Integration's Secret Weapon for Dealing with BYOD

Loraine Lawson
Slide Show

BYOD: User Policy Considerations

Questions and key points companies should consider when establishing BYOD policies.

Surely I'm not the only one underwhelmed by the BYOD (bring your own device) hoopla. Haven't you been dealing with this for, oh, almost a decade when people started using their own laptops and home PCs?


Of course you have. Let's face it: The problem isn't me with my Windows-based, ultra-light (and mobile) laptop. Enterprise IT knows about that, from dealing with security to accessing back-end systems.


No, the problem isn't people using their own devices. The problem is people are using devices like phones and tables, with their spare mobile operating systems to connect to enterprise resources.


Nobody likes to admit it, but IT is woefully behind consumer tech and often clueless when it comes to dealing with mobile software and operating systems. That's the real issue here.


Surprisingly, it seems IT may be able to take a page out of the integration playbook to deal with the BYOD dilemma.


A recent post on GigaOm argues that APIs (application program interfaces) and API management solutions could be the key to mediate the problems between the old world of enterprise apps and the brave new world of BYOD.


OK, I admit that APIs aren't, strictly speaking, only an integration solution, but they are used for Web integration, as I've shared previously, and are one way to achieve what Dion Hinchcliffe calls lightweight integration.


And I'll grant you the GigaOm piece isn't unbiased. On the contrary, it's written by Matt McLarty, the vice president of client solutions for API management company Layer 7 Technologies. But hear the man out before you dismiss this as marketing hype.


He recounts the adventures of two companies - an airlines and an electronics company - as they tried to make enterprise applications mobile. Suffice to say, their first attempts went awry, so they tried using an API as the border between the presentation (mobile) layer and the logic (enterprise-based) tier. This allows you to design for mobile OSes, while still utilizing your enterprise systems, he explains.


APIs can also be used to address compliance and security concerns, he writes:

This API proxy plays a dichotomous role. It opens and eases integration with enterprise APIs, and it enforces the policies that check user identity and control access to backend resources and data. Due to the mixed personality of BYOD devices - business and pleasure - no API request message can be trusted outright. Identity must be checked using any number of principals - app, device, end user - and weighed against the requested assets.

And, as an added benefit, it so happens that APIs are a great way to address the integration challenges of moving enterprise apps to mobile platforms. That said, I'm not sure I agree with his point about this being a "developer-driven approach to integration" that is seen as "a refreshing shift from the current SOA state " Actually, I'm not even sure I understand what he means by that.


Still, it's a viewpoint worth considering as you consider how to incorporate BYOD and mobile devices in general into the enterprise.


If you can't beat them, you might as well integrate them, right? And when it comes to BYOD, the research suggests you can't beat 'em: Within two years, Gartner predicts 90 percent of organizations will support corporate applications on consumer devices and 80 percent of professionals will use at least two personal devices to access corporate data.

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.


Add Comment      Leave a comment on this blog post
Apr 10, 2012 10:21 AM Matt McLarty Matt McLarty  says:

Thanks Lorraine for the analysis.  I lived through SOA from its inception, and I found it to be driven primarily by enterprise architects (like me) who needed to reign in the enterprise developers and get cooperation in order to benefit the overall enterprise.  This was a big challenge, since budgets often lived with those developers and their corresponding LOB's.  As a result, SOA Governance was oriented from a top down, architect-as-judge-and-jury perspective.  By contrast, the user experience needs of mobile shifts the balance of power further to the app developers, so API management has more of an incentive-based approach: make your API understandable and attractive and apps and their developers will use it.

I hope that clarifies it (but maybe it confuses it further ).  Thanks again for reading!  ...Matt

Apr 10, 2012 10:42 AM Loraine Lawson Loraine Lawson  says: in response to Matt McLarty

I see. That makes sense. Thanks for clarifying!

Apr 11, 2012 10:40 AM David Bressler David Bressler  says:

Hi Loraine,

I'm not sure that using API's excludes a SOA architecture. In fact, even that "conversation" distracts from the main point.

I should write a book (it would be a comic tragedy) on the stories I hear about how woefully inadequate IT is to handle this sort of stuff.

While I believe API's are the answer, the real solution will only come from IT departments willing to deploy custom applications that are targeted at specific user behaviors. Why do I use one app, and you another? Personal preference maybe. Or, I like that the app does something one way, you like it another. That attitude simply doesn't exist in corporate IT where one-size-fits-all.

Matt, I found your article had a critical insightful point... the point you made about the airline employees who chose not to use a clunky app. That's unusual. I can't imagine my grandfather deciding to use a different sewing machine than the one they gave him to do his job. (Sure, I'm exaggerating melodramatically, but you get the point).

My company is a case-in-point. We're an integration company, yet we use the off-the-shelf Salesforce.com UI. Without saying anything private or negative about my employer... I will say that if you need to "train sales engineers on a UI" it's the UI that's broken. This is not an unusual situation. Companies simply can't afford to write all the apps they need to run their business. I'm not sure what the answer to that is (If I knew, I'd be working there).

Anyways, really well written perspective. I enjoy your writing.


Apr 23, 2012 4:45 PM monica duress monica duress  says:

Mobile device usage is like ants marching. You can't stop it. So true. This is how I explain the Bring Your Own Device (BYOD) issue to upper management.

This is a big issue in the healthcare industry, where HIPAA and patient data confidentiality can lead to major law suits for loss or unsecured use of data by mobile devices.

The problem is that the data is on the BYOD device, and if it is lost or stolen, then the data can be accessed.

The problem is that the large centralized BYOD systems are expensive and very restricting for the users.

Like ants, we can't stop doctors and nurse from emailing or texting confidential patient data from their smart phones and iPads.

Instead, we try to provide them with tools to help them keep the data secure.

Example, for text messaging we got all the doctors to use Tigertext, which is HIPAA compliant since it is a secure closed network that works on most smartphones, and deletes the text message after a period of time. At $10 a user it is very cost effective and saving the hospital from millions in law suits.

May 1, 2012 10:04 AM arif asif arif asif  says:

Good idea ..



Post a comment





(Maximum characters: 1200). You have 1200 characters left.




Subscribe Daily Edge Newsletters

Sign up now and get the best business technology insights direct to your inbox.

Subscribe Daily Edge Newsletters

Sign up now and get the best business technology insights direct to your inbox.