Remote control

The rise of the mobile technology is presenting a number of challenges to organisations, particularly in the field of remote device management

  • E-Mail
By  Peter Branton Published  June 4, 2006

|~|66featurebody.jpg|~|IT departments find themselves facing a host of challenges and risks associated mainly with managing and supporting mobile devices.|~|It’s no secret that a growing number of employees are leaving their traditional working space behind and hitting the road. Mobile and wireless technology has enabled enterprises to free their staff from the confines of the office yet remain connected to company resources. Mobile network access technology has become widely prolific —it has even become a fixture in contemporary business life. As the role of knowledge workers and professionals becomes more and more essential to organisations — and as competitive pressure compels companies to improve workforce productivity — mobile work is becoming a crucial element of many companies’ business tactics. When you add to that the fact that prices for mobile technologies are falling, the public is getting used to the sight of “road warriors” — executives checking e-mail on personal digital assistants (PDAs), business travellers connecting to corporate networks from the road and employees accessing company data from their homes. In fact, analyst firm IDC expects the number of worldwide mobile and remote workers to increase to 162 million by the end of the year, while Gartner predicts that as many as two-thirds of the workforce will be considered mobile by 2006. While the concept of accessibility anytime and anywhere allows unprecedented freedom and productivity to companies, enterprise IT departments find themselves facing a host of challenges and risks associated mainly with managing and supporting mobile devices. For one, a standard enterprise remote deployment may include several hundreds or thousands of mobile devices, wireless switches and access points. Such large-scale deployments, which are common in retail, transportation and logistics and manufacturing industries, can make managing these environments cumbersome. The complexities involved can make routine tasks, such as device and network component rollouts, updates and maintenance, and support and problem resolution unduly difficult. Without a centralised remote device management solution, these routine tasks become a barrier to growth and leave the promise of mobility unrealised. Ensuring uniformity of software versions on mobile devices is also one of IT’s biggest headaches. The wrong version of an application on a mobile unit will prevent certain business functions from being performed or create inaccurate results. With remote devices, fault isolation is also complicated and hard to resolve. Common device problem reports, such as slow response time become harder to diagnose as it could, in fact, be the result of many different conditions — an access point (AP) that is overloaded, bad radio frequency (RF) coverage or memory leakage on the device. Perhaps, the biggest concerns among IT managers are the issues surrounding security and accessibility. Wireless solutions are inherently less secure than wired solutions. As a result, security risks are compounded when mobile solutions are scaled across the enterprise. Similarly, wireless connectivity is much more unpredictable than wired, claims Jason Sprayberry, product marketing manager of Digi International, a US-based networking company that provides device connectivity tools for both wired and wireless technology. “One of the challenges that IT managers face is that the types of networks are not consistent. There are different mediums for connecting to remote devices. When you talk about wireless networks, the internet protocol (IP) networks are much less predictable than wired networks,” says Sprayberry. “The existing network management software does not make an assumption that the wired network is predictable. However, when you start managing remote devices across more unpredictable platforms such as wireless networks, their systems are not comprehensive enough to handle the challenges there, such as bandwidth, latency, protocol routing, or just the availability of the connection,” he adds. “To ease the burden of handling various devices, some firms have resorted to locking in one type or brand of mobile devices,” says Ghazi Atallah managing director, service provider, Cisco Systems Middle East. “Corporations are looking to standardise on the devices as well as the security mechanism and the management mechanism that is used for the various devices. We are seeing more and more companies standardising their laptops, standardising the way the security that they provide on their laptops as well as the method of access,” he says. As an example, it is a common practice within Cisco to standardise on a particular brand for its company-issued PDAs, reveals Atallah. “We actually embed on that brand security software that allows us to secure the information on the device because there’s a lot of information that resides on that device as a result of it being able to download e-mail and information from our corporate databases, and also secure the way the connection is supported over the mobile network,” he explains. Intel also standardises on its laptops and other mobility devices, according to Amir Alkaram, Intel’s country manager for Iraq. He says the benefits of standardisation, such as increased productivity, lower operating costs, and — in general — better economies of scale, can be immediately realised within a matter of months. “By minimising the number of configurations you have on your IT side, it becomes more efficient to mobilise your workforce,” Alkaram says. “When you standardise your hardware costs become much lower because the cost of maintaining the goods, keeping parts, having different types of managers or people to maintain different kinds of devices, all that is greatly reduced,” he adds. However, performing remote management on mobile devices, such as PDAs and smartphones, according to Cisco’s Atallah, is much more difficult compared to managing laptops. This is primarily due to the wide variety of mobile devices and standards that exist today. “If your consider laptops, 99% of them are Windows-based and Windows is also common on the desktop. So corporate users can manage desktops and laptops virtually the same way. However, in the mobile space you have a lot of different types of devices — even Windows mobile is somewhat different from Windows laptop or desktop — and you also have different types of operating systems,” says Atallah. Nevertheless, he is optimistic that this situation will change as newer, more advanced, tools become available. “Technology is reaching a point where it will allow you to basically manage mobile devices in the same way that laptops are managed today,” he says. “We see that happening more and more where you can draw a parallel between the desktop and laptop movement and all of the management tools and mobility tools that went along with that to the laptop and PDA movement where also a lot of the management tools and security options are happening,” he continues. “I wouldn’t say today that PDAs are in the same level of sophistication in remote management and security as laptops are, but we can see that happening in the next 24 months,” he adds.||**|||~|Sprayberrymain.jpg|~|Jason Sprayberry of Digi International.|~|To relieve some of the burden of managing disparate remote mobile devices, a band of IT vendors are increasingly offering management solutions that allow IT managers to execute actions such as remotely lock down (or wipe clean) an employee’s device if it is stolen, or update multiple devices with new software or virus patches. HP OpenView was one of the first device management packages, though it has evolved into a much more comprehensive management platform. Other well-known solutions are CA’s NetworkIT and Novell’s ManageWise. Further examples of vendor management suites include 3Com’s Transcend, Cisco’s CiscoWorks line, Enterasys’ NetSight, and Nortel Networks’ Optivity platform. Many security vendors, including Check Point and Enterasys, now offer their own management platforms for monitoring firewalls, virtual private networks(VPNs), and intrusion-detection hardware across your network. Up until recently, finding secure, reliable remote device management solutions has been a difficult process. Attempts to network remote equipment to make it more productive have suffered from limitations in the available infrastructure, as well as high costs. Remote networks are considerably different from local networks. Issues such as network reliability, network protection, IP addressing, and equipment deployment and maintenance have proved to be obstacles to the process. However, recent advances in wireless data networking technology are making it easier for companies to manage their remote assets. Because of reduced wireless airtime prices, expanded network coverage, and increased network speed and reliability, wireless data solutions for remote device management are now available. In addition, advances have been made in the technology used for the wireless modems and gateways that enable remote monitoring. Wireless hardware and software gateway solutions have been introduced that utilise cellular networks. In combination, these bring several advantages. “For one thing, network administrators and service personnel can perform out-of-band management on routers, firewalls and servers. Several challenges can now be addressed, including network reliability, network protection, firewall traversal, IP addressing, equipment maintenance and device deployment, configuration, updates, maintenance and replacement,” says Sprayberry. “Enterprise-class remote device management to groups of remote IP devices can now be achieved. In essence, wireless networks can now be made more ‘wire-like’,” he adds. Remote management solutions centralise the monitoring and troubleshooting of your entire infrastructure. They automate tasks that used to require staff to walk around to individual systems and network hardware. They also gather and store inventory, performance, and other information and use it to generate valuable reports that help you diagnose trouble spots, plan upgrades and new functions, and pitch new projects to upper management. The foremost advantage to using remote management solutions is saved time and manpower. A majority of the time formerly spent walking around implementing upgrades, troubleshooting systems and their users, and keeping your hardware inventory and other records up-to-date is suddenly eliminated. Other advantages include an increased ability to delegate management and other tasks to less skilled personnel, as much of the work is automated and automatically kept up to date. In addition, remote management packages are great at detecting potentially big problems while they are still small problems and may not be detectable by the user or the manager's eye. Enterprises that are looking at investing in a remote device management tool need to consider several key factors before deciding what to purchase. When planning a remote deployment, be sure to shop around for a management system that best suits your environment and complies with all your users’ application requirements. “Remote management is not only about getting an alarm. It is also important to consider the architecture of the network, the architecture of what you are allowing your remote users and your remote devices in terms of security, in terms of profile, and in terms of accessibility to the network,” says Mohamad Abdul-Malak, managing director, Juniper Networks MEA. Before you begin looking at the different tools on offer, it is important for companies to first assess their resources and their existing capabilities to manage remote mobile devices, Abdul-Malak advises. “One of the most important parts is to understand your capability as a company or as an IT manager. Finding the right remote device management tool involves a combination of factors. Basically you have to understand your environment, and you have to understand the users and the devices you have," he says. "It is also essential that you understand what kind of remote management you wish to have and the goals and objectives you want your device management tool to achieve,” he explains. In general, there are some basic guidelines or attributes that you need to look for in a remote device management software. These include inventory management, software management, security management, configuration management, license management, remote control and data management. Considered a basic feature, inventory management is the ability of a mobile device management solution to automatically keep track of the number and type of mobile devices used at the company. This helps to properly plan support staffing and to analyse the effectiveness of the mobile solution. Furthermore, features that identify usage levels of various applications are beneficial when allocating funding for supporting the different applications. “Tracking hardware is a very simplistic part of remote device management,” says Atallah. “Tracking assets is fairly simple to do. You track serial numbers and put them on a database and make sure that you are able to allocate an entry for that device into your network," he continues. "The actual remote mobile device management you want to get is something more sophisticated where you want to start looking at security, at the software that you put on the device, and at the features that allow it to be more manageable, more uniform and also to allow users to almost have the same kind of look and feel as you would have in a laptop,” he adds. Software management is an important criterion because it means you do not have to rely on users to install new software as it becomes available. At the same time, the impracticality of bringing in hundreds of mobile devices to one central location for software updates is no longer an issue. Likewise, you cannot rely on users to properly configure mobile devices with settings that comply with your organisation’s security and data-usage policies, hence configuration management is also a necessary factor. Remote control is helpful when a user needs IT support to help them through a particular problem. From a central location, an IT person can remotely take control of the user device and install software patches, make corrective settings, and troubleshoot the device. To recover from lost, stolen or broken user devices, a firm must keep a central repository of application and user data. That way the data is not lost and the user can start up faster with a new device right where he left off. Finally, with mobile devices, security requires special attention. The mobile management solution that you choose should include up-to-date methods for detecting and eliminating viruses on user devices. Also, device-wiping functions, which can purposely destroy data and application software on mobile devices, are important to safeguard sensitive information if the device is lost or stolen. On top of that, Sprayberry believes that a good remote device management tool should be able to anticipate the challenges associated with wireless network. “It needs to have features like dynamic domain name server (DNS) or the ability to act as a simple network management protocol (SNMP) proxy. It should include the ability to have standard functions that would normally apply to wired networks but are not easily applied to wireless networks,” Sprayberry advises. “For example, with our software we know that some IP addresses are not reachable, you can’t get there, it’s a private IP address. So, our products are smart enough that they initiate the connection back to the management software, so anticipating how to connect to devices that don’t have routable IP addresses would be a concern,” Sprayberry goes on to add. Aside from installing a remote device management software, the tool alone is not enough to limit security risks. A comprehensive security policy must be defined and put in place, and IT departments must now take on a much more active role in provisioning, supporting, and managing these devices. Unmanaged mobile devices represent one of the most serious and often overlooked security threats to the enterprise. The proliferation of laptops, PDAs, and other mobile devices in the enterprise, coupled with the explosion of wireless connectivity options, has led to significant support issues and security risks. Mobile devices are vulnerable to theft and loss, with most companies budgeting for a 20% or higher loss and failure rate for PDAs. Additionally, mobile devices can introduce viruses or worms to the corporate network. Securing remote devices is a complex task that gets even more complicated due to the very nature of the environment in which these devices are used. Mobile devices are often outside of the enterprise network. The devices may connect over unsecured networks, or reside in a disconnected state where they can't easily be touched by management tools. At the same time, PDA operating systems are not designed with enterprise support in mind. The devices are difficult or impossible to upgrade, and relatively few security patches are released for the major mobile device platforms. But the most difficult aspect of mobile security to control is user access and behaviour. Often, users bring in their own devices without informing the IT department, and connect it to their office PCs using desktop synchronisation tools. This makes it easy for users to load potentially sensitive information on to devices. Even if the company has policies regarding mobile device usage, users often have a significant degree of control over what data and files are carried on mobile devices, including laptops, PDAs, and USB drives. Companies should base decisions about mobile security on overall risks to the enterprise, rather than simply a perceived need for security. Clear deployment and usage policies, coupled with user training on security and an annual review of the company's mobile security policies, can help companies make intelligent investment decisions and limit risks. Finding the balance between accessibility and productivity requirements and the level of security that needs to be imposed is also critical. “You can define different levels of security for your users depending on the type or profile of the users you have, the accessibility they require, and the sensitivity of data that they can access in their mobile devices,” says Ayman Mazoub, general manager, PointSec Middle East. “It really does relate to the type of data that remote workers actually take on their mobile devices,” he continues. “So, what we do is look at the types of people that are accessing the data and the kind of data,” he adds. “If the data is extremely confidential then you have to take it up to the maximum level of security. If the data is somewhat confidential but not essential then you can actually put the lowest level of security. The way to look at it is what type of data the user is using, what type of information he has on his PDA, what type of information he is pulling and how sensitive the information is, and accordingly the security level would be set,” explains Mazoub. “You need always to balance between what you want to achieve against the return,” agrees Abdul-Malak. “Different organisations will have different strategies. Some of them, if you are talking about financial transactions, security is their number one priority. If you are talking about logistics environment, accessibility and usability of the network comes first. Each organisation will have different criteria for the remote management, you cannot treat all remote devices and all mobile users the same way,” he adds. As mobile and remote computing becomes more sophisticated, companies anticipate new challenges and more complications related to managing devices. Alkaram urges enterprises not to think of technology advancement as a hindrance but as an enabler to do more and to do things much better. “The higher the capability of the device, the more you can do with it. You can control it easier, you can manage it easier. Just like any business you have to really take a good look on the overall things. Make sure you have the proper tools to manage it. You need to have a balanced approach with your decisions,” Alkaram advises.||**||

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code