1 / 16

[Report] Building a Solid Platform for Enterprise Mobility: Introducing the Mobile Control Plane, by Chris Silva

Managing mobile devices proactively depends on more than the tools — such as mobile device management — that offer a “silver bullet” for the onslaught of mobile support requests. IT has two choices: 1) work to patch and fix by continually amending policies and myopic infrastructure or 2) establish a stance rooted in control over the devices in place today and those likely to be requested tomorrow and well into a multi-device, connected future. <br><br>Solving this problem and establishing control is an issue not only of the proper technology but key relationships across the organization, informed and enforceable policy, and a multi-part technology stack to operationalize said policy. We call this the mobile control plane, a complex but critical layer of support that serves as the foundation for enterprise mobile rollouts that’s lacking in most companies today.

Altimeter
Download Presentation

[Report] Building a Solid Platform for Enterprise Mobility: Introducing the Mobile Control Plane, by Chris Silva

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Building a Solid Platform for Enterprise Mobility: Introducing the Mobile Control Plane September 19, 2012 By Chris Silva With Charlene Li and Jon Cifuentes Includes input from 23 ecosystem contributors

  2. Executive Summary Enterprise users have changed the landscape of enterprise mobility through their own device choice. As of late 2011, data from SAP’s Enterprise Mobility Survey was showing that 9 out of every 10 employees were carrying a smartphone, and 3 out of every 10 were carrying a tablet at the end of 20111. Smartphone proliferation has only continued to grow, while many companies are maintaining that mobile email, contacts, and calendaring are a comprehensive mobile solution. But in a world of multi-tasking smartphones and tablets with hundreds of thousands of tools in their application stores, this is no longer the case. Companies’ unwillingness or refusal to improve their visibility across device types and build a governance-backed technology stack for managing mobility will hamper users’ productivity and potentially expose the company to risk as users “backdoor” consumer solutions to fill the void between the tools they need and what’s offered. Managing mobile devices proactively depends on more than the tools — such as mobile device management — that offer a “silver bullet” for the onslaught of mobile support requests. IT has two choices: 1) work to patch and fix by continually amending policies and myopic infrastructure or 2) establish a stance rooted in control over the devices in place today and those likely to be requested tomorrow and well into a multi-device, connected future. Solving this problem and establishing control is an issue not only of the proper technology but key relationships across the organization, informed and enforceable policy, and a multi-part technology stack to operationalize said policy. We call this the mobile control plane, a complex but critical layer of support that serves as the foundation for enterprise mobile rollouts that’s lacking in most companies today. Attribution-Noncommercial-Share Alike 3.0 United States | © 2012 Altimeter Group | 1

  3. Table of Contents The Out-of-Control Mobile Enterprise ..............................................................................................................................................3 Proliferation of Devices Decreases IT Visibility into Enterprise Mobility ...........................................................................................3 Data Access, Applications, and Roles Multiply the Control Issues ..................................................................................................3 Putting IT Back at the Control Switch With a Control Plane ..................................................................................................5 Governance Sets the Stage for Mobile Technology Management ...................................................................................................6 A Deep Technology Stack Follows Governance ....................................................................................................................................8 Recommendations ...................................................................................................................................................................................11 Ecosystem Input .......................................................................................................................................................................................13 Endnotes .......................................................................................................................................................................................................13 About Us .......................................................................................................................................................................................................15 Attribution-Noncommercial-Share Alike 3.0 United States | © 2012 Altimeter Group | 2

  4. The Out-of-Control Mobile Enterprise Thanks to the introduction of desirable smartphones, like the iPhone, the landscape of enterprise mobility has changed significantly. Gone are the days when one platform (primarily BlackBerry) was purchased and distributed by the company to employees. Today, a mix of platforms, data, applications, and user roles, coupled with people who “bring your own device” that mixes work and personal purposes, creates a tempest that defies being controlled — and in the process, creates tremendous risk for the organization. The IT department is charged with managing enterprise mobility, but the task is complicated by two factors: 1) a motley crew of devices and 2) heavily fragmented data on these mobile devices — detailed below. Proliferation of Devices Decreases IT Visibility into Enterprise Mobility The number and diversity of devices has proliferated over the past few years, with smartphones now representing 55% of all mobile phones users in the US.2 Among enterprise mobile users, 9 out of every 10 employees carry a cellphone, while 3 out of 10 have a tablet.3 This trend has been accelerated by the emergence of desirable smartphones, like the iPhone and Android platform. And over the course of 2012–2013, we will see at least two new mobile platforms hit the market in the form of Windows 8 and BlackBerry 10, bringing the likely total number of platforms to support up to four at a minimum, the latter two as yet unseen and untested platforms to manage. This is a trend that is impossible to reverse, and the push for employees to use corporate-owned assets is increasingly an uphill battle. One major health insurance organization shared this challenge in attempting to retain control of device choice: “We’re seeing a need to sweeten the pot for users by extending corporate discounts on devices with major carriers in order to entice them to use company-owned and provided smartphones.” Gone are the days of one-single platform “of record” with a single tool to manage it. Companies seeking to hang on to this model of simplicity find themselves at odds with a growing number of users. Fewer than 5% of employees carry two different devices, one for work and a different one for personal use.4 By some estimates, more than half of business executives and IT managers are unaware of all personal devices used for business purposes, and lack an employee personal device policy. This trend of “bring your own device” (BYOD) has no end in sight, and with the push to cut enterprise spending will likely never be reversed. Data Access, Applications, and Roles Multiply the Control Issues Organizations are finding that in addition to managing the device, they also need to think about what is actually done on those devices as another layer of control that’s needed. Over the past few years, mobility has moved from a relatively simple issue of connecting devices to email servers to provide extended access to mission-critical data — beyond email, contacts, and calendar tools — across the organization. Add to this the seemingly endless progression of top-rated applications — over 900,000 on iOS alone — that can be downloaded onto these devices.5 Finally, consider the complexity of managing roles — where different sets of applications and data are used depending on a mobile worker’s role within the organization — and the multiplicative force of what IT must contend with as enterprise mobility quickly becomes hard to fathom. One way to understand the complexity and the risk is to look at it as a journey, on which organizations are only in the middle of today (see Figure 1): Attribution-Noncommercial-Share Alike 3.0 United States | © 2012 Altimeter Group | 3

  5. Figure 1: Mobile Device Penetration & Use Case Maturity Ubiquitous Connnectivity: We move beyond smartphones and tablets into a connected world. By 2016, smartphones account for over 67% of all cell phones worldwide (IHS) Rise of Consumerization: Consumer choice yields more device types and apps.  49.7% U.S. smartphone penetration as of February 2012 (Nielsen) Penetration of Mobile Devices Connected Devices: A single, enterprise-chosen device for mobile email.  29% U.S. smartphone penetration as of October 2010 (Nielsen) 3.5 mobile devices per business user in 2012 (Nielsen) Mobility Ecosystem Maturity Data source: Nielsen, iPass, IHS Attribution-Noncommercial-Share Alike 3.0 United States | © 2012 Altimeter Group | 4

  6. Putting IT Back at the Control Switch With a Control Plane There are two paths that IT leaders can take, adopting the “hero” model we see in many IT shops, sprinting to save the day in reaction to crises, or the operator model, maintaining control from a single position, always one step ahead. The best analogy is a rail yard where the IT manager can play the “hero” persona mentioned above, constantly struggling to mend tracks and switches as the train of user mobile demand bears down on him or her. In contrast, the proactive IT manager acts as the operator at the switch, handling all of the traffic in the yard from a safe distance, his or her platform providing a vantage point and controls to respond to any changes in demand. To do this, organizations must create the Mobile Control Plan, which is defined as: A platform made up of two parts: 1) governance for informed policy, and 2) a modular technology stack that takes into account devices, data, and users. The Mobile Control Plane, when properly executed, provides a solid platform that can be deployed — comprised of modular “bricks” of technology and leadership — which accommodates firm footing for mobile tools that directly impact users day-to-day. Figure 2 illustrates the major elements of the Mobile Control Plane, when fully deployed as needs dictate. Note that Rome was not built in a day and neither will your mobile control plane. As illustrated in the growth of mobility maturity above, as our needs change so too should the tools we use to facilitate mobility change. The idea behind the control plane is that it can evolve from an existing investment in mobile device management or mobile application management, adding data security tools as use cases for sensitive information sharing on mobile devices emerge or identity and authorization tools as single-sign on is extended to the growing number of tools and applications on users’ devices. Figure 2: The Mobile Control Plane Governance Technology Legal & Risk Data Security HR Tech Leadership Identity/Authorization DLP Policy Design Mobile Device Management NAC Content Strategy Ongoing Training P.I.M. Sync App Management Legal SMS Ongoing Education Service Management Source: “Power to the People: Identify and Empower Your Mobile Workforce” Altimeter Group, June 7, 2012 Attribution-Noncommercial-Share Alike 3.0 United States | © 2012 Altimeter Group | 5

  7. Governance Sets the Stage for Mobile Technology Management Most organizations looking to get a handle on mobility have been on their proverbial back foot for the past few years as they focused on device management. As demand for emerging platforms, like iOS and Android, eroded the control offered by BlackBerry, many managing mobile platforms took a patch-and-fix approach. These managers were “on the tracks” as the mobility train gained steam. In fact, where most organizations should begin is by establishing governance, because the level of control, ownership, and methods that are best to operationalize optimal control, vis-à-vis risk, HR, and legal requirements, will dictate which “bricks” in the control plane need to be built out initially and added over time. The control plane is constantly growing and evolving, adding modules along the way. Organizations need to define mobility governance in three areas: 1. Data: Classifying information inside of an organization is an onerous task, requiring multiple man- hours and investment in technologies to track and secure data according to its level of confidentiality. Sidestepping this process, however, provides endless opportunity for data to be mishandled, compromised, and lost. Every two days we now create as much information as we did from the dawn of civilization up until 2003.6 This astonishing rate of data creation necessitates a flexible scheme for classifying information as it is generated. This is at the heart of a solid data security and retention policy 2. Policies: Once data is classified, parameters must be established around how that information should be handled; which users and groups have access to which data and tools; and how breaches, misuse, and abuse will be handled. In most organizations, fair use and sometimes even mobile guidelines exist and will not require too much updating as the control plane is built out. Technology use policies and involving HR in determining appropriate use, data ownership, and policy enforcement can help jumpstart policy creation. 3. Training: An ongoing effort both pre- and post-launch of the mobile control plane is educating users in why certain policies and tools are being introduced. Because many of the governance and technologies that make up control plane reign in user features, educating mobile users on the risk and exposure these tools limit will ensure user buy-in. A key element to build into training is clearly illustrating the trade-offs between usability and risk control. An open and ongoing dialogue between IT, Risk Management (if applicable), Legal, and HR should inform every governance decision. The table below outlines key areas of governance that must be in place in order to back the technology elements of the control plane that will be discussed in the next section. Governance can be applied in a modular fashion similarly to technology. In most organizations that we have spoken with, mobile policy begins as a simple guideline on types of devices and costs that are acceptable to either pass on to the organization or the expected partners from which additional expense will be accepted. As the organization begins to contemplate the handling of data in mobile and other connected applications, the complex work of categorizing data and policy expands beyond simple T&E to include definitions of access tiers and data portability restrictions. Attribution-Noncommercial-Share Alike 3.0 United States | © 2012 Altimeter Group | 6

  8. Figure 3: Core Governance and Policy Considerations for MCP Function Description Issues to Consider Department: Legal & Risk The Legal and Risk Management departments are the arbiters of risk inside any organization and should be the lead to inform policy design decisions to ensure protections meet any compliance needs but do not overreach employee rights. While Legal and Risk play a key role in informing and perhaps approving policy, their role should be as collaborator in policy design, not leader. Leadership: Technology Ownership Having a central leadership role that can coordinate all of the various moving parts of mobility from device, data, and software management to interfacing with external entities for governance guidance is a much needed — and often nonexistent — role in most organizations. Altimeter expects the role of the dedicated “mobility strategist” to take time to evolve as the control plan that this specialist maintains comes together. The three-year horizon shows this role coordinating not only internal-facing but also external-facing mobile strategy to ensure resources are shared and used effectively. Strategy: Access and Use Guidelines Taking into account not just devices but also identity and roles, access to data and applications and use cases is critical for creating an informed and adaptable mobile policy. One-size-fits-all approaches will not work for managing mobile users, as each role requires varying levels of data access, separate application suites, and varying levels of security controls. Starting with basic levels of access inherited from Active Directory or another identity and access system of record is a reasonable starting point. It is not until tools such as data protection, NAC, and service management come on board that a materially different management style will be attainable for various roles. Strategy: Data Guidelines Content strategy in the context of mobile management is centered on data classification efforts. Organizations must work with risk and security teams to have clear delineation around what information is confidential, sensitive, and public in order to craft mobile policies — informed by DLP tools — to ensure that the former two types of information remain secure inside the organization and off of mobile devices as dictated by policy. In many organizations, a broad data classification effort has taken place, dictating that certain sets or types of data is classified and cannot be shared. Companies that have compliance burdens, like HIPAA and PCI, have a clear guidance on what data can never be put in a position to be shared or lost; however, most organizations lack such clear-cut guidance. Leadership: Ongoing Training and Education As features and capabilities are rolled out in the control plane, keeping users informed of the functions, as well as their intended purpose, is critical not only to assist users but to keep support load well managed. Adding a feature to geofence access to apps and data, with no education, for example, could result in a slew of mobile device support calls. Department: Human Resources Paired with Legal, the HR team will bound the reach of enterprise controls and oversee use of mobile devices regarding what can and cannot be enforced upon users and the devices they own. Ensure that HR is not writing checks IT cannot cash; good policy is only as valid as the tools to implement it. Refine the HR “wish list” into items the technology stack can control. Source: Altimeter Group Attribution-Noncommercial-Share Alike 3.0 United States | © 2012 Altimeter Group | 7

  9. A Deep Technology Stack Follows Governance Once governance is rounded out to account for the mobility needs of workers today, as well as the ubiquitously connected future, technology must be applied to put policy into action. Sourcing the tools to accomplish this from a single partner is near impossible and, as previously discussed, one tool such as MDM won’t accomplish the task alone or provide the flexibility to manage future devices. Altimeter has noted a trend among mobility vendors to grow their platforms horizontally through partnerships and integration, and this approach where a single tool offers hooks into subordinate technologies is a solid indicator of a partner that will scale with business needs. An example of how this integration ideally works includes using a single system as a policy enforcement vehicle of record. Start with a policy engine in a tool, such as a mobile-device-management system, and provide hooks into Data Loss Prevention (DLP) and Systems Incident Event Management (SIEM) tools to invoke data security based on how data is being used or a correlation of events, respectively. Additional inputs from service monitoring and expense management tools will augment IT visibility beyond just what’s being done with devices but adding information on when and how devices are being used. This information can be used dynamically altering how devices fundamentally work in different scenarios, providing access to data when it’s safe, reporting when devices are being used inappropriately and shutting down or reporting devices that are being abused or underutilized. Here is an example of how the technology plane might work: • An organization that has allowed for BYOD among its field technicians team puts a policy into place identifying the users in this group as the only allowable users of Apple’s iOS. • An enterprise installation of the Box file-sharing tool is available for document sharing and offline use. However, any documents with customer information can only be accessed inside company headquarters to reduce risk of data loss. These documents and their use are monitored by an installed DLP tool. • An employee on the field team brings his or her device into the office, in this case, an iPad. Upon attempting to connect to the wireless network, a Network Access Control (NAC) tool polls the devices for user credentials. During the initial setup, the user is directed to a secure site via a browser, where they must enter their Active Directory credentials. Once verified against the allowed group, a certificate is downloaded to the device and the device configuration task is kicked off, led by the MDM server. The employee sets up a complex PIN, and device data security is enabled. • Mobile application management tools, triggered by the provisioning requests of the MDM initiate a connection with the device, installing the Box application for file-sharing. Back-end orchestration allows for the user to automatically access documents stored in the Box cloud, as back-end orchestration is allowing for single-sign-on re-using the entered Active Directory credentials to access the cloud service. • With access to information and a connection to the email server (brokered automatically as part of the MDM provisioning process), the user sets out for the field. Seeking to access documents downloaded and synced for offline use earlier, the field tech notes that only product spec files have been left resident on the device, with all customer information removed via autonomous policy enforced by the MDM server when disconnecting from the corporate WLAN. • At the end of the device’s useful life, the field tech turns it over to his or her family for use in the home, replacing it with a new device. Once the new device is added to the system through the same provisioning process as before, the old device is contacted, its applications revoked by the MAM, corporate data wiped by the MDM, and it is automatically reconfigured for use without a PIN code and the requirement for data security. Service is automatically terminated, and “active” asset lists are updated for risk management audit purposes. The lifecycle begins again. Attribution-Noncommercial-Share Alike 3.0 United States | © 2012 Altimeter Group | 8

  10. Many technologies are involved in the lifecycle portrayed above, and still more exist in the potential stack of technology for many organizations. The table below presents detail on the various elements of technology that should be considered in building a control plane, though their relative utility and need will vary among organizations. Figure 4: Vendor Landscape — Technology Providers Core Description Example Vendors Technology/ Function Data Security As company data moves into pre-packaged applications and those built by the enterprise, the need for third-party cryptographic libraries or application “wrappers” that secure app content emerges. Approaches may involve placing unique code in an application, wrapping an application with encryption, or testing publicly available apps for vulnerabilities. Citrix, Mocana, Nukona/ Symantec, Veracode, Appthority Identify/ Authorization Third-party authorization and identity management tools can tie together a web of disparate apps with a single sign-on. In addition, services in this category will extend the role of identity for internal systems into triggers for certain policy or management tools. Okta, Oracle, Microsoft (Active Directory) Mobile Device Management (MDM) A foundational element of mobile control, Mobile Device Management (MDM) centers on management of the device as a physical asset and application of some policy for its connectivity and function, often the policy enforcement engine of record. AirWatch, BoxTone, Citrix, Fiberlink, Good Technology, MobileIron, SAP/ Sybase, Zenprise Personal Information Management Sync (P.I.M. Sync) The base-level functionality for connected mobile devices, a conduit between the device and email, contact, and calendar resources, either through a standalone server or natively in the email server. IBM, Microsoft, Research In Motion Mobile Application Management (MAM) Managing the lifecycle of applications from deployment to update and ultimately retirement, while keeping them up-to-date and accessible is a category unto itself. Enter Mobile Application Management (MAM) which provides application provisioning through a private app store, the management of updates to those applications, and any controls to recall or restrict access to applications from mobile devices. App47, AppCentral, Apperian, Citrix, Verivo Software Service Management The role of service management is understanding how well a device is working given access to resources, how often it’s being utilized, and what it costs. This is the job of service management, and this function can be a complement to or a component of MDM. BoxTone, MobileIron, Visage Mobile, Zenprise Digital Loss Prevention Outside of the control plan but critical to its function is a hook into DLP infrastructure to actively scan information against policies for improper usage or against signatures for active defenses against sensitive materials, leaving the enterprise thorough mobile devices or other avenues. McAfee, RSA, Websense Attribution-Noncommercial-Share Alike 3.0 United States | © 2012 Altimeter Group | 9

  11. Core Description Example Vendors Technology/ Function Network Access Control (NAC) Network Access Control (NAC) provides a set of rules for profiling endpoint devices in order to provide network access. NAC plays a role in mobile by orchestrating the policies for network rights across users’ various devices, whether personal or company owned, and provides access to autonomous devices in the future based on static device characteristics, like MAC address. Barracuda, Cisco, Juniper Systems Management Solutions (SMS) Systems Management Solutions (SMS) are in place in most IT departments as a way to manage company-owned systems, such as servers, desktops, and laptops. These SMS tools provide visibility into active systems and facilitate patching and updating of those systems. While the latter tasks have not expanded to mobile in large part, these systems may represent the “gold standard” of visibility for which an organization should strive for its mobile devices. BMC, Citrix, Tivoli/ IBM, Microsoft, Symantec/Altiris Source: Altimeter Group Attribution-Noncommercial-Share Alike 3.0 United States | © 2012 Altimeter Group | 10

  12. Recommendations Taking control of mobility means accounting for an ever-evolving user and device population that requires more than a single system of control over devices, data, and users. All three points must be addressed, and a governance- informed technology stack that includes device, application, and data management is the only way to scale for the seamlessly connected enterprise. In building these governance and technology platforms, organizations should take into account the following approaches in order to remain at the controls and not be tied to the tracks of a runaway enterprise mobility train: • Begin with governance. Focus first on governance to avoid the fate of turning into a reactive IT organization that is constantly patching and fixing the wrinkles in management and security brought about by the evolving mobility landscape. A clear classification of data, strong policies vetted by Legal and HR, and an ongoing commitment to training are all essential starting points. A key element to beginning these conversations is to paint the picture of risk that exists and that inaction will precipitate. Metrics around risk can be elusive, though a reliable fallback can look to sanctions for lack of compliance. Reporting requirements around loss or compromise of customer data is another operating cost metric that may pave the way for interdepartmental cooperation. • Begin or continue to involve a larger swath of the organization. If bridges to HR and Legal have not yet been built, approach the dialogue with a common goal of information protection, an effort that the entire organization will benefit from. In organizations where a Chief Risk Officer or similar role has been put in place — common in compliance-centric industries — a coordinated effort with this function is absolutely required if IT hopes to retain a say in how mobile is managed. If you face resistance from the departments to engage, paint the risk in terms they will understand, quantify the risk factors into dollars and sense, say you will write the rules without their input, etc. • Implement technologies as needed, but avoid overreliance on one. We’ve evolved past the one- device, one-server model of mobility, but a complete control plane as outlined above may not be in order for every organization. Focus initially on critical components that: 1) handle device management; 2) address application and data management; and 3) federate users and allow central user management. As other needs present themselves — again, driven by governance first — add on technology that will support these new governance areas. • Mobile should be managed as an extension of the existing IT infrastructure. Regardless of who owns the device and pays for service, organizations should seek parity of control over BYOD and company-issued devices. One place to look for guidance is within your existing PC and laptop policies. Are users permitted to install any app on their corporate PC? Are corporate PCs using full-disk encryption? A detailed policy engine that enforces beyond the basic Exchange ActiveSync policies is likely in order, as are tools to encrypt application data or “wrapper” applications. • Choose a holistic platform and partner(s). Many strong players exist in various technology categories in the mobile control plane, but a best-of-breed approach works best when backed by a tool that can orchestrate across the many pieces of technology that make up a solid control plane. Looking for a vendor that has taken an open approach to integrating other technologies in the control plane will yield an extensible partner. Vendors such as BoxTone in the MDM space and Apperian in the MAM space have continued to cultivate a best-in-breed network of control plane specialist technologies to extend their capabilities. As modules of technology are added in accordance with need, the base solutions these and other holistically minded vendors offer can address greater portions of the control Attribution-Noncommercial-Share Alike 3.0 United States | © 2012 Altimeter Group | 11

  13. plane. The downside of this partner approach is that as the market constricts, the network of players may shrink due to acquisition of some partners, as is already beginning to take place now. For instance, Nukona, a partner to many in this space, has been acquired by Symantec, calling into question the partnerships it has with existing vendors. But the most important thing to keep in mind during this process is to press potential technology partners on their partnerships and alliances with other vendors. Make bets on platforms and partners that have plenty of hooks into other MCP elements that exist today and are not “in development.” Without that integration, your organization has to rely simply on the policy engine in your mail server for mobile management. Extensibility is key, and open integration with adjacent technologies is a mark of extensibility for the future. Attribution-Noncommercial-Share Alike 3.0 United States | © 2012 Altimeter Group | 12

  14. Ecosystem Input This report includes input from market influencers, vendors, and end users who were interviewed or briefed by Altimeter Group during the course of this research. Input into this document does not represent a complete endorsement of the report by the individuals or companies listed below. Vendors (23) Air Patrol AirWatch Antenna Software Appcelerator Apperian Application Craft Appthority ARM Bitzer Mobile Boxtone Citrix Systems Fiberlink Formotus, Inc. InstallFree Mocana MokiMobility Okta Pure Oxygen Labs (c/o TwURL) Sencha Symantec/Nukona Trend Micro Verivo Software Visage Mobile End Notes 1 Enterprise Mobility Survey. SAP, September 2011. http://www.slideshare.net/sap/mobility-12788540 2 “Two Thirds of New Mobile Buyers Now Opting for Smartphones.” Nielsen, July 12, 2012. http://blog.nielsen.com/nielsenwire/online_mobile/two- thirds-of-new-mobile-buyers-now-opting-for-smartphones 3 Enterprise Mobility Survey. SAP, September 2011. http://www.slideshare.net/sap/mobility-12788540 4 The iPass Global Mobile Workforce Report. iPass, March 2012. http://mobile-workforce-project.ipass.com/ 5 App Store Metrics. 148Apps. http://148apps.biz/app-store-metrics/ 6 “Eric Schmidt: Every Two Days We Create as Much Information as We Did up to 2003.” Techcrunch, August 4, 2012. http://techcrunch. com/2010/08/04/schmidt-data/ Attribution-Noncommercial-Share Alike 3.0 United States | © 2012 Altimeter Group | 13

  15. Open Research This independent research report was 100% funded by Altimeter Group. This report is published under the principle of Open Research and is intended to advance the industry at no cost. This report is intended for you to read, utilize, and share with others; if you do so, please provide attribution to Altimeter Group. Permissions The Creative Commons License is Attribution-Noncommercial-Share Alike 3.0 United States at http:// creativecommons.org/licenses/by-nc-sa/3.0. Disclosures Your trust is important to us, and as such, we believe in being open and transparent about our financial relationships. With permission, we publish a list of our client base on our website. See our website to learn more: http://www. altimetergroup.com/disclosure. Disclaimer ALTHOUGH THE INFORMATION AND DATA USED IN THIS REPORT HAVE BEEN PRODUCED AND PROCESSED FROM SOURCES BELIEVED TO BE RELIABLE, NO WARRANTY EXPRESSED OR IMPLIED IS MADE REGARDING THE COMPLETENESS, ACCURACY, ADEQUACY, OR USE OF THE INFORMATION. THE AUTHORS AND CONTRIBUTORS OF THE INFORMATION AND DATA SHALL HAVE NO LIABILITY FOR ERRORS OR OMISSIONS CONTAINED HEREIN OR FOR INTERPRETATIONS THEREOF. REFERENCE HEREIN TO ANY SPECIFIC PRODUCT OR VENDOR BY TRADE NAME, TRADEMARK, OR OTHERWISE DOES NOT CONSTITUTE OR IMPLY ITS ENDORSEMENT, RECOMMENDATION, OR FAVORING BY THE AUTHORS OR CONTRIBUTORS AND SHALL NOT BE USED FOR ADVERTISING OR PRODUCT ENDORSEMENT PURPOSES. THE OPINIONS EXPRESSED HEREIN ARE SUBJECT TO CHANGE WITHOUT NOTICE. Attribution-Noncommercial-Share Alike 3.0 United States | © 2012 Altimeter Group | 14

  16. About Us Chris Silva, Industry Analyst, Mobile Chris Silva is an Industry Analyst focusing on Mobile, where he helps end-user organizations understand how to effectively manage mobile strategies in their organizations for increased brand impact, worker efficiency, and revenue. A 10+ year veteran of the research industry, Chris has led research, events, and consulting operations for IANS Research, Forrester Research, IDC, and two other small boutique research firms. Chris blogs at makemobilework.wordpress.com. Charlene Li, Analyst and Founder Charlene Li (@charleneli) is Founder of the Altimeter Group and the author of the New York Times bestseller, Open Leadership. She is also the coauthor of the critically acclaimed, bestselling book Groundswell, which was named one of the best business books in 2008. She is one of the foremost experts on social media and technologies and a consultant and independent thought leader on leadership, strategy, social technologies, interactive media, and marketing. Jon Cifuentes, Researcher Jon Cifuentes works closely with Charlene Li and Susan Etlinger to support their research in disruption on leadership, organizational change in the enterprise, and analytics. Jon joined Altimeter Group after spending 2 years with a Boston-based digital agency, Overdrive Interactive. Jon led social media efforts at Overdrive for many large-scale B2B and B2C organizations. He graduated with degrees in Communications and Philosophy from Boston College. Altimeter Group is a research-based advisory firm that helps companies and industries leverage disruption to their advantage. Contact Us Advisory Opportunities Altimeter Group 1875 S. Grant Street, Suite 680 San Mateo, CA 94402-2667 info@altimetergroup.com www.altimetergroup.com Email: sales@altimetergroup.com Attribution-Noncommercial-Share Alike 3.0 United States | © 2012 Altimeter Group | 15

More Related