BPM and Mobility, Unified Approach

October 17, 2012

The mobile enabled work revolution and Cloud migration is creating an environment in which enterprise IT departments will  have to rethink their service distribution and support models wp.me/pO8n7-7L to meet the needs of mobile workers, customer anytime-anywhere-access, and how the organization manages its resources. This revolution will take a little more than just virtualization, increased data storage, server-side controls, and authentication and authorization, etc. to make mobile access a reality. Organizations contemplating or implementing mobile will need a unified approach to process management that will govern architectural changes with reinforced processes and operational controls. The whole idea behind mobility is to provide information access to decision makers, knowledge workers and customers anytime on any device. Providing access to back-end system information, enterprise data and process infrastructure is essential to increasing competitiveness, productivity and efficiency. The role of BPM in this shift in technology consumption is not only more robust process automation, but control to make “access anywhere” efficient for the user and provide safeguards for organizational assets and to minimize risk.  How does an organization manage the mobile access revolution?

You begin with a process driven strategy for implementing mobile enabled work/access that will guide the organization including the IT department in the delivery of services. A targeted framework will include the processes needed to deliver anytime access and safeguard investments.  Regardless if the organization implements BYOD, invests in mobile devices, or if the mobile deployment is customer centric, governance and controls are important.

The principles of a mobile technology governance framework is not limited to the IT department, but is inclusive, it has to be developed in the light of risks associated with a mobile deployment and the management  of  those risks, to include collaboration with business units as the owners of processes that fit a mobile usage criteria. Strategic direction and proper planning are necessary, understanding the process landscape, what the users require, user needs and application expectations along with KPIs need defining and assessing for a review at a later time. Mobile technology devices such as smart phones, mp3 players and tablets that feature video calling and integration with Social Networks for the always on people presents big data challenges that will require a management and control strategy as part of the mobile governance framework.

Initiating a mobile center of excellence designed to optimize the use of corporate resources will smooth the progress towards the best chance of success. The Center should have the responsibility for developing standards, communication, planning and performing quality assurance for mobile application development. It should consist of representation from business units, IT and operations.

As we have seen in our personal mobile life, mobile is a rapidly evolving technology, it is important to plan for obsolescence. Organizations should adopt the same replacement plan for mobile as for server and desktop and vendor selections, with dedicated resources for rapid mobile application development.  Not to forget mergers and acquisitions in the vendor space will impact mobile deployment and use.

A strong policy is essential for governing the use of mobile technology and devices, whether BYOD or corporate investments. Out-of-the-office-by-design access is nothing new; resources have changed as well as the hosting platform – the Cloud, which presents a change in how technology is used. Other than the usual policy content describing  proper behavior and stipulating what may and may not be done and for when people leave the organization, mobile policy should address where a device containing sensitive data can be used, as-need-usage, cost and reimbursements, types of devices supported by the organization and those that can be connected to enterprise information sources to retrieve information through controlled ports, exceptions, unsupported devices and if data is stored on the device or server side, etc. As a part of policy it should include where in the IT department support will be provided.

Establish a comprehensive security policy to include a strong identity model. The risk of unauthorized tapping into wireless networks is higher with the borderless Cloud, stolen or lost devices is a high risk area, leak of sensitive company data creates legal liability or an employee is injured using a supported device. We have heard or read that cell phones can cause cancer or damage to the brain, do not think for one minute that a disgruntle employee will not try to take advantage.

A policy must be enforceable and either eliminate use or force compliance. As part of governance the policy must clearly communicate the organization’s stance on mobility; permissible use, sourcing, charge-back, standards for devices and usage, support and service levels and security, etc.

Deploying new technologies are always a challenge, managing and controlling are a greater challenge.  Mobile devices are literally moving targets, making control a potential nightmare. Having a guiding framework and operational policy are jump-offs for developing a control process. A control process has a continuous flow between measuring, comparing, and action, with key result areas and success indicators, also known as KPIs. The four steps in a control process are establishing performance standards, measuring actual performance, comparing measured performance against established standards, and taking corrective action. The mobile deployment just as any other service has to be monitored regularly to ensure effective utilization of resources and return on investment.

%d bloggers like this: