|
Microsoft has been developing software for mobile devices for more than 10 years.
In that time, the use of mobile devices at Microsoft has surged to over 40,000 users
across the Microsoft global workforce, from corporate operations personnel and executives
to the field staff that supports partners and customers worldwide. Devices running
Windows Mobile® software have become must-have work tools. Microsoft Information
Technology (Microsoft IT) has developed multiple strategies to manage the rapid
growth of mobile devices in the enterprise. These strategies include cost-effective
and streamlined procurement for mobile operator services, standardization on one
platform while making many devices available to users, support infrastructure enhancements
to improve productivity, and the establishment of strong security procedures to
help protect corporate intellectual property, critical business data, and other
enterprise information.
Mobility is an increasingly important part of many enterprise operations. At Microsoft,
almost half of the company's global employee base uses mobile devices, not only
for voice communications, but also for other important business tasks, such as connecting
to the network to manage e-mail and schedules and viewing work-related documents
on the Microsoft network.
Technological advances have spurred the growth of mobile devices. Software, such
as the feature-rich Windows Mobile software and Microsoft® Office Mobile applications,
helps deliver a desktop-like experience to small devices. Hardware improvements,
such as powerful processors, large amounts of random access memory (RAM), and persistent
memory storage to prevent data loss, contribute to the experience of using a robust
business tool. In Microsoft IT, new and enhanced features for remotely managing
mobile devices help protect enterprise data.
This case study examines how Microsoft is incorporating mobile devices into the
enterprise. It provides an executive-level overview of the ways the Microsoft IT
department manages important issues, such as: Selecting and contracting with mobile operators. Determining the kind of mobile devices that employees can use. Helping to protect enterprise information that resides on mobile devices.
This case study can help business and technical decision makers understand how Microsoft,
as a leading provider of mobile software, manages mobility within its own enterprise.
For more information about Windows Mobile and the enterprise, visit
http://www.microsoft.com/windowsmobile/default.mspx.
Situation
Microsoft employees have been enthusiastic adopters of mobile technology since the
launch of the original Windows® CE–based devices in 1996. Today, the company
employs about 76,000 people worldwide at more than 400 sites in 89 countries. Within
that workforce, employees registered more than 50,000 mobile devices with the company
during the first half of 2007. During that time, network monitoring showed that
about 41,000 active mobile device users connected regularly to a Microsoft Exchange
Server system.
Therefore, more than half of the Microsoft global workforce is in the field using
mobile devices to communicate and collaborate with customers, colleagues, and partners.
These mobile device users contribute to the more than 500,000 outgoing messages
sent daily.
As mobile technology becomes more powerful and versatile, people recognize how mobility
can help them get more work done during the day and respond faster to business issues.
Microsoft IT supports employee use of mobile technology and assists in the internal
beta programs for Windows Mobile software and for applications that are designed
for Windows Mobile.
In the past decade, Microsoft IT has faced significant challenges in helping employees
adopt mobile technology. The challenges are due in part to the fact that Microsoft
is often a test bed for new software and hardware. Because they work at a leading
technology company, Microsoft employees are often early adopters of new technology
products and are anxious to test the limits of a particular product or solution.
Along with enabling mobile technology at the user level, Microsoft IT is responsible
for incorporating the new technology into a PC-oriented enterprise. This responsibility
brings its own set of requirements and risks, from managing relationships with mobile
operators, to providing reliable but cost-effective support for users, to implementing
device management and security.
The early adoption and the subsequent growth of mobile technology at Microsoft have
presented challenges to the company's IT department. These fall into three broad
categories: Procuring carrier services
and devices. Procurement involves balancing different requirements. At the
corporate level, Microsoft needs to contract with mobile operators who can provide
high-quality service with good rates. The mobile operators must also give users
the support and flexibility to frequently upgrade to the latest operating system
or devices and purchase new or additional services. This requirement reflects the
Microsoft goal of giving users wide latitude to choose devices that best fit their
daily business needs. As a global organization, Microsoft faces different scenarios
depending on the country where it obtains mobile services. The company works with
four major carriers in the United States, but dozens globally.
Supporting users. Because
of the array of services and devices in the market, Microsoft faces a number of
support challenges: How does Microsoft IT provide support that balances the users'
needs and the needs of Microsoft IT to control costs? How can Microsoft IT implement
self-support tools to reduce calls to the Helpdesk? What policies does Microsoft
IT need to create in terms of the mobile technology that it will support? What input
or mandates does Microsoft IT give to users who are seeking advice about purchases?
What support should the company provide for new solutions and applications that
are designed for Windows Mobile, such as line-of-business software? Efficiently managing devices and
security. Mobile devices have unique requirements in terms of organizational
support. Historically, the devices have not had the same kind of built-in management
and security features and functions that enterprise desktop operating systems, such
as Windows Vista® or Windows XP Professional, offer. Also, mobile devices pose
increased security risks. People carry them all day and may leave them behind on
a bus seat or a cafeteria table. Devices that contain corporate contacts, personal
data, and enterprise information can be lost or stolen. This issue is critical because
users increasingly rely on mobile devices for managing work-related communications,
contacts, and data. Management and security capabilities for mobile devices have
improved exponentially—particularly with the introduction of Windows Mobile 6.0
and Microsoft Exchange Server 2007—but challenges remain.
Microsoft IT takes a leading role in meeting these challenges. This paper examines
the lessons learned since the original launch of Windows CE version 1.0
and the policies that Microsoft has implemented to manage the procurement, support,
and security of a rapidly growing base of mobile users and their devices.
Solution
To manage the surge in use of mobile devices, Microsoft IT is pursuing a multifaceted
strategy that covers the following areas of activity: Streamlining the procurement of mobile operator services while ensuring
that users have a variety of choices for which devices they want and the manner
in which they acquire the devices.
Working with mobile operators to develop innovative approaches for
service plans and contract liability that are cost-effective for Microsoft, are
flexible for its employees, and provide a good value for mobile operators. Offering new support mechanisms, including a self-help intranet site,
that help users while reducing Microsoft support costs—even as the number of mobile
users increases. Implementing policies and procedures that take advantage of the new
and enhanced security features in Windows Mobile 6.0 and Exchange Server 2007.
These activities will be described in more detail in upcoming sections of this paper.
Providing a Variety of Devices for Users
Microsoft has to balance different factors when procuring devices and mobile services.
The primary factor is the needs of users, who embrace mobile devices as productivity
tools that help them do more during the day.
Paramount for users is the flexibility provided by the variety of Windows Mobile
powered devices. Currently, more than half of the 150 Windows Mobile powered devices
are voice enabled, including smartphones and Pocket PCs. This variety—which provides
for various data input methods, such as QWERTY keyboard, soft-key input, touch screen
with stylus, and JOGGR/Scroll wheel—helps users find the device that fits their
specific needs.
In addition to the variety of devices, there are continual improvements in RAM,
storage, and other device components, along with improvements in broadband technology
for delivering data at increasingly fast speeds. This means that mobile devices
can serve as excellent tools for both voice communication and business productivity
tasks, such as e-mail and text messaging, Web browsing, and transmission of data
from business applications.
To give users as much latitude as possible in choosing their devices, Microsoft
currently allows employees to purchase devices and plans the traditional way as
practiced in the United States—by purchasing a service plan and a phone at the same
time if they are working with an "individual liability" contract, as described
later in the "Innovating on Contract Liability" section of this paper.
Employees typically make purchases and are then compensated through expense reports.
Employees can also purchase phones and plans through retail stores.
Justin Emch, service manager for Windows Mobile Enterprise in Microsoft IT in Redmond,
Washington, says that this policy reflects an understanding of a basic consumer
need when users evaluate any kind of product. "They will be using the device every
day for a lot of important activities," he says. "For that reason, a lot of people
want to be able to touch and feel a device when they're making a selection."
Striking the Right Balance with Mobile Operator Services
Microsoft also carefully builds and maintains its relationships with mobile operators
to strike the right balance between value and profitability.
The Microsoft IT department has developed different models for working with mobile
operators: one for the United States, where many different carriers compete for
business, and one in other countries, where typically only one or two major carriers
service an entire nation.
In the United States, Microsoft works with four national mobile operators: Cingular,
Sprint, T-Mobile, and Verizon. Working with several mobile operators is essential
not only to ensure an element of competition in the process of obtaining service
agreements, but also to guarantee that almost all Microsoft employees—scattered
across dozens of nationwide offices, and many traveling constantly—can get coverage.
Microsoft follows several steps to obtain service from mobile operators. First,
it issues a Request for Proposal (RFP) that outlines the number of users whom Microsoft
expects to sign up and approximately how many minutes it expects users to consume
annually.
Pricing is clearly important in the evaluation of mobile operators, but so are other
factors—for example, if an operator has been involved with or is actively planning
an industry-changing initiative. Currently, mobile operator contracts for Microsoft
employees range from one to two years. As part of its evaluation criteria, Microsoft
examines how flexible mobile operators are in terms of modifying their contracts.
In the United States, mobile operators offer phones for low prices in exchange for
signing users to contracts that typically contain financial penalties for early
cancellation. In other countries, users pay more up front for phones, but can typically
change service plans without significant financial penalties.
"We also consider how service oriented a mobile operator is and if it provides timely
releases of new hardware offerings or services," says Jack Barnes, group program
manager of Carrier Strategies at Microsoft. "We look at all of these factors and
rank mobile operators according to the results. These rankings are available for
our users to consider when purchasing phones and service plans."
Different carriers typically offer different styles and form factors of Windows
Mobile powered devices. Microsoft encourages employees to explore the different
styles and brands of devices and to provide feedback on the devices and the services
that they use. Microsoft uses this information to continuously evaluate the hardware,
software, and service offerings from mobile operators.
Microsoft also encourages mobile operators to subsidize the devices. This policy
helps to create different options for users to upgrade their phones and service
levels as their needs mandate. Subsidization is particularly important for early
adopters who want to regularly upgrade their phones to test features or software—including
operating system software—as newer technology becomes available.
In other countries, the procurement of services is generally simpler because there
are fewer mobile operators and devices to choose from. The process entails issuing
an RFP in each country. Typically, Microsoft selects one provider as the mobile
operator of choice for that particular country, and device selection may be limited
to one or two devices.
Innovating on Contract Liability
Microsoft as a corporate entity owns very few mobile devices. Employees purchase
most devices and service plans and are reimbursed through expense reports. Depending
on their job responsibility, many employees receive a monthly allowance for communications
costs, which includes broadband access and voice communications.
Allowances vary dramatically by employee and the employee's group or department.
Generally, Microsoft sales personnel receive the highest monthly allowances. In
the first half of 2007, monthly allowances ranged from less than $50 up to $190.
In terms of contract liability, Microsoft works with mobile operators to implement
a liability that optimizes the contractual obligations for all parties. Traditionally,
a company chooses from the following two kinds of liability: Individual liability. Each
user has a direct relationship with the carrier. The individual's association with
a company may influence rates. This liability, however, is usually the least cost-effective
transaction model for corporations.
Corporate liability. The
carrier invoices the corporation. Although corporate liability can be more cost-efficient
for enterprises, the corporation assumes the risks and responsibilities of maintaining
a contract.
Microsoft works with mobile operators to implement a
blended liability, also known as Corporate Responsible/Individual Liable
(CRIL). A blended liability combines aspects of individual and corporate liability.
Microsoft establishes the relationship, but the actual billing transactions occur
between the user and the mobile operator.
"We are moving a large percentage of our employees into the CRIL model," says Barnes.
"This assures that Microsoft receives the best discounts possible from the mobile
operators, but puts the responsibility of managing the account on the individual
user. We estimate that the CRIL approach will help us achieve a 20 percent reduction
in service costs annually."
In addition to instituting the CRIL model, Microsoft has worked with one of its
selected U.S. mobile operators to eliminate long-term contracts. "This is the kind
of industry-shaping move that we look for when evaluating mobile operators," says
Barnes. "What this means is that our employees can sign up and get the same kind
of rates on a deal that they would if they signed a multi-year contract—but they
can also cancel at any time without being penalized."
Streamlining Service Access
Along with contractual innovations, Microsoft works with mobile operators to streamline
service access. The strategies for achieving this goal include the following: Uncoupling mobile devices altogether from service plans to enable
frequent technology updates. This effort entails unlocking devices so that an employee
can use a specific device with a particular mobile operator—even if the mobile operator
does not normally sell or support that device. Reducing international roaming rates for both voice communication
and data transmissions. Working with mobile operators to achieve predictability in rate plans—that
is, ensuring that there are no surprises when employees receive their invoices. Targeting a consistent cost-per-minute rate. Working toward flat rates for data transmissions.
"Our goal is to achieve benefits for Microsoft and its employees, such as demystifying
current rates and plans and ensuring consistent costs for variables, such as out-of-business-hours
calling or roaming," says Barnes. "At the same time, we also want to respect the
objectives of our long-term strategic market partners—the mobile operators—which
include maintaining profitable businesses."
Providing Effective, Cost-Efficient Support for Mobile Users
Microsoft operates four support centers for employees—in the United States at Colorado
Springs, Colorado, and in Ireland, Bangalore, and China. The growing importance
of mobile devices in its global workforce means that Microsoft IT must ensure that
it can effectively and efficiently support users while controlling its own costs.
The Microsoft IT department is accomplishing this goal in several ways.
First, Microsoft IT tests and certifies the standard devices that it will support
and the features that are required if an employee wants to use a particular device
on the Microsoft network. Microsoft IT also created an intranet site called ITWeb
where employees can find information about corporate policies, about configuring
and managing their mobile devices, and about using their mobile devices within the
corporate environment. The site, shown in Figure 1, is helping to mitigate the time
for out-of-the-box setup and Helpdesk costs as the number of mobile users increases. .jpg) Figure 1. The Microsoft ITWeb intranet site
Second, Microsoft works with original equipment manufacturers (OEMs)—the companies
that design and build Windows Mobile powered devices—and with mobile operators to
help ensure that the Windows Mobile powered devices that Microsoft will deliver
to the market meet minimum requirements, such as adequate battery life, sufficient
input methods, specific feature sets, and infrastructure compatibility. Microsoft
does not endorse the inclusion of every possible feature or application in Windows
Mobile powered devices. Users may purchase devices with features that the OEM or
mobile operator added, but Microsoft may not support these features.
"It is not possible for our teams to support everything," says Emch. "Someone may
buy a device with a certain feature, but if it's not supported by Microsoft IT and
we don't have any documentation, we give our best support effort and nothing more.
Our goal is to make sure that whatever feature sets we decide to support, they make
our users productive in a business environment."
"For anything related to Windows Mobile that we support, we document and post to
the intranet site," says Emch. "This is part of our strategy of mitigating calls
to the Helpdesk and empowering our end users to be self-sufficient. Employees can
go to the site for support; for information about configuring devices, using specific
features such as syncing to the network, and determining what devices are supported;
for security standards; and more."
Finally, to keep the site current and to support the ongoing effort to reduce calls
to the support teams, Microsoft IT tracks the subjects of user calls. Each month
it analyzes the top 10 user issues raised in support calls. If issues relate to
design flaws in the software, Microsoft IT reports that information to the appropriate
development teams. It posts documentation about any prevalent user issues to the
Web site. The site also has links to a searchable knowledge base. Microsoft IT focuses
on supporting software-related calls; it directs calls about hardware issues to
the mobile operators.
The site also includes short, concise user guides, as shown in Figure 2. Users can
view the user guides online, or they can download the guides to read when they are
offline. The user guides help address the most common issues and help users start
using new devices quickly.
.jpg)
Figure 2. Part of a user guide for Windows Mobile powered smartphones that is available
on the ITWeb intranet site
Managing the Mobile Environment
The increased use of mobile devices and their growing importance for managing corporate
communications and information requires strong security measures. The release of
Windows Mobile 5.0 and the Messaging and Security Feature Pack provided a rich
set of tools that offers, in conjunction with Exchange Server 2003 SP2, improved
messaging functionality and security policies on mobile devices at Microsoft. Microsoft
is enhancing these tools in Windows Mobile 6.0 and Exchange Server 2007.
Today, Microsoft employees use Microsoft Office Outlook® Web Access self-service
to quickly and easily resolve many of the most common sources of Helpdesk calls
on their own. With Outlook Web Access, users can view personal identification numbers
(PINs) recovery information for mobile devices. Users can issue remote wipe requests
for lost or stolen devices. Employees who use Windows Mobile 6.0 can use Information
Rights Management (IRM) for e-mail, which enables users to send and receive rights-managed
messages and documents while they are mobile. Employees also have Microsoft SharePoint®
intranet access from e-mail links accessed from their devices running Windows Mobile 6.0.
Microsoft IT is evaluating the following features for use by Microsoft employees: Simplified configuration and initiation of digital certificate settings
from the Active Directory® directory service through an enhanced desktop user interface. Support for the Enhanced Advanced Encryption Standard (AES) 128-bit
implementation for the Data Protection Application Programming Interface (DPAPI),
and AES 128-bit and 256-bit support for Secure Sockets Layer (SSL). Encryption technology for storage cards. Employee access to key components of line-of-business applications
from mobile phones. Certificate-based authentication and the use of Microsoft SQL
Server™ 2005 Mobile Edition for enabling certain application functions. The ability of administrators to configure the length of time after
which a device password must be changed. The ability of administrators to define how frequently a device checks
Exchange Server for changes to the Exchange ActiveSync® policy.
"We are currently evaluating the improvements in Exchange Server 2007 SP1 policies
to see how these will benefit our mobile users," says Emch. "The goal is to see
what makes the most sense to implement. We want to find the right mix of usability
for our employees and security for the company."
Benefits Microsoft benefits from an innovative approach to providing
mobile communications and data access in the enterprise, including streamlined procurement,
enhanced support for users, and better security.
Streamlined Procurement
By working closely with mobile operators, Microsoft IT has helped the company attain
cost-effective service plans for a large and growing percentage of employees who
want to use their mobile devices not only for voice communications but also for
enterprise tasks, such as e-mail and data exchange. By opting to work with multiple
mobile operators in the United States, the company creates an element of competition
in obtaining service agreements, while ensuring that the widest possible coverage
is available for a nationwide workforce.
Enhanced Support for a Growing User Base
The creation of the ITWeb intranet site for supporting mobile users has helped reduce
calls to the Microsoft Helpdesk. Figure 3 shows the breakdown of mobile Helpdesk
activity in fiscal year (FY) 2006 and FY 2007. Between the two fiscal years, the
number of mobile users grew by about 10,000, yet the percentage of Helpdesk calls
for assistance with setup and configuration decreased by more than 20 percent.
.jpg) Figure 3. Breakdown of Helpdesk support in Microsoft
FY 2006 and FY 2007
"This is a clear indication of the benefits we as an IT organization and the end
users are receiving after implementing the intranet Web site and employee user guides,"
says Emch. "The increase in questions about Exchange Server synchronization went
up, indicating the jump in the number of users who want to access the network for
e-mail and for managing their schedules and contacts." Enhanced Security
The implementation of the Messaging and Security Feature Pack in Windows Mobile 5.0
and the continued incorporation of the Messaging and Security Feature Pack features
in Windows Mobile 6.0 help enhance the security of company communications and
information. The biggest benefit of the effort for greater security is that users
have a better understanding of the potential security risks of using mobile devices.
Users learn how they can mitigate those risks by following policies, such as setting
strong passwords for locking devices, enabling automatic lockdown after periods
of inactivity, and encrypting removable media.
"Our employees understand the security concerns with mobile devices and have
become familiar with practices such as PIN locking a device when it's not in use,"
says Emch. "Educating the users and setting expectations up front for a large
deployment is very important, and we've learned a lot during the process."
Conclusion
Mobility has become an essential part of daily enterprise activity at Microsoft.
Many jobs require employees to be away from their desks at least part of the day.
For some employees, such as sales personnel and field engineers, mobility is a key
part of their work. They use mobile devices more than desktop or portable computers
for communications and collaboration.
To manage the influx of mobile devices into the enterprise, Microsoft has faced
an array of challenges, such as the following: Helping users with their mobile devices while containing support costs Finding reasonable and flexible service plans Implementing security measures that help protect corporate data on
mobile devices
Microsoft IT has tackled these challenges in several ways. It has established a
procurement process that helps the company obtain good rates while building strong
alliances with mobile carriers, which are strategic Microsoft partners. The company
gives employees wide latitude in selecting devices that work for each person's particular
working habits. The company has also implemented policies to help protect corporate
data while devices are connected to the corporate network.
By carefully managing mobile operator services and contracts, giving employees choices
in their selection of mobile devices, and instituting measures to help protect corporate
information, Microsoft helps ensure that mobile communications and collaboration
can continue to grow as critical business activities.
For More Information
For more information about Microsoft products or services, call the Microsoft Sales
Information Center at (800) 426-9400. In Canada, call the Microsoft Canada information
Centre at (800) 563-9048. Outside the 50 United States and Canada, please contact
your local Microsoft subsidiary. To access information via the World Wide Web, go
to: http://www.microsoft.com http://www.microsoft.com/technet/itshowcase
© 2007 Microsoft Corporation. All rights reserved.
This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES,
EXPRESS OR IMPLIED, IN THIS SUMMARY. Microsoft, Active Directory, ActiveSync, Outlook,
SharePoint, Windows, Windows Mobile, and Windows Vista are either registered
trademarks or trademarks of Microsoft Corporation in the United States and/or other
countries. The names of actual companies and products mentioned herein may be the
trademarks of their respective owners. |