How to Ensure No Funny Business with your IT Governance Strategy (Case Study)

Enterprise

accountantchimp_LargeWhat is the right thing to do when your C-level peers ask you to swap your mobile fleet (devices) and tools for something they fancy? Mobility is fraught with appeals to emotion, and may appear decisively non-strategic in its impact. This makes it the ideal test bed for your organization’s ability to make the best and most-rational IT decisions.

To see how this can play out, we can look at an organization that has dealt with such pressure with an astounding level of effectiveness. I heard the details first hand from the CIO of a UK healthcare services provider at a government event in November, 2014 in Canberra, Australia.

User experience obviously impacts productivity. It’s more difficult to measure the impact of Enterprise Mobility Management (EMM) on end-user productivity. It also takes a lot of work and judgment to identify and quantify related risks. But enterprises need one more thing to avoid turning their mobile ship into a mobile Titanic – solid IT governance. Without IT governance, decisions are often made at the wrong level of the organization, and with a short or narrow view of how the solution impacts the business as a whole.

IT governance provides a framework that a CIO can use to communicate the trade-offs to senior leaders, who can then decide on the best approach. The CIO will need to present the big picture to senior management, the good and bad in any mobile scenario they are considering. Mobile devices are very personal and everyone has their favorite brand, so there are often strong biases towards specific platforms. Strong IT governance helps senior management focus on the facts.

Here’s an Example of Good IT Governance

This scenario played out at the UK healthcare solution provider above at the beginning of 2014. Senior management and power users asked (demanded) the CIO to change the mobile solutions and support their personal devices at work. They were ready to consider the complete swap of smartphones and MDM provider, and even to implement BYOD. The CIO conducted an assessment and trial which included MDMs, containers for BYOD, as well as handheld devices with native OS containers for work and personal use on the same device. Knowing that user satisfaction would be critical, he assembled a team of end-users who participated in the trials and tested all of the smartphones and MDMs in the typical use cases.

It’s important to note that end-users were asked to test the solution in continuously alternating work and personal use cases, an accurate reflection of how most people use their smartphones. The frequency of switching between the two contexts and the speed at which they could accomplish their tasks, was the key to uncovering how well the solution supported intensive work and personal use.

The CIO documented the findings in a report, including the cost, risk, productivity, application development fit, and critically, the end-user feedback on usability and performance of each approach. He debriefed his board on the findings. “Were the results in line with their expectations?” I asked him. “No, not at all. They were surprised with the report results, particularly the cost and risk levels between different platforms,” he said. “Ultimately, they decided against what they asked me to do in the first place, and chose what made the most sense to the business.”

The board voted for a corporate-owned solution with an integrated end-to-end security model and a native OS container for work and personal use. “The user feedback and long-term cost estimates were the key,” the CIO admitted. The solution met both the end-user requirements and the IT and risk management strategy.

Strong IT governance helps corporations make better decisions, and can be priceless in these types of situations. However, governance alone is not enough. In order to truly implement effective mobility, the CIO must take stock of a complex network of interrelated factors. These factors are discussed in greater detail in The CIO’s Guide to EMM, found here.

About Sinisha Patkovic

VP Security Advisory. I lead a global team with the remit that the BlackBerry security product offering remains relevant to both commercial and public sector organizations’ evolving set of needs. I have been working on secure communications projects with many Federal Governments and I have been actively engaged in the dialog on emerging issues spanning cyber-security, e-commerce, and privacy.

Join the conversation

Show comments Hide comments
+ -
blog comments powered by Disqus