IT Briefcase Exclusive Interview: Maximizing Enterprise Workflow in a Mobile World with Tom Bakewell, Good TechnologySeptember 9, 2013 No Comments
In the interview below, Thomas Bakewell from Good Technology discusses Mobile IT in respect to the current Big Data revolution, and offers expert advice for organizations looking to create application workflows that are inherently secure.
- Q. In your opinion, how does the evolution of Mobile IT change the way we need to look at work behavior, IT infrastructure, and enterprise focus today?
A. We need to look at the evolution of mobile IT in the same way as the evolution of data or information. The industry often talks about having data available anytime, anywhere and on any device; now it’s important to look at behavior the same way.
Today IT infrastructure is designed to support predictable usage. In other words, if someone comes in at 9am and they start processing an order or collecting cash or generating a quote, we have already built our systems to support those predictable processes. We’ve also built other business processes around prediction, for example at what day and time reports and information will be available to close the books and report results to Wall Street. Mobility fundamentally breaks that paradigm. Everything from application access, to the support of our infrastructure, requires us to think through our ecosystem.
IT teams talk about ‘always being available’ but they have may have challenges being able to support a system that is down or to provide access to someone who is on the road. We need to rethink what is both behind and outside of our firewall, in trusted and untrusted zones. That unfortunately is not how most IT infrastructures are built today.
- Q. Along with the evolution of BYOD comes the newer concept of TYOD (Take Your Own Data). How can organizations begin to secure, not only the device, but the applications and data being utilized on mobile devices today?
A. TYOD is not a new concept. Pull out your phone and look at the pictures you took over the weekend or the music you downloaded… that is all data.
We have one life and we have one device. This means we can’t have multiple personas on a device because that does not reflect how people behave, think and work. We need to have shared data at work and play but the problem is security. We need containerization around the data, as well as security around the movement of the data, otherwise work information becomes as insecure as the photos or the music on the device.
- Q. What advice can you offer to businesses looking to create application workflows that are inherently secure, and move away from solely locking down devices?
A. My advice to businesses looking to create application workflows: as an IT organization, look at activity-based and role-based computing. Not all roles are equal in a company and not all activities are equal either. Some activities require an intense amount of security and protection, whether that be transferring organizational data from corporate counsel to your directors or a quote to your customer. We need to be able to provide a mechanism for a company to look at easily determining what their various roles are as well as the activities that need to be mobilized. Most businesses understand the concept of workflow, it’s the role-based aspect that businesses struggle with.
My advice is look at critical business roles in your organization. You can then decide the workflows needed to make them more competitive and more effective than others in the industry. Imagine if your top 10 roles were more efficient and effective than those same roles in your competitors, what would that do to you market share?
The policies don’t need to shift but they simply need to be enforced. Prior to having the technology that enforces them, it’s impossible to enforce a policy that says you cannot have company sensitive data on your device or you have to be able to protect company sensitive data on your device. Those are great statements to make as a policy, but until you have the technology they are absolutely impossible to enforce. I don’t think the policies need to change, I think that the technology and the process needs to be implemented to support those policies.
- Q. What are some ways that CIOs can help communicate to top management the importance of adopting a scalable, comprehensive solution like the Good Secure Mobility Solution?
A. This question is interesting on two fronts. One of the ways that CIOs can communicate to other executives around the importance of adopting a solution like ours is to use metaphors. Most executives understand the concept of spam and firewalls and intrusion protection, but what they aren’t recognizing is how this relates to mobility. Given how users use the devices today, we will see more and more attacks coming from sources that are non traditional, such as vulnerabilities exposed by otherwise innocuous apps downloaded from various sources rather than the traditional service attacks which aren’t impacting mobile devices as such.
We will see the other types of security vulnerabilities penetrating our environment and unless we have the capabilities to protect our information, they will get access to data behind the firewall where most damage is done to corporations. It’s really about extending what we do today in our physical infrastructure to a mobile workforce.
- Q. Many organizations still treat the IT department as a separate entity within an organization. What are some ways that businesses can help IT departments become more integrated with the company?
A. We have executive staff envy in IT. To get a voice at the table always have something valuable to say and of course it matters what you contribute rather than whom you report to. But in the end IT has to be able to know the value creation proposition that we bring to an organization. We need to be able to articulate which activities have the highest value to the organization. Then we need to be able to tie our funding models to those activities that create value and be able to communicate that to the business. This is the point at which IT gets treated as a business unit rather than a cost center. Those are huge differences.
- Q. What are some ways to help businesses understand the value of its intellectual property? And how do you know when it’s been compromised?
A. Intellectual property is not inherently valuable. Its value is the strategic advantage gained by excluding others from using the intellectual property. To be valuable, the IP should be strategically aligned with your business objectives. Without a strategic alignment, you may be wasting investment and missing opportunities to capture valuable market advantages.
The most valuable IP are those that provide a distinct advantage over your competitors and at the same time build equity in your brand. Whether your products provide unique functionality, improved efficiency or desirable aesthetics, the marketable value is in having your brand recognized as the exclusive source of these offerings. It becomes readily apparent when IP leakage occurs. Product distinction and market position deteriorates, company reputation and the ability to attract and retain customers is also at risk. IT can and should play a significant role in the on-going protection of IP the same as is done for more tangible assets.
- Q. By 2016, Gartner predicts that enterprise public cloud services spending will reach $207 billion. What are some best practices companies can embrace when embracing cloud-based applications that require information storage and management in the cloud?
A. IT needs to embrace the exact same principles for its cloud providers that they apply to their own infrastructure. When embracing cloud-based applications, businesses must apply consistent due diligence around security by addressing critical processes, most notably data storage and retrieval. It’s critical to ask: when can you get your data back? Under what conditions? What happens if a provider has financial troubles? What happens if there is a disaster? The same level of recovery point objectives and recovery time objectives need to be implemented with cloud-based providers as is done with our own data centers. The cloud providers that can’t answer those questions need to be eliminated from choice.
- Q. How are CIOs evaluating the need for mobile technologies before they are deployed in an enterprise? How are you read the behavior, or communications, patterns that indicate a need for mobile solutions?
A. How are CIOs evaluating the need for mobile technologies before deploying in enterprises? Most are not, mobile devices simply occur.
The top CIOs however look at the activity and role that creates the most value to the enterprise and they deploy the technology that will allow for the mobilization of that workflow. As a general rule, CIOs are not thinking about mobile first; it’s something that doesn’t happen in the industry today. CIOs are building their budgets and roadmaps to support a standard suite of applications and technology. If CIOs don’t have a strategy around making their workflow mobile then it will never get it onto a roadmap and it will never happen. The result will be that the lines of business will bring in applications and mobility that is insecure, exposing tremendous risk to the business. The key is building the strategy, getting it socialized with the business, getting it onto the roadmap, then IT knows how to execute to the plan.
Thomas Bakewell has been Chief Information Officer and Vice President of Information Technology for Good Technology since joining the Company in March of 2013. In his role, Mr. Bakewell is responsible for shaping the company’s worldwide IT strategy to support the continued growth and the need for real-time collaboration and data access for Good’s globally distributed workforce and corporation. Prior to joining Good, Mr. Bakewell was VP and CIO for Riverbed Technology. Under his leadership, the IT team achieved new levels of business agility, productivity, and customer service through innovative, adaptive technology solutions that accommodate business priorities. As the CIO for Riverbed, Mr. Bakewell both led and enabled the growth of the company from 20% market share to 52%, from $200M to $1B in annual revenue and headcount growth of over 400%. Prior positions held included a number of executive IT leadership roles at Coherent, Inc., Brocade Systems and Sun Microsystems.APPLICATION INTEGRATION, CLOUD DATA, DATA SECURITY, Fresh Ink, MOBILE DATA