementation seems to relate to internal communication: individuals are better able to communicate with each other and take meetings using their mobile devices, but the ability to have access to the applications needed for decision-making and to collaborate effectively are not enough of a priority to have a substantia impact on employee productivity or business agility. It's good that people can access a corporate phone book, respond to email, and make use of WebEx using their mobile device. However, without optimised access to their business applications, people are still deskbound for any work that requires mission-critical data and analytics that can transform an impromptu discussion into a hands-on workshop or a negotiation that closes a deal 4 Executive Brief non-corporate applications and user support UK respondent analysis Indicate that users are unable to access critical applications to perform job function using personal mobile devices 84% Want to increase worker productivity 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% Perhaps because of the limited investment that inhibits employees from accessing the business-critical applications needed to perform their job functions, 32% of UK respondents indicate that their organisation allows them to download non- corporate applications to increase productivity This is another example of where the gap between the overall vision and the way in which it's typically executed makes it difficult for organisations to achieve their goal - while at the same time creating new and often undetectable security vulnerabilities. Overall, organisations want to increase employee productivity nstead of focusing on enabling workers to take full advantage of corporate-approved applications with their mobile devices, a large number of organisations are allowing workers to select applications on which they may place corporate information It goes without saying that an organisation should be aware of the applications that are on the network and that are accessible via mobile devices. This helps organisations monitor user adoption of mobile enterprise applications, track new applications coming into the enterprise and identify when rogue applications are introduced into the system. Although this is a vision with which most everyone would agree, analyst reports indicate that enterprises are more often than not, aware of only 80% of the devices on their network. Worse, those unknown devices inside the perimeter of the network are unmanaged and provide users with access for which they may not be authorised Surprisingly, 49% of UK respondents state that non-employees and guests are able to obtain limited access to the network for their personal mobile devices Given the difficulty of identifying new applications placed on the network, non-employee and guest access to the network increases the importance of making sure that security experts are intimately involved in the development of an organisation's mobility strategy. When new technology enters the corporate environment and is used by workers daily, the level of support given to employees becomes a critical issue for adoption. Also, if support is limited - particularly if the procedures and processes for providing that support are not fully defined - it can take IT service staff longer than usual to solve end-user issues which will create a backlog of issues to solve. In the case of mobility, dedicated support resources seem to be an afterthought - which is remarkable given the level of mobile devices being used by employees today. Only 42% of UK respondents have addressed troubleshooting mobility at all - either with a pre-existing help desk that is meant to support all issues or a specialised resolution team According to Boyd, 'We've seen that adoption of an enterprise- wide mobility strategy often stalls as organisations consider the daunting task of providing support and the added cost associated. Often, internal support for personal mobile devices is skipped entirely exposing the enterprise to a host of risks as employees, and even business units, provision their own services to support their productivity. Enlisting the powerful tools available for mobile application management, mobile expense management and mobile device management can significantly lower the burden and costs of support and troubleshooting related challenges. When coupled with employee education, training and awareness based on a foundation of effective security policy, supporting a sound Enterprise Mobility program is well within reach.' 5 Secure Mobility Survey Findings mobility and security from the top down Understanding the opportunity and the real risk The threat to an organisation's proprietary information is certainly foremost in the minds of IT and security leaders: Interestingly, although 71 % of global respondents indicated that their business leaders view employee utilisation of personal mobile devices as potentially dangerous, costly and not business critical, this statistic is only 19% in the UK 'For most business, it's not case of if, but when personal mobile Boyd. 'As an increasingly more technology aligned workforce evolves, the effective and seamless use of personal mobile devices will help both attract and retain top talent. As a bi-product of staying ahead of the enterprise mobility curve, companies are quickly coming to realise that empowering the mobile worker pays dividends in terms of worker productivity and efficiency Efficient anywhere, always-on access between your employees, partners, clients, and suppliers keeps today's high-performance enterprises ahead of their competition.' When asked about the level of agreement to the following statement, Security risks generated by BYOD are understood by IT, but not business leaders', 75% of UK respondents agreed with this statement Business leaders don't understand the risk associated with BYOD. Furthermore, the extent and depth of the risk has not adequately been measured against business policy because many organisations have yet to evaluate the impact of mobility beyond the device. Having rouge, nadequately protected, and unknown devices on the network is really just a slice of the risk landscape. Organisations must also consider their server and application infrastructures as users, data, and devices traverse the network, along with data protection against, left, loss, or corruption. Not considering the entire enterprise mobility landscape has led to an assumption of risk that is often grossly miscalculated, leaving organisation exposed to financial and reputational threats' explains Boyd 'Only 40% of UK respondents indicated that employees are unable to access all the core applications they need to perform their job functions from their mobile devices.' 17% of UK respondents (42% globally) think it is important to engage IT to deter email and network access via mobile devices, and 31% wrote that security related policy is the most important policy a company should put in place. On the one hand, there is considerable concern regarding security. On the other, there is an equally strong belief that mobile devices have the potential to substantially increase worker productivity. As a result of this tension, the majority of organisations have mobility roadmaps but at the same time, very few organisations are dedicating the kind of resources that are necessary to fully enable users to leverage existing business applications in ways that substantially increase productivity. Also, very few organisations are conducting appropriate application testing, or making mobile infrastructure design decisions - making then even more vulnerable than they may realise A mobility roadmap that governs how users access corporate data and applications is necessary to safeguard the network, protect company materials and optimise corporate applications to help employees get the best benefit of mobility. For those organisations choosing not to support or acknowledge employees using personal devices to access the network, having a well-defined network policy for mobility is imperative Having a support team to mitigate issues and making sure that guest and non-employee have access to the network are just some of the important steps organisations need to be thinking about and addressing Once mobility is integrated into an organisation, employees' ability to access the tools they need to do their jobs anywhere and at any time will be a benefit to both the company and its employees. Sales teams in the field, employees with flexible work schedules, and mobile workforces - as well as many other areas of the business - will have enhanced capabilities and improved work-life balance 6 About Dimension Data Founded in 1983, Dimension Data pic is an ICT services and solutions provider that uses its technology expertise, global service delivery capability and entrepreneurial spirit to accelerate the business ambitions of its clients. Dimension Data is a member of the NTT Group Middle East & Africa Algeria - Angola Botswana * Congo * Burundi Democratic Republic of the Congo Gabon * Ghana * Kenya Malawi • Mauritius • Morocco Mozambique - Namibia - Nigeria Oman - Rwanda - Saudi Arabia South Africa Tanzania - Uganda United Arab Emirates - Zambia China * Hong Kong India • Indonesia • Japan Korea - Malaysia New Zealand - Philippines Singapore • Taiwan Thailand * Vietnam Australian Capital Territory New South Wales • Queensland South Australia - Victoria Western Australia Europe Belgium - Czech Republic France * Germany Italy - Luxembourg Netherlands - Spain Switzerland • United Kingdom Brazil - Canada - Chile Mexico * United States For contact details in your region please visit www.dimensiondata.com/globalpresence www.dimensiondata.com