Predictions on what will happen during the year ahead – in sports, IT or telecommunications – are most useful not for their predictive value, but for what they really say about the situation at the time those guesses are made. Nobody knows what is going to happen, but what they think may transpire says a lot about how they feel about how things are.
That said, I agree with the predictions about mobility made by Michael Endler at InformationWeek. There probably are other items that he could have added to the list. The major takeaway – and the thing that Endler certainly got right, in my opinion – is that the industry will spend 2013 heavily engaged in trying to figure out how to manage and secure devices that essentially are outside of their direct control.
Endler didn’t say it quite that way, but it is simple to extrapolate it from his list. Four of the seven predictions he made (on mobile device management, mobile management and virtualization/cloud) to greater or lesser degrees focus on how to corral, tag and track mobile devices that are spending less and less time behind the corporate firewall.
The point is simple: Just about every major trend of the past few years: BYOD, distribution of applications on online stores, the increase of mobile device functionality, the rise of the tablet, the empowerment of the cloud and others systematically chip away at IT’s ability to control mobile devices.
The bottom line is that the goals of IT and security staffs on one hand and the rest of the organization on the other have never before been diametrically opposed. They are today. IT and security want control. Everyone else wants flexibility and ubiquity. Thus, just about anything vendors and service providers add to attract corporate users will make life more difficult for IT and security staffs.
For that reason, the overall story during 2013 will be how companies manage mobility. It will play a role even in those stories that are essentially about something else. For instance, another of Endler’s predictions involves HTML5. The ability to run enterprise apps via a browser and not natively (i.e., downloading the app from an online storefront) will impact, one way or another, how IT and security staffs approach security and the level which they eventually attain.
Of course, this all is good news to vendors, who exist in order to solve problems. A typical approach is for the bigger fish to swallow the specialized creatures that anticipated the issues and spent years developing solutions. And that is happening. For instance, Citrix’s acquisition of mobile device management (MDM) firm Zenprise closed on the first working day of the year, less than a month after the deal was announced.
The questions of openness versus control is laid out well in this Guardian piece that uses the example of the CEO returning after Christmas break with a new piece of communications gear that he or she wants connected to the corporate email. Writes Dave Boxall:
Then comes the dilemma. Option one: does the infosec manager risk their career prospects by saying an outright "no you can't"? Option two: do they attempt a re-education of the risks, knowing full well the response will be: "I know all that but this is important for my productivity"? Or option three: do they set a dangerous precedent and allow a connection knowing that the CEO mailbox is a treasure trove for thieves.
Of course, the three choices all have significant downsides. The idea is that during 2013 work will continue on the technical workarounds that blunt the sharpest edges of those stark choices. Progress will be made, but the basic questions will overtly or covertly impact essentially every move IT and security staffs make this year. Indeed, that is a prediction that almost certainly is bound to come true.