Bio: Matthew Carrier is director of product strategy for AirWatch, a global leader in mobile security, mobile device management (MDM) and mobile application management (MAM). Carrier brings more than 10 years of international sales, implementation and technical support expertise for mobile device management and security platforms to AirWatch.
Prior to joining AirWatch, Carrier was a senior mobility systems consultant for Sybase, an SAP company, where he managed customer engagement and served as a technical resource for the sales process.
Previous to Sybase, Carrier was a technical services team lead for Extended Systems UK, where he acted as lead technical services engineer and provided product support and consulting services to enterprise organizations.
Carrier earned a Bachelor of Business Science degree in management information systems from the University of Iowa and is a Microsoft certified systems engineer.
AirWatch is the global leader and innovator of enterprise-grade smartphone security and mobile device management solutions. Positioned in the Leaders quadrant of Gartner’s Magic Quadrant for Mobile Device Management Software 2011, AirWatch helps to deploy, secure, track and manage an enterprise’s entire fleet of Android, Apple iOS, Blackberry, Symbian, Windows Mobile and Windows 7 devices.
AirWatch offers the industry’s most scalable and flexible deployment options with Software as a Service (SaaS), appliance or on-premise solutions. AirWatch has more than 1,500 global customers in the retail, financial services, healthcare, government, distribution, education, hospitality, manufacturing, telecommunications and transportation industries.
NTT Com: The increasing need for mobility has brought up myriad device management and security issues for IT professionals. What do you see as the biggest challenge for IT pros as business becomes more mobile?
Carrier: My personal take on it is that it is adapting to the rate of change. In mobility today, you have a tremendous and rapidly growing number of operating systems out there — Android, iOS and BlackBerry. And there are an increasing number of operating systems and variants within each system. You have rapidly increasing opportunities for data leakage outside the organization with features like the iCloud and other public cloud offerings like SugarSync, Box.net and Dropbox. In my mind, IT’s ability to adjust to these rapid changes in the consumerization of mobility is the biggest challenge.
Historically, organizations attack mobility in a fragmented manner. For example, an enterprise may support BlackBerry devices with a BES server. Then they hop over to Exchange ActiveSync or Lotus Traveler to manage another subset of those devices. Finally, they may have a third system such as Microsoft SCMDM (System Center Mobile Device Manager) or a legacy Windows Mobile provider. There are a lot of tactical solutions and fragmentation in the management market, which creates a true need for an all-inclusive enterprise mobility management solution – that single pane of glass through which they can manage the mobility of the entire organization effectively and securely.
NTT Com: How well is IT managing the various devices and applications that are available for mobile tools?
Carrier: That space is moving very quickly too. If you look at it historically, mobile device management (MDM) has been used as a catch-all phrase to encompass everything mobile. But when you start taking a deeper dive into mobility, there are components of security, application management, content management, wireless expense management and the help desk. Mobile device management is just one of the components. The answer to address these moving pieces is to have a solution in place, such as the AirWatch platform, that allows you to get your arms around each part of the six items I mentioned.
NTT Com: How well do companies understand the risks posed by data loss through mobile devices with access to corporate data?
Carrier: Let’s take a step back to first talk about companies that aren’t using AirWatch, and how they get to the point where they determine that they need a solution. Mobility has taken us by storm. We were a BlackBerry-centric nation for years. As devices that run the Window Phone, Android and iOS operating systems came into the enterprise, IT began to enable technology such as Exchange ActiveSync and Lotus Traveler. Extending wireless email is the entry into mobility; and IT kept a watchful eye on it. They have security governance policies in place and understand what data loss can mean to the company. But it isn’t until they hit a critical mass of 20 or so users that IT realizes they really need to get mobile devices, applications and content under control. As a result, IT begins the process to understand and evaluate the assets that are connecting to their corporate resources and then starts to apply and maintain security policies, all while continually monitoring these mobile devices to ensure that they are under compliance. Loss of data from a corporate system could cost a company quite a bit of its corporate livelihood through financial and legal penalties.
So I think companies understand it well as it pertains to internal data loss protection. However, it hasn’t been until more recently that enterprises began paying more attention to what that looks like for mobile overall. And mobile strategies involve more than just putting an MDM solution in place. There needs to be constant awareness of technology changes and third-party open-end tools such as SugarSync or DropBox.
NTT Com: What type of policies should companies apply to ensure mobile devices are secure?
Carrier: It’s increasingly important for companies to apply to mobile endpoints similar policies that are applied to items like laptops and desktops. This includes password compliancy, encryption strategies and data loss prevention strategies. Companies should do everything they can to limit the number of mobile operating systems they support. This step helps to ensure fewer problems when a device is lost or stolen.
NTT Com: How does AirWatch, for instance, help an IT department make this happen?
Carrier: Our tool is critical throughout the entire mobile device cycle, from initial deployment of the device (whether it is a corporate-liable device or personal-liable device that is being provisioned), to ongoing management (which could include the configuration of settings for email, Wi-Fi or VPN, and the deployment and removal of applications), to ongoing monitoring of the device to ensure it hasn’t been compromised (which includes things like jailbreak or rooting).
We offer three different delivery methods. Our solution is available in the cloud. IT organizations can procure our software per device per month basis. We have an on-premise installation too, which is typically installed behind the firewall into the company’s existing enterprise system such as the Windows 2008 server. And we have a Web-based interface that allows IT staff to manage a device through its lifecycle.
One of the trends we’ve seen is toward cloud-based management solutions for mobile. More and more organizations are embracing Software as a Service (SaaS). Often this is because of the challenge I mentioned earlier, of keeping up with the quickly evolving mobile market. With the SaaS option, we have the ability to update the offering more quickly than some other organizations. For companies that have archaic change-management policies, it can take months to get approval to make a firewall rule change or to apply a new update. However, the ability to secure iOS 5 and to ensure the data isn’t going into the iCloud, for example, may be needed in a week’s time. We’re finding that SaaS is a very nimble offering for customers.
NTT Com: Have you seen examples of good ways to deal build BYOD policies that provide employee choice and while managing IT workloads and company risks?
Carrier: Our professional services organization is adept at creating these mobile governance strategies for enterprises and their IT group. We work with our customers and have sample frameworks that we can provide to explain best practices around BYOD as it pertains to a particular organization. Each organization will have different requirements for BYOD. For example, if you’re a government organization with federally mandated encryption requirements, your view of BYOD strategy and the types of things you are going to leverage will be entirely different from that of a 500-person manufacturing organization, which may not have any regulatory requirements to consider.
NTT Com: How can a company make sure their BYOD policies are keeping pace with the rate of change in mobile communication?
Carrier: The key to stay current with BYOD policies, once they are in place, is to revisit them at least once every six months. And not just revisit them, but also to make sure the policies are well documented and shared with the end-users. When you look at enterprise mobility management, it’s critical to have a tool to help manage the different components. But it is equally important to help end-users understand that security is a mutual responsibility. When a company extends access through a very mobile remote endpoint, there is mutual liability. So, revisiting it on a semi-annual basis and making it very well publicized helps immensely.
NTT Com: How can companies successfully manage and support both devices that are company-owned and those that are owned by the employee?
Carrier: Part of enabling any BYOD strategy is ensuring that is meets the needs of both IT and the end-user population. If it doesn’t meet IT’s need, it won’t be implemented. If it doesn’t meet the end-users’ needs, they are going to find a way around what you are holding them back from doing. For example, if an enterprise doesn’t enable real-time email through Exchange or Traveller, employees may use local synchronization and forward emails to accounts like to Yahoo or Gmail. The challenge is to create a blend that is mutually acceptable to both IT and the end user. If it isn’t, it’s not going to be a policy that you can maintain in the long run. If you look at companies that are only supporting BlackBerry today, and they are few and far between, you find users who are going around the IT organization to get access through their iPads or Galaxy tablets. AirWatch provides IT the tools to successfully apply policy to both company-owned and personally-owned devices from the same administration console. These policies can range from security settings, configuration settings, applications deployment, to the separation of corporate from personal data on that device.
NTT Com: The vast array of devices being used for business can make it difficult for IT professionals to support all platforms. How do you suggest companies handle this?
Carrier: As you look at mobile operating systems today, it is a matrix of support capabilities that are offered on each device. The IT department has to do a lot of research on the front-end to determine the right mix of devices for an organization’s needs. You have to consider what each device is capable of and how you can secure the device. Then you can decide that your organization will support different devices at different levels. Some may only have access to email while another, which lets you drill deeper into the device to set policies, may have email and additional capabilities such as VPN, Wi-Fi and access to corporate back-ends and applications.
NTT Com: Are there mobile security issues IT has overlooked?
Carrier: I feel like IT keeps a watchful eye over the major issues with mobile security, but there are issues that they haven’t been forced to address yet. Smartphones are easily left behind in taxis and at restaurants; they fall out of pockets and are high-value targets for thieves. So in this case, the problem becomes protecting that end-point and the potential for it to have information on it that is outside the organization’s understanding, like information that may have been synching from a desktop to some of these pubic cloud offerings. It’s one thing to do a mobile wipe of a device, but that won’t erase information that has been synced to a cloud. I think organizations are watching over these issues, but have not been forced to address them yet. We are on the cusp of the point where they will have to address this.
AirWatch helps with data loss prevention. We create tools that allow you to watch for applications, warn users when they install applications and can even enable IT to remove applications that aren’t allowed. Even in a BYOD atmosphere, there have to be some concessions on each side. If you’re going to access corporate data on your device, you have to at least abide by certain rules. Right now, there really is not an industry standard for content synchronization to enterprise mobile devices.
NTT Com: What do you see as the next big development in how enterprises approach the management of mobile devices?
Carrier: I believe 2012 will be a big year for mobile application management. For the last three years, companies have been looking for BlackBerry Enterprise capabilities for the rest of the mobile world. About half of U.S. organizations have implemented some kind of MDM solution, whether it’s BES or a solution like AirWatch. Now that companies have their management infrastructure in place, they are focusing on using it to deploy mobile applications that make their business more efficient. As these applications and their capabilities increase so does the need to effectively deploy, configure, manage and secure the data within those applications.