Over the last couple of years, many of us have begun feeling as if “security” is the only issue of concern we hear about. And if it’s not security, it’s some other management issue that is slowing or even stopping the widespread use of mobile devices in corporations. The fact remains, however, that in the current business climate it is imperative that companies have a pervasive security and management strategy across the corporate network. Without such a strategy, not only do they risk all kinds of security threats, they also don’t receive the expected levels of benefit from their investment in mobiles. Such issues have been addressed for desktops and laptops, however the trend toward “going mobile” in the workplace is creating a new level of security and management challenge for corporations.

The trend of providing both smartphones and laptop PCs to corporate employees has been growing steadily in recent years, with increased importance being placed on flexible working practices and executives and staff traveling around the globe more often. Recent research from Canalys has shown that 64 million smart mobile devices (smartphones and PDAs) were shipped worldwide in 2006, with some analysts projecting that as many as 100 million will ship in 2007. By comparison, 78 million laptops shipped in 2006. CIOs have taken steps to secure and manage corporate laptops, especially when they are connected to the company network. But most CIOs fail to take smart mobile devices into account in terms of their security and management strategies. While most companies recognize the importance of central IT security and management, and are implementing core strategies, it is surprising how many companies stop short at the four walls of the company’s building.

Smartphones may be virus scanned when connected on the premises (if they have an antivirus client installed); they may come under the rigors of IT management while connected to the network, but what happens outside the office? What happens when they are victim of that terrible human flaw, forgetfulness? Let’s face facts, all the good intentions in the world mean nothing if an executive simply leaves his smartphone on the train, also don’t forget the all too real possibility of theft.

Smart mobile devices link into the corporate network every day, and carry sensitive and confidential information. They are becoming more complex and sophisticated, with more memory and new capabilities and features. It is therefore vital that, like the laptops of remote workers, they become catered for as a part of the network and are subject to corporate management and security measures. Problems occur while employees are on the road far from the office; they can’t instantly bring the device back to the office to debug the problem and fix it. Corporate policy must pick up the slack.

Recognition of these issues is the first step in making sure the company’s assets and information are managed and protected. Enabling a full mobile device management solution will ensure that the employees’ smartphones are managed in a manner that is consistent with other IT assets. Necessary updates can be distributed over the air to everyone who needs them, regardless of where they are in the world, ensuring that everything works exactly as it should. Problems can be detected and fixed remotely, without requiring anyone to come back to the office. In an emergency, lost or stolen devices not only can be disabled but the data can be locked to prevent unauthorized access, or even wiped completely from the phone memory. Important information can also be backed up on a secure server; ensuring data is retrievable, protected and secure.

At present, the most common applications used by mobile employees include company email, Internet, company intranet, and calendar management. The use of these “core” applications in many companies is pervasive. New capabilities, ranging from sales force applications to custom-made corporate applications, are making these devices even more attractive for corporations. And it’s not just executives carrying them any more; smartphone use is driving into the ranks of middle management and staff workers. Managing these devices—configuring settings to ensure the applications work properly, updating or replacing applications and firmware, finding and fixing problems, securing the devices and the data on them, backing up critical information and restoring if something goes wrong, and so on—cannot be activities restricted to those occasions when the device is in the office. While it is fairly straightforward for IT departments to manage business applications that reside on laptops or PCs, doing this on mobile handsets presents a far greater challenge, as mobile devices and applications need “over the air” management, run on many different operating systems and may be connecting through a wide range of access technologies.

On the security front, mobile phone operators are already able to bar the SIM and stop expensive calls from being made from lost or stolen devices. However, a “smart” mobile phone differs from “ordinary” mobile phones in that it also contains a significant amount of memory—for example, a smartphone memory card can hold over 1 gigabyte of data. Mobile employees carry all kinds of information on these devices, from confidential announcements, to financial results and business in progress. A thief can still access this information even if calls have been barred. Losing any of this information, or having it fall into the wrong hands, can result not only in lost business, but a loss of trust between the company and its valued customers.

It is essential that companies have a corporate IT management policy in place that takes these smart mobile devices into account. It is vital that businesses acknowledge not only their importance and benefits, but also their management needs and security risks. And they are becoming critical business tools; being unable to use them while on the road can be a serious handicap for the mobile worker.

Effective management of the company’s mobile devices will mean faster uptake of new mobile applications, which, in turn, will lead to increased employee productivity at all levels. Recognition of the dangers associated with lost or stolen mobile devices is a good first step in ensuring data is protected and cannot be used to compromise the business. The next step is to make sure that policies and systems are updated to manage and protect data when it’s on the move.

The author is General Manager, Director of Operations, Mformation Software Technologies India