Forrester predicts there will be around 1 billion smartphone/tablet users by 2016 and of this 20 million will use it for official purposes. This will increase the pressure on the IT department in managing the mobile devices in the enterprise.

So how can your IT team ensure the mobile devices are managed and secured along with its data?

The answer is to formulate a Mobile Device Management (MDM) strategy. This strategy will be the key component to provision, manage, monitor and secure the mobile devices on the enterprise network. Keep the following elements in mind while formulating a MDM strategy for your enterprise.

• Mobile asset inventory: The inventory should contain the list of the devices managed in the enterprise (the device ID, hardware model, OS version), how they are classified (who is given which device with its configuration details) and related assets like adapters and external memory.
• Software Distribution: It is not enough if the device is tracked & configured physically, the software used in the device should also be tracked & configured. Typical activities include configuration of the type of applications the device will use; whether the software will be pulled by or pushed to the device; application maintenance like updates/patches should also be considered.
• Security Management: Security of the device and the data is very critical for the enterprise as the data could be sensitive and vulnerable. User authentication, Password policy enforcement, Remote configuration management, data encryption and tracking, Backup and synchronization ensure that the device and the data are protected.

End Consumers: An end consumer expects personalized service, minimal learning, good level of security and privacy of the data shared, interoperability between various networks, devices and the financial institutions, minimal cost of usage.

Merchant: Merchants expect quick transaction time of the application, minimal cost in using the solution/application, easy integration into the existing system, high level of security, certain degree of customization, real time status of the payment.

Financial Institutions: Expectations include network operator independent solution, application as per designed by the bank, exceptional branding opportunities for the institutions, ability to handle volumes of transactions and ensure customer loyalty.

2011 has been witnessing the Mobile Device Management (MDM) approach. The MDM approach allows organizations to take complete advantage of the device given to the employee by the organization. The MDM is more policy oriented i.e. it depends on the policy of the organization in handling its mobile devices. It is about configuring the mobile devices and making sure that the IT policies that have been set up remain intact, as well as monitoring the overall status and health of the device.

It is the Mobile Application Management (MAM) approach that will be witnessed in 2012 with the Bring Your Own Device (BYOD) program heating up the mobile space. The MAM approach is about managing applications on any mobile device. It is about managing the strategy and process around developing/procuring, securing, deploying, accessing configuring, updating and removing business/enterprise applications from mobile devices used by the employees. IT departments have a lot to keep in mind: identify employee-owned devices on the network; selecting recommended platforms for users; provisioning devices for secure access and centralized monitoring (whether company or employee-owned); dealing with lost or stolen devices; easily wiping corporate data from employee devices; coordinating volume purchases from public app stores and publishing in-house apps.

So, if you are into the BYOD program, then MAM is for you!

The unique challenges in testing mobile applications arise from the diversity of the device environment, hardware and networking considerations, and Rapid Application Development (RAD) methodologies. Following are some of the unique challenges when testing mobile applications.

• Different screen sizes of the mobile devices makes rendering of images and positioning of elements on the screen unsuitable. Exhaustive user interfaces (UI) testing is necessary to ensure compatibility of the application
• Testing programs should ensure that applications deliver optimum performance for all desired configurations of hardware. This is because the processing speed and the memory size differ between mobile devices.
• Network latency (time taken for data transfer) will be unpredictable when applications communicate over network boundaries, leading to inconsistent data transfer speeds. Testing should measure the performance of applications for various network bandwidths
• Rapid Application Development (RAD) methodology reduces development time, indirectly pressurizing the testing team to reduce the testing cycle time without compromising quality and coverage
• Use of emulators during testing is beneficial at initial stages of development and when the application is device independent. It is better to use the actual device to validate the results.
• Diversity in mobile hardware and platforms imposes testing programs to incorporate GUI (Graphical User Interface) and compatibility tests

Authentication and the network type in which the mobile devices operate go hand-in-hand. For every type of the network connecting the mobile device, the authentication happens distinctly. Following are some scenarios how authentication happens in different networks:

Network Type: On Site Wi-Fi

Authentication Process: The authentication occurs just after the association of the device and the network, before getting the IP address. Networks with Wi-Fi Protected Access (WPA), suited for Enterprises, allow authentication of different types (passwords/digital signatures/biometric techniques). This type has geographic restrictions limiting the device’s access to the Wi-Fi network.

Network Type: Internet Protocol Security (IPSec), Secure Sockets Layer (SSL) or Mobile Virtual Private Network (VPN)

Authentication Process: In any of the cases, the authentication happens just when the channel is established between the network and the device. Use of advanced versions or integrating the standard network options to external authenticating servers provide a good control of the network and the device used in that network. This type does not have any geographic restrictions and hence the mobile device can access the network from anywhere.

Determining the choice of the authenticating suitable to the organization will create an impact on the mobile device usability and the network security