The Mobile Office: IBM MobileFirst and the Mobile Management Quandary

The mobile office is clearly here to stay. Even in its present primitive, first generation form it is already improving office morale and individual productivity at very small cost to the organization. To the C-Suite, where it all started when senior execs brought their new iPhones, and later iPads, to work and started using them at meetings, BYOD looks like a great something-for-nothing deal. Employees buy their own devices and use them to get more work done.

For CIOs, BYOD is degenerating into complete chaos. What started as a few iPhones is quickly growing into a very large mixed population of incompatible platforms including various versions of Android, two very different versions of Windows 8 (RT and Pro), and now Blackberry 10, basically a new OS. Data security is a nightmare as who knows what sensitive information walks out the front door on devices that are totally unsecure and are easy targets for snatch-and-grab thieves, malware, and penetrations. And while most users today are satisfied with relatively basic applications, inevitably as the focus of mobility shifts from the end-point devices to realizing greater productivity and direct profits IT will be asked to provide more of the functionality in the corporate standard desktop image on these devices as well.

CIOs facing the need to manage these devices, deliver business functionality, and control business data on them, had basically two choices until very recently: They could convert their desktop and mobile environment to a virtual desktop infrastructure (VDI) or replace their BYOD policy with a company-provided standard hardware environment — either Apple iPad or Win 8, depending on their desktop environment. On February 21 IBM brought an elegant third choice to market with its MobileFirst initiative.

Each of these has advantages and drawbacks. MobileFirst, however, seems to have the strongest cost:benefit ratio of the three.



The VDI strategy is basically to project a standard desktop image on all end-user devices — desktops, laptops, smartphones, and tablets. Because all the actual processing is done in background servers and all data remains in the data center at all times, data security is much less of an issue, and at least in theory VDI can support any device regardless of its native operating environment. The individual’s personal apps and data stay completely separate from the business environment, and if a device is lost or stolen all IT has to do to protect the organization is terminate the VDI connection to that device. And while VDI requires a new enterprise application with appropriate hardware on which to run, it can make some of the cost of that back by allowing the company to use terminals and low-end laptops in place of high-end PCs. This can be a considerable saving for a large organization with thousands of employees. End-user software updating and similar tasks are greatly simplified because the software only has to be upgraded once in one place rather than across hundreds or thousands of individual devices. And IT has total control over what is installed on the end user devices.

However, VDI has several major drawbacks. The largest of these for large enterprises in particular is that no one has experience actually running a VDI environment for very large numbers of users in a production environment. One reason for that is that VDI puts very heavy loads on the infrastructure, causing problems at peak times. In particular, larger VDI environments slow down drastically during morning and evening “login storms” when the majority of users either boot or shut down at the same time. And this is with just a hundred or so users. VDI vendors say they have solved this problem by using flash storage in the server rather than order-of-magnitude slower spinning rust to hold the standard desktop image and associated data. But no one knows what would happen if 20,000 employees in a large company booted up in a VDI system at the same time at 9:00 a.m. Monday morning. Even if the server and flash storage could handle the storm, the problem may just have moved downstream to clogged network switches. And SMBs may balk at adding  new internal IT system, including a server, to handle VDI.

VDI also has a negative impact on employee morale. Users like to express their individuality with harmless things like screensavers and wallpaper. They like to keep photos of their families on their computers at work. VDI does not allow that; many VDI end-user devices have no internal data storage purposely. That can create a very real feeling of loss of individuality.

VDI also requires an active network connection to function. For field personnel, primary users of mobile computing devices, this will have to run over the cellular network, which can become expensive quickly. And it creates single points of failure . If the VDI server crashes or a central network switch fails, the entire office will come to a halt until the problem is fixed. Remember the Super Bowl blackout? Imagine what would happen if the power to the VDI server failed and it took an hour to get it back.

Mobile Device Standardization


The second strategy, replacing BYOD with company-supplied, standard mobile devices, parallels the desktop/laptop environment. Over time this may become a de facto part of organizations’ mobile environments as many of the new Win 8 laptops coming onto the market are actually convertibles — tablets with docking stations that turn them into clamshell laptops. The big advantage here, and it is a very important one, is that the existing standard desktop image for Windows will run on a Windows 8 Pro (not RT) tablet essentially just as it does on Windows laptops today. This, option, therefore, creates the least disruption for IT, which can treat these tablets and smartphones as laptops.
However, this also has trade-offs, the two largest being politics and cost. In many organizations telling senior executives, including the CEO and CFO and LOB heads, that they have to give up using their iPads in the office in favor of Win 8 tablets is a non-starter. Any CIO who remembers the standardization battle during the PC revolution in the 1980s does not want to go down that road again.

And these convertible laptops are high-end, expensive machines. Eventually all new Win 8 laptops will, presumably, be convertibles, but eventually may be two or three years from now. In the meantime many companies may need to stay with the older design laptops for financial reasons. Then once they do start buying convertible laptops in quantity, it will take another three or more years to replace all the laptops in the organization. That is a long time to take to fix the problem.

And Win 8 tablets are heavier and have shorter battery life, making them poor choices for field employees, who need products with long battery lives, and for female, older, and disabled employees who might find the weight uncomfortable. Women in particular often prefer a smaller tablet that fits in their purse for obvious reasons.

IBM’s MobileFirst


IBM’s MobileFirst provides a third approach that solves many of the issues with the first two. It streamlines support for the organization’s existing heterogeneous population of mobile devices and can easily expand to include new versions or whole new platforms, like the Blackberry 10, as they enter the organization. It does not require a rearchitecting of the entire end-user computing environment, and its added burden on the IT organization and infrastructure is minimal. Actually, customers have the choice of buying and installing the system and running it in house, running it in the IBM Cloud as a Software-as-a-Service using their internal staff, or outsourcing the entire infrastructure to IBM and letting someone else worry about it. And of course it is backed by IBM Services for companies that need consulting services.

IBM’s “write once, run everywhere” app development approach  takes most of the pain and expense out of supporting enterprise IT services on multiple, mutually incompatible sets of end-user devices. And it is equally applicable to developing and managing internal apps for employees and external apps for customers, Its small footprint device agent system lets IT manage company apps and data on end-user devices at a micro level from a central console with minimal intrusion into employees private data. And it comes backed by one of the oldest and largest IT vendors in the industry, which has a track record of backing products and initiatives long-term and which has made a large, multi-year investment in MobileFirst already.

The biggest disadvantage for SMBs is that few companies below the global enterprise level have an existing relationship with IBM. A number, however, are customers of some of the mobile computing startups that has IBM purchased and whose technology is now rolled into Mobile First.

Second, MobileFirst is a new product as a unified system, although earlier versions of several key components have been in use for some time, and IBM itself uses MobileFirst to manage its very large internal population of employee- and company-owned mobile devices.

Third, it does not come free, and companies have to weigh the cost against the alternatives and the benefits it provides. And it does create some lock-in to IBM going forward. But the other alternatives also lock companies in, either to their VDI supplier or to Microsoft. So again this is an unavoidable problem, given that today few organizations can walk away from mobile computing.

Overall, IBM MobileFirst appears to be the best of the three choices for many companies. Even those that eventually will end up with a high population of Win 8 will find advantages in MobileOne in supporting those systems. Certainly IT decision makers owe it to themselves and their companies to give all three options a close look and find an optimal way to take control of their mobile situation before they find themselves managing a data security or other disaster.