This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
IBM Goes Wide and Deep on Mobility
I just returned from 3 days at IBM's annual Lotusphere conference in Orlando, and while IBM is focusing primarily on bringing social media concepts into business processes, particularly with their Connections product, there is a mobility element into everything they do. However, IBM doesn't do anything from just one angle, and behind the scenes the company has been developing a raft of mobile security, device management, and applications development tools.
The one problem with IBM's mobility offerings is that they have so many of them and they all have names that provide no clue as to what they actually do. Fortunately I got to spend some time with Rob Ingram, Senior Manager, Mobile Social Business Strategy, who moderated the session "Strategy in Action: IBM Mobile for Social Business", and he walked me through the forest.
First, IBM does offer mobile clients for the Apple iOS and Android platforms under the name Sametime Mobile Client; their partner RIM offers one for the BlackBerry platform. The iOS and Android clients got an upgrade this past August and now offer presence and IM (individual and group with picture capabilities), as well as push notifications, so a user who has been off-line receives alerts regarding text or other items received as soon as they log in. The network (e.g. Apple's Push Notification Server) doesn't deliver the actual message, only the "alert". The user connects to Sametime when they are back on line and the message is delivered directly over a secure connection.
With that upgrade, IBM also included location-based presence on the Android implementation, so the user's location can be provided along with their presence status. For privacy reasons, the user has the ability to limit which colleagues are allowed to see that location.
However, IBM's offerings reach into several other areas of mobility. First, there is Lotus Notes Traveler, IBM's push email and PIM (personal information manager) synching capability. Like Microsoft's Exchange Active Sync (EAS), Traveler also provides some basic mobile device management (MDM) capabilities like policy enforcement, remote wipe (partial and full), plus the ability to block unencryptable transmissions and deactivate the device’s camera (on iOS devices).
For MDM capabilities beyond Notes Traveler, IBM is rolling out the Tivoli End Point Manager. An extension to the Tivoli Management Framework that provides hardware and software inventory and software distribution capabilities for large networks of desktops and laptops, the End Point Manager will extend those capabilities for mobile devices. The product is based on IBM's acquisition of BigFix, Inc. in July of last year, and the Tivoli End Point Manager will support iOS, Android, Symbian, Windows Mobile, and Windows Phone devices.
While it can detect "jailbroken" (iOS) and "rooted" (Android) devices, the Tivoli End Point Manager still doesn't include an "internal app store" function, though IBM has developed (but not yet productized) that capability and uses it on its own internal network. Detecting "jailbroken" or "rooted" devices is critically important for enterprise security because those compromised devices can allow non-sanctioned software to be loaded on someone’s personal device. It also supports application blacklisting to prevent specific applications from being installed.
Further on the security front, IBM is upgrading a legacy mobility product called Lotus Mobile Connect (LMC). Originally developed for laptops, LMC provides a secure tunnel between the mobile device and the corporate network with the ability to maintain that security as the user roams across 3G/4G and Wi-Fi networks; that security is FIPS 140-2 compliant. This is similar to the persistent wireless connectivity provided by NetMotion Wireless. LMC can do clientless secure proxy access for any device, and they are evaluating a future client for Android 4.0 (Ice Cream Sandwich) VPN APIs.
IBM is looking at other options for remote security. In the IBM Labs pavilion, developers were showing a further enhancement to LMC that would provide secure access on an application-by-application basis. Using a VPN secure tunnel connection might not be good enough for all enterprise users, according to IBM; the problem is that once the secure tunnel is established, any application on the mobile device can access the enterprise network through it. So if the user has installed a compromised application, that secure tunnel just gave it access to the entire corporate network.
Most MDM solutions address this concern with application white/blacklisting, but the IBM developers feel that might not be not proactive enough, as there can be a time lag before a blacklisted application is identified. With this capability, access for a particular application can be cut off immediately. This enhancement will work with the core LMC capability, allowing a user to roam across multiple wireless networks with the secure tunnel intact and without requiring the user to reauthenticate.
Beyond the basic MDM and security functions, IBM is also looking at the applications layer. Increasingly, organizations are discovering the difficulties involved in developing and maintaining mobile applications. As a result, users are moving away from "native apps" that must be developed and maintained for each mobile operating system, opting instead for web-based solutions. There are two ways to approach this and IBM is targeting both.
One way is to develop hybrid applications that appear to be "native", but in fact are simple mobile-appropriate front ends (i.e. "button pushers") that present an appropriate mobile interface to the user but are actually sending commands to a traditional Web-based application. IBM is working on tools to support the development of those hybrid apps.
The other approach is to provide users access to Web sites developed for laptops and desktops. The problem with traditional web pages is that the content often doesn’t "fit" on a small screen and users have to "zoom and scroll" to get to the content they need. IBM is working on two products to address these needs.
Addressing the problem from the web server, WebSphere Mobile Portal Accelerator is a program that takes Web pages designed for desktops and converts all or part of them to mobile Web sites. The can save a customer considerable time and expense in creating separate Web content specifically for mobile devices.
In another shot at the same problem, IBM has developed the WebSphere Mobile Portal Experience, a set of Java scripts that recognizes different mobile devices and translates the standard HTML to run smoothly on each specific mobile device and UI. Not only does it allow regular Web pages to work more smoothly, it automatically resizes ,aligns, and even edits the content to fit on a tablet or smartphone screen. The example they demonstrated showed a traditional Web page and then how they reshaped it for a tablet and reshaped it again when the tablet was changed from vertical to horizontal alignment. When they displayed the same page on a smartphone, the program deleted the pictures to save space.
So IBM isn't just looking at mobile clients, but device management, security, and applications development. In short, IBM is not looking at mobility from one dimension, but focusing on the whole process of mobilizing work. Unfortunately, this all results in a complicated product mix with product names that give you no living idea what the various products are doing, so you need a glossary (or a guided tour like I got) to keep them all straight.
One special advantage IBM has going for it is the ability to conduct internal beta test using its own employees. IBM's workforce is highly mobile and late last year it announced a plan to support a bring your own device (BYOD) initiative for 200,000 IBMers by the end of this year. I had the chance to talk with IBM's CTO for mobility, Bill Bodin, and he confirmed that many of the mobile capabilities IBM is looking to productize are already in use internally.
While "social" was the central theme at Lotusphere, IBM clearly has its sights set on mobility. Most UC vendors have one mobile "thing", whereas IBM has a mobile product line; IBM doesn’t believe in doing things in a small way. Of course, in each of the areas it's addressing (MDM, mobile security, mobile app development, etc.) IBM will be going up against a raft of established players, and there’s still a long way to go in terms of rationalizing and rounding out the product line. However, only Sybase appears to have a breadth of product offerings to rival IBM’s, and their offerings do not extend into mobile UC clients.
Mobility managers with large numbers of mobile devices and applications to support, particularly those in companies with an investment in Lotus Notes, should certainly keep IBM in their game plan.