10 key practices for moving beyond RIM's BlackBerry Enterprise Server

Credit: Hello Turkey Toe via Flickr

Earlier this week, RIM announced that it will launch BlackBerry 10, the company's next generation mobile OS, on January 30. It will also unveil new smartphones built around the new OS. RIM stopped short of giving any details about when the new phones will hit stores, what hardware features they will offer, how much they will cost, or which carriers will offer them. The company has previously said that it is working with 50 carriers to test BlackBerry 10 devices on their networks, but it declined to give any specifics like the countries or regions that those carriers cover or the types of networks that they use.

The BlackBerry 10 launch is widely regarded as the company's last chance to reinvent itself and remain relevant to the consumer and business facets of the mobile industry. Despite once being the top smartphone for business and professional use, RIM failed to see the sea change that the iPhone represented and the BlackBerry has since been out--innovated by virtually every other mobile platform including iOS, Android, Windows Phone, and even the now--defunct webOS.

The rise of bring your own device (BYOD) programs and demand from workers and executives for options like the iPhone and Android device helped create a steady movement away from the BlackBerry in corporate and government circles ---- both key customer bases for RIM. That movement also coincided with increased enterprise management and security capabilities in both iOS and Android, making the decision to abandon the BlackBerry easier for many organizations. The end result is that RIM has gone from dominating the global smartphone market a few years ago to accounting for only 9.5% of the market this time last year and now just makes up 4.3% of the market according to IDC.

RIM has pinned its future on the BlackBerry 10 platform. If it fails, RIM as we know it probably won't exist for much longer. The concern that RIM might go under, along with the high--profile outages that plagued the company over the past year and a half, have led many IT leaders to reconsider any remaining investment in BlackBerry--related infrastructure. RIM's own admission that BlackBerry 10 will, at least initially, require different enterprise tools for security and management than the current and long--standing BlackBerry Enterprise Server (BES) has only fueled those concerns.

A survey conducted this summer by research firm ThinkEquity found that 70% of IT managers were planning to abandon their BES infrastructure within two years. Half said that they were planning to switch to alternative solutions within one year.

For organizations that have been die--hard BlackBerry shops, the challenges of supporting multiple platforms, ensuring security, and making the actual transition away from the BlackBerry and BES can seem daunting. There are, however, some key practices that can make the process go smoothly.

Here are ten of those key practices.

1. Determine bottom--line security needs. Extremely high levels of security helped establish the BlackBerry as the top choice for many organizations and policies that lock down handsets, apps, and specific capabilities are among the most commonly used of the 500+ management options enabled by BES. A chief concern in many fields is the ability to secure devices and data, particularly in highly regulated fields like finance, healthcare, government, and defense. While other platforms may not match the extreme security and management options available to BlackBerries paired with BES, they often can meet core requirements.

In determining your baseline security needs, you'll likely discover that some BES policies are overkill for your organization. That was one of the realizations that the IT team at Nemours healthcare discovered as they migrated hundreds of users from BlackBerries to iOS devices. You may also find that effectively securing data on BlackBerry and non--BlackBerry devices through processes like containerization reduce the need to lock down the device itself.

That said, some organizations will still have extraordinary security needs. Defense contractors and government agencies require mobile devices (as well as desktop and notebook computers) to demonstrate compliance with specific standards like the FIPS 140--2 cryptographic certification.

2. Decide whether you will encourage a BYOD or corporate--owned approach (or both). BYOD programs have gained remarkable ground in the past couple of years, but they aren't appropriate for every organization. As you consider whether to adopt BYOD while transitioning away from a reliance on RIM's solutions, you need to understand what you want to gain from BYOD ---- potential cost reduction, employee satisfaction, higher productivity, workplace flexibility, and so on. Understanding the perceived gains and forecasting whether they're realistic or not is crucial to successfully implementing a BYOD program.

If you opt against BYOD, you still have options that can raise employee satisfaction and productivity. COPE (corporate owned, personally enabled) programs offer users some choice from a predetermined selection of devices known to meet security, management, and app requirements. In addition to allowing flexibility in device choice, COPE programs encourage users to personalize their devices and use them for non--work purposes that can include personal email and social media, personally purchased apps including games, and taking photos or videos. Employees may even be allowed to purchase their device when leaving the company -- without any business data on it, of course. The overall result is similar in user experience to BYOD but in a more controlled and easily supported model.

Of course, there's also the option to continue with a more traditional corporate purchased and highly managed approach. In that case, you're essentially substituting another device like an iPhone for a BlackBerry, but significantly restricting its functionality. That can be effective in many situations, but it often limits user satisfaction and flexibility -- both in the office and on the road. This may encourage users to continue the BlackBerry era tradition of users maintaining two devices -- one business and one personal -- complete with the possibility that they will use the unmanaged personal device for work tasks if management is too restrictive.

3. Familiarize yourself with the mobile management and enterprise integration capabilities of other platforms. The majority of mobile management solutions on the market can manage BlackBerries as well as other devices like iOS and Android devices. They probably don't offer the same management and security policies on each platform. In some cases, they may not offer the same set of policies across different versions of a single mobile OS -- an issue most common with Android because of the wide variety of devices and range of Android revisions on the market. In deciding to move away from RIM's product line, it's critical that you understand what security and management options will be available on other platforms so that you can plan your management and security strategy effectively.

4. Select the platforms that you will support and how you will support them. With a handle on the different platforms, OS revisions, and devices on the market, you need to decide which ones you will support once you expand beyond just BlackBerry handsets. This decision is pertinent whether you plan to implement BYOD, COPE, or a more traditional device deployment.

Part of that decision goes beyond simply saying yes or no to a device. Because of the variety of devices, security features, and other market variables, you're almost certain to end up with some devices offering broader security features than others, particularly if you move to a BYOD model. That means that you'll end up with varying levels of device and data security and that you'll need to plan how much support or integration with enterprise systems you'll allow. You may be okay with letting any device peruse a corporate contacts directory. You probably won't be okay giving access to corporate file shares to an older low-end phone that doesn't support full device encryption.

5. Choose between a single one-time switch from BlackBerries or a staggered migration. Many organizations may be looking to move away from RIM's BES and other services like BlackBerry Messenger within a year or two, but that doesn't mean they're planning to get rid of BlackBerry devices in that same time frame (or at all). Since most mobile management suites support BlackBerry management, it's possible, though perhaps not desirable, to maintain BlackBerry support indefinitely.

That means you have the option to slowly wean your company off of RIM products. Users content and comfortable with their BlackBerries can continue to use them while you add support for additional platforms and alternate devices.

Supporting legacy devices and systems indefinitely is almost never an ideal IT decision, however. There are a range of reasons that you might want to make a clean break with the BlackBerry immediately or over time. One reason is feature parity -- beyond RIM's current troubles, many companies and government agencies have cited a lack of features or apps as a major reason for switching to alternate platforms. If that describes your organization, you may want to consider an end date for BlackBerry support -- either in the immediate future or a year or two down the road.

6. Review the mobile management suites on the market and select one or more BES alternatives. The most important decision a company makes in transitioning away from the BlackBerry-BES model is choosing a mobile management solution (or multiple solutions) that will deliver the fundamental device, app, and data security -- or, put another way, the choice of a BES replacement. All of the practices listed above should inform this decision and it isn't a decision to be made lightly. There are dozens of individual vendors and sometimes the best option is a combination of products from different companies. You'll want to review the functionality available from each and consider how it fits into your needs and strategies.

Keep in mind, that while many of these solutions can secure and manage BlackBerry devices, that doesn't mean that they offer the same level of management or specific policies that BES does. If you expect to be supporting BlackBerry devices for a significant length of time, you'll want to asses how various products approximate your current BES infrastructure.

7. Develop a crash plan in case RIM goes belly up or experiences serious service failures before you complete a transition. What happens if RIM falls apart more quickly than anyone expects? That could mean a complete collapse of the company and its enterprise services like BlackBerry Messenger or it could mean outages like those the company experienced last year, except potentially more severe and for more extended periods.

Rather than being surprised and potentially forced to replace RIM services with little or no planning, the better option is to develop a general contingency plan in advance. That plan might mean speeding up your existing efforts, or it might mean looking for stopgap solutions that will work for BlackBerry and non-BlackBerry users. TigerText's secure multi--platform messaging system could be put into service to replace BlackBerry Messenger in a pinch, for example. Whatever the process is, it should be considered as a way to put out fires and regroup rather than a complete rewrite of your overall plan.

8. Partner with workers, managers, and executives from every level and division within your company for pilot testing and mobile strategy development. This is good advice for every company riding the wave of consumerization, but it may be particularly advantageous for organizations experiencing a cultural as well as technical transition. Engaging the full range of users and stake holders makes it possible to get ahead of trends like unmanaged personal devices and consumer clouds in the office and really assess the needs of users. That enables IT to develop or invest in the best possible solutions and it establishes a new relationship between IT and other business units. As many companies have already seen, that relationship can be an incredible benefit for everyone involved.

9. Revise existing technology and mobility policies to accommodate your new focus. Reviewing and revising policies relating mobility is another piece of advice that applies to any major change in technology within an organization. If you are making major substantive changes like the implementation of BYOD, COPE, support for public app stores, or cost-sharing with users, you will almost certainly need to make significant policy changes to ensure that the rights, privileges, and responsibilities of both employees and the IT department are clearly delineated and explained.

In addition to an IT review, it's important to involve the legal, human resources, and finance/accounting departments in the process. Moving to personally owned or personally enabled model has significant impact on the relationships between employees and their company and impacts each of these areas. Including these departments in the initial policy review process ensures that polices are developed from a well rounded perspective and that they address any potential liability or cost issues. 

1 2 Page
From CIO: 8 Free Online Courses to Grow Your Tech Skills
View Comments
Join the discussion
Be the first to comment on this article. Our Commenting Policies