Use MMS provider service desks to boost your enterprise mobility and BYOD initiatives

Photo by Marjan Grabowski on Unsplash

Service desks play an intricate role in a company on a day-to-day basis. Providing your employees with the best help desk services from your managed mobility services (MMS) provider can lessen internal issues and improve employee productivity.

Here are some considerations for your mobility provider’s service desk:

Solution provider service desks and your employees

TechTarget notes that because of their mobility expertise, your users can come to your provider’s service desk for a full range of support services, including mobile device acquisition, provisioning and end-of-life services for smartphones, tablets and ruggedized devices.

Your provider will escalate user issues and requests as necessary to the appropriate service tier, such as the following:

  • Tier 0 for self-service web portals
  • Tier 1 with a 24/7, 365-day service desk for how to questions and issue resolution
  • Tier 2 with escalated support beyond the skills and expertise of Tier 1
  • Tier 3 acting as an escalation point for Tier 2 issues

The help desk should provide your company with weekly or monthly reporting about help desk issues, resolutions and trends. Such reporting is one way to ensure your MMS provider is meeting your service-level agreement. Like with any other managed services provider, details of the reporting and SLA are standard parts of the contract negotiations. The help desk can also play an integral role in the development and management of your BYOD policies, so don’t forget to invite team members to your corporate BYOD initiative.

Enterprise mobility — let alone mobile security — is challenging to track for many people. Your provider’s help desk can serve as a direct liaison between your mobile carrier and your users. The VAR Guy notes your provider can assist with the billing issues that can occur when your company is running a growing number of devices that suck down data and minutes, not to mention roaming. MMS provider expertise also extends to putting in the tools and processes to manage your mobile expenses to reduce billing issues.

Benefits of MMS provider help desk services

The following are some benefits of using an MMS provider:

  • Access to mobile security expertise the average company can’t bring in-house because of fluctuating workloads, budget constraints or the tight market for mobile security expertise
  • Insights into enterprise mobility and BYOD best practices
  • Wireless network troubleshooting
  • Hardware troubleshooting and lost or stolen device assistance
  • Knowledge base of help content often available through a self-service portal for users
  • Incident support coordination with enterprise mobility management and other security providers
  • Automation of mobile operating system and app updates

Ultimately, the MMS provider service desk plays a major role in enterprise mobility and BYOD because it’s on the front line, serving users through all facets of the enterprise mobility life.


This post originally appeared on Mobile Business Insights on August 30, 2017. The site is no longer in publication.


My name is Will Kelly. I’m a technical writer and content strategist based in the Washington, DC area. I’ve written for corporations and technology publications about such topics as cloud computing, DevOps, and enterprise mobility. Follow me on Twitter: @willkelly

How to select the right hybrid integration platform for your mobile app strategy

Photo by NESA by Makers on Unsplash

Your mobile app strategy should play a part in selecting the right integration platform to support your digital transformation. It’s about aligning your platform requirements — and in turn digital transformation — with your current and future mobile workforce. Here’s how to evaluate your current and forthcoming needs and the steps to take for a more seamless platform integration.

Evaluating a platform

According to TechTarget, you should keep elasticity at the top of your integration requirements. This allows you to shrink or expand your development platform to fit your organization’s requirements. Whether it’s starting small and building out as part of a digital transformation or accommodating seasonal surges, elasticity means paying only for the capacity you use.

Evaluating an integration platform to support your mobile app strategy needs to be a team activity — you don’t want the IT department to handle it alone. Here are some examples of how to bring in teams to support an evaluation:

  • Business users such as analysts and other knowledge workers can evaluate no-code or low-code solutions in the platform. Better yet, get them live on an evaluation to put together some mobile apps that link back to their team’s data.
  • Developers can evaluate the API and other development tools available as part of the platform.
  • Cybersecurity experts from your security team can evaluate the security features of the platform.
  • System administrators can evaluate the monitoring and management tools of the platform.

Mobility at its core is fluid, so supporting a mobile app strategy means having an agile platform. If your organization is moving from more traditional platforms, having elasticity and a holistic evaluation from a cross-functional team is necessary to give you the best feedback.

Introducing integration platforms into back-end processes

Going mobile-first or introducing bring your own device (BYOD) into your enterprise represents a fundamental shift in how your business users and knowledge workers perform their daily jobs. Part of that shift is migrating some or all of your legacy applications to the cloud in a secure manner so that your back-end processes won’t skip a beat.

Some of these back-end processes might be well-documented with employee training backing them up. However, you might also find back-end processes that are part of a department’s oral history where the steps are passed down from employee to employee. Then again, you might uncover back-end processes that employees keep to themselves for reasons of job security or because their managers and coworkers never bothered asking about them.

Once you get a grasp as to what back-end processes you are enabling for mobile, choose a small departmental-level process — especially one that gets you an enthused participant in your integration. The last part is important because you want to foster a champion for your integration as part of a next-generation business process.

Work with the department stakeholders to redesign their back-end process for mobile. For example, if you select a form-driven process, your redesign will need to capture the steps of the process and how to redesign it for cloud and mobile.

While you redesign your first legacy app, you should also examine the back-end technologies that power it. The integration platform will offer new front-end development tools and user experience (UX) that will enable your developers to build next-generation mobile apps that tie into your back-end data.

Fitting an integration platform into your mobile strategy

The best way to fit in a new platform is when you are first authoring your organization’s mobile strategy. However, because you often don’t or won’t have that luxury, you’ll instead be updating your strategy.

Integration can be key to your time to market and ability to innovate, according to SIIA. Time to market isn’t just for external mobile apps anymore. Those same principles still apply to releasing internal apps to your own business users. When you are introducing an integration platform to mobilize one of your back-end processes, you have a powerful tool to wrangle business users’ attention — if you can rapidly iterate on mobile apps to meet their requirements, integrate feedback from internal pilot projects and bring along your internal users.

Mobile app strategy and platform synergy

Your mobile strategy isn’t meant to be an extension of your new or existing online strategy. That translates into building mobile apps with your platform of choice to provide a more intimate experience for users than just another website, according to Business 2 Community.

Today’s integration solutions — in particular, rapid mobile app development (RMAD) and low- or no-code solutions — enable developers and sometimes even empower users to create mobile apps with low-code tools. This means it’s even more important for your strategy to map out guidelines for mobile app development so these new citizen developers make full use of the platform.

Selecting the integration platform that fits best with your mobile strategy means a selection process and perhaps pilots and proofs of concepts. It ends with updating your mobile strategy to ensure your new platform is best positioned to serve your enterprise.


This post originally appeared on Mobile Business Insights on June 5, 2018. The site is no longer in publication.


My name is Will Kelly. I’m a technical writer and content strategist based in the Washington, DC area. I’ve written for corporations and technology publications about such topics as cloud computing, DevOps, and enterprise mobility. Follow me on Twitter: @willkelly

How to ensure mobile app security through teamwork, processes and training

Photo by Benjamin Dada on Unsplash

Improving mobile app security is key to keeping your company’s data secure inside and outside the office. Making such improvements requires the work of multiple teams including app developers, IT security and business users.

Here are some tips to improve and optimize your mobile app security:

Send your developers to app security training

Lifewire notes one fundamental investment you should make to improve your organization’s app security is sending your developers to security training that covers secure app development practices. Your development team can then create security strategies and processes as part of your app development lifecycle.

If you rely on citizen developers with low-code tools to develop your mobile apps, you’ll need to deliver security training to them as well. Work with your IT security team to set up mentoring and training around app security. You should also check with your low-code tools vendor to review its security documentation and see whether it offers any security training.

Bake security into your development process

Today, mobile app security starts on the first day of development. Back in the day, QA testers and the security team didn’t worry about testing app security until the final stretch before release. New realities of agile development, DevOps and employees’ desire to have a more consumer-friendly app store experience have changed the way teams develop, test and deploy mobile apps.

According to CSO, it also requires the right skills and tools to develop and secure a mobile minimum viable app, which has the potential to lower the attack surface against your corporate-developed apps.

The following are other ways to bake in mobile app security from the very beginning of a project:

  • Make app security considerations nonfunctional requirements
  • Conduct a threat modeling analysis
  • Write user stories full of enterprise and OS specifics

Use mobile application management and an enterprise app store

Mobile application management (MAM) needs to be in place to secure all the mobile apps across your corporate devices. MAM should also serve corporate-approved apps for bring-your-own-device (BYOD) initiatives.

There should be a curated enterprise app store at the end of your DevOps toolchain to serve up the latest versions of your corporate mobile apps. Today, MAM solutions and enterprise app stores will let you set priority-based rules for app updates across your user community so you can respond to routine updates and, more importantly, critical patches. You also want to set policies to let you erase selected apps from a corporate mobile device.

Protect app data in transit and at rest

There’s a risk whenever your mobile app exposes data in transit across the internet, your network or at rest. Typically, enterprises secure data in transit using encrypted connections such as HTTPS, SSL or FTPS for protection. Data at rest resides in encrypted storage on the mobile device. You should set data encryption on devices through your enterprise mobility management solution.

Lock down your mobile endpoints

Implementing cloud-based mobile endpoint security may not be considered a mobile app security measure, but it does detect malicious behavior in applications. The behavior might come from man-in-the-middle attacks, side-loaded applications or other risky behaviors.

Use SSO for app authentication

Chances are, your corporate mobile apps open up access to all sorts of confidential and proprietary information. As such, you need a single sign-on (SSO) authentication solution to secure employee access to your apps.

Harden your mobile operating systems

Your security team should be conducting periodic reviews of your mobile operating systems as part of your mobile security strategy. The review should include the vendor’s operating system, application programming interface and security documentation.

Medium to large businesses, government agencies and higher-education institutions should consider creating their own checklists for hardening mobile operating systems.

PC Authority reports hardening Android security includes the following tasks:

  • Restricting the side-loading of apps
  • Using encryption
  • Setting granular app permissions
  • Using a virtual private network
  • Installing security software

Your security and app development teams should review any documentation your mobile device vendor has that covers best practices for hardening operating systems.

Developing true app security at your enterprise is possible, but it takes collaboration with many groups across the organization.


This post originally appeared on Mobile Business Insights on October 3, 2017. The site is no longer in publication.


My name is Will Kelly. I’m a technical writer and content strategist based in the Washington, DC area. I’ve written for corporations and technology publications about such topics as cloud computing, DevOps, and enterprise mobility. Follow me on Twitter: @willkelly

Government technology: Mobile transformation for the federal government

Photo by Maria Oswalt on Unsplash

Mobility is becoming the backbone of enterprise technology. Unfortunately, the same can’t be said about mobility in government technology. Yet the federal government could benefit from more efficient management through mobile transformation.

Imagine government agencies with mobile-enabled workers accessing real-time data from devices to better serve taxpayers. A mobile government means a better emergency response due to better access to real-time data. It also means improved continuity of operations during winter storms and power outages, when federal workers would have difficulty getting into their offices.

Mobile transformation at the speed of government

It helps to look at each federal government agency as an independent institution with its own mission. Civilian agencies such as the Securities and Exchange Commission (SEC) and the Internal Revenue Service (IRS) are prime candidates for going mobile because they have large field workforces and regional offices. Since they both have enforcement arms, access to real-time data and applications can help agents make better enforcement decisions in the field.

The Department of Defense (DoD) is home to mobility initiatives inside the Pentagon, according to Federal News Radio. The Defense Information Systems Agency — the DoD’s IT department — has an enterprise app store that serves as a hub for DoD mobile apps. There’s also information about the Defense Mobility Unclassified Capability, which provides commercial-grade mobile devices with secure business tools for the department’s servicepeople and civilian employees.

Service branches such as the US Army are developing mobile training apps for soldiers’ devices. According to Interference Technology, the Navy is using a suite of eSailor apps to train sailors. These apps can reach prospective recruits who grew up as part of the smartphone generation, and they can reinforce what service people have learned in class while they’re deployed.

Government technology acquisition cycles run much longer than commercial procurements, and they can’t keep pace with the evolving mobility market. However, it’s safe to expect procurement changes: Agencies are experimenting with outcome-based procurements from 18F, an organization charged with improving the government experience. After the procurement changes, agile development and DevOps will likely grow, and custom mobile apps will become standard as agencies deliver apps as quickly as consumer developers.

The future of mobile government

The White House’s Cybersecurity Executive Order could help increase the pace of mobile transformation. The order mandates strengthening federal cybersecurity through cloud-based services and infrastructure. The strengthened cybersecurity measures should result in updated security tools, including two-factor authentication and derived credentials.

The Department of Homeland Security (DHS) is a bright spot in the government’s mobile transformation thanks to its mobile security work. According to GCN, the agency has made a significant investment in app security and released an important study about mobile device security. DHS efforts could bolster the case for more government agencies to go mobile.

Another factor in the government going mobile is employee telework. The General Services Administration has approved over 90 percent of its roles for telework, according to GovTechWorks. Unscheduled telework is a frequent message on radio and TV around the Washington, DC, area when it snows, raising even an infrequent need for mobile device access.

While the federal government is currently behind the times, its mobile transformation will continue as the cloud becomes even more of an IT standard across government agencies.


This post originally appeared on Mobile Business Insights on November 14, 2017. The site is no longer in publication.


My name is Will Kelly. I’m a technical writer and content strategist based in the Washington, DC area. I’ve written for corporations and technology publications about such topics as cloud computing, DevOps, and enterprise mobility. Follow me on Twitter: @willkelly

Mobile device management (MDM) strategies for healthcare organizations

Photo by rawpixel.com from Pexels

The value of customer data is a top priority for any enterprise. Patient health information (PHI) carries higher security stakes, requiring mobile device management (MDM) and accompanying strategies to secure this high-value information and ensure patient privacy.

Mobile strategies for HIPAA compliance

When users access PHI using an unsecured device, they are violating the Health Insurance Portability and Accountability Act of 1996, better known as HIPAA, according to HIT Infrastructure. Such violations bring costly fines and lots of bad press.

Further complicating the issue, doctors and other professionals accessing the data may not even be employees of the hospital where they are providing patient care. IT must prepare for this BYOD scenario. Creating BYOD policies for healthcare organizations requires:

  • Defining cases for acceptable use
  • Detailing privacy and data ownership expectations
  • Approving devices and device provisioning
  • Crafting security policies for BYOD devices
  • Evaluating risks and liabilities

It’s possible to bring mobile devices into HIPAA compliance by developing an MDM or enterprise mobility management (EMM) strategy and implementing the appropriate security policies to secure PHI and institution-owned or BYOD devices. Achieving such compliance may require bringing in a third-party professional services firm that specializes in mobility compliance. You should also be working with your outside auditor at every step of your mobile device rollout.

HIPAA compliance also extends to texting, group chat and instant messaging within a healthcare enterprise. There’s a growing list of HIPAA-compliant messaging solutions that target healthcare enterprises. Client apps for these solutions are often available for:

  • Corporate-owned devices
  • Employee-owned devices
  • Corporate-owned PCs
  • Personal PCs

Physical working environment

The healthcare industry workforce is on their feet for eight to 12-hour shifts, with much of that time spent responding to immediate patient needs and emergencies. These working conditions make it easy to leave a mobile device on a counter or a table; the open nature of a hospital makes it easy for somebody to walk off with the device inconspicuously, never to be found.

Having MDM with geofencing, which uses a mobile device’s GPS to create a boundary that triggers a response when a user crosses it, can also protect PHI from leaving the healthcare facility. For example, you can set a policy that blocks access to hospital applications that contain PHI from all corporate and BYOD devices running an MDM client app as soon as the user leaves your facility with the device. When they return for their next shift, the geofencing solution restores their application access.

Wearables and connected devices

Wearables are becoming increasingly popular with consumers, and the healthcare field is finding ways to use wearables for patient monitoring outside the traditional healthcare setting. Healthcare providers may issue patients a wearable for use in monitoring a health issue. There are also patients who already own a wearable device that captures data that might help their doctor to further monitor their health condition.

Healthcare enterprises face many of the same challenges as a commercial enterprise when securing wearables, but they have the added need of strict HIPAA compliance. The amount of PHI data these wearables generate also prompts the need for strong data governance and an MDM strategy. Your data management policy will need to account for:

  • Patient data ownership
  • Privacy policy compliance
  • Cybersecurity protections over the data in transit and at rest

These challenges extend to medical devices such as insulin pumps, defibrillators, CPAP machines, cardiac monitoring devices and oxygen tanks equipped with IoT sensors for remote monitoring. These medical devices provide real-time information to caregivers and clinicians while enabling the patient to receive care at home. Sensors Online explains these devices face the following challenges:

  • Design: The design process for a remotely monitored device is different from those designed for in-hospital use and different from common IoT devices, such as telematics or security devices.
  • Certification: The often-underestimated wireless device certification process, which is separate from the FDA’s testing for all new wireless devices.
  • Collaboration: Connectivity challenges are posed from manufacturers all the way down to the people who manage these devices.

The OWASP Secure Medical Device Deployment Standard provides a guide and checklist for deploying these network-enabled devices. You can expect to see MDM vendors evolve their IoT security portfolios to secure these devices. Blockchain, the secure digital ledger, shows promise in helping secure medical devices, according to Network World, but it is an emerging security technology that is still suffering performance hurdles.

Mobile device management in healthcare organizations

The prognosis for implementing mobile device management in a healthcare enterprise is healthy if the healthcare institution’s IT staff works closely with their user community and outside auditors to implement HIPAA-compliant mobile solutions that empower clinicians and other healthcare professionals to serve their patients better.


This post originally appeared on Mobile Business Insights on January 11, 2018. The site is no longer in publication.


My name is Will Kelly. I’m a technical writer and content strategist based in the Washington, DC area. I’ve written for corporations and technology publications about such topics as cloud computing, DevOps, and enterprise mobility. Follow me on Twitter: @willkelly