At many companies, internal customers have gotten ahead of themselves - and IT - in the rush for the latest mobile devices, unaware of the challenges they pose. "They don't realise it takes infrastructure, a wireless signal and a whole bunch of things before you can use a handheld," says Hap M. Cluff, director of IT for the city of Norfolk, Virginia.

For IT, trying to guide the flood of mobile adoption is like trying to channel a tidal wave through a funnel. But CIOs are attempting to quickly identify the best values, limit support and security headaches, and make sure everyone knows the rules.

Whatever it takes to be in touch on the go, businesspeople want it, and they want it now. In fact, employee demand for mobility forced significantly more mobile technology deployment in 2005 than companies had anticipated, according to Ellen Daley, an analyst at Forrester Research in Cambridge, Massachusetts.

Personal devices and other mobile technologies that IT is unaware of are hard to control and, therefore, hard to secure, Daley says. Mobile hardware can sneak in through departmental budgets, sidestepping IT's scrutiny, and before you know it, they're connected to the network. "That puts a stress on the company from a security perspective [and] a standards perspective," Daley says.

Health company has an approved list
To get ahead of the wave of personal devices, William Lewkowski, CIO at Metropolitan Health in Grand Rapids, Michigan, discourages the proliferation of a variety of devices in favour of a few that are easily supported. For example, IT supports the Palm operating system on handheld devices. Employees may use other software, he says, but they must go through IT to make sure it will work. And for security's sake, employees are allowed to download to their handhelds only low-risk information, such as their schedules.

Ford finds Blackberry secure
Other companies base their approaches to mobile devices on need. For example, at Ford Motor, senior executives have a demonstrable need for BlackBerries, says Vijay Sankaran, IT manager for enterprise technology. "These people go from meeting to meeting," he explains. With a BlackBerry, they can scroll through their e-mail and calendars and use phone features without going back to their desks.

Sankaran says the number of things you can do with a BlackBerry is very limited, making it more secure from a corporate IT standpoint. The more features, capabilities and services a device has, the more security holes that it comes with, he explains. Some CIOs use the power of the purse to keep mobile devices under control.

Insurance company bans "own equipment"
"We don't allow our associates to bring in their own equipment," says Patrick Law, vice president of infrastructure at American Modern Insurance Group in Amelia, Ohio. Personal cell phones, which can't connect to the company network, are the exception. Anything else has to be acquired through the help desk.

Cost is an issue, but there are ways to rein in the costs of mobility while increasing its value. For example, American Modern lets employees sign up for their own cell phone service plans using whichever companies they want because the local cell phone companies provide much better signals than nonlocal ones, Law says. He reimburses them for basic service as well as for features that add business value.

For example, a text-messaging feature comes in handy for adjusters, who may be on the phone when someone needs to get through to them with important information. With that feature, they can stay on the line and get the information at the same time.

Law says that the most reliable, practical and cost-justifiable mobile devices are PDAs, smart phones and BlackBerries. "When we get beyond those devices, it doesn't seem to be cost-justifiable," he says.

Service and support cost money
Service is also costly, and it's difficult for the help desk to provide expertise over a range of devices. When few support staffers know the hardware, it's hard to have a mobile expert available on every shift, Daley says. And users seeking tutorials on new equipment can boost call volume.

Some CIOs are meeting this challenge head-on by training everyone on their support staffs on mobile technologies, says Daley. Others try to head off the volume by using self-service support Web sites with messages such as, "If you have a Palm Treo 650, try this before you call technical support." Law's group provides employees with "cheat sheets" for each device to help them with the basics.

City IT shop got the tech staff on board
Buying additional devices for key people can improve support efficiencies as well. For example, Cluff - of the city of Norfolk Virginia - purchases BlackBerries for technicians so they can become thoroughly familiar with them.

The approach has also provided an unforeseen benefit. The rationale was to get BlackBerries for the technicians so they could support the customer, Cluff says. But it turns out that the devices are also helping them be more productive in their work.

Mobile tactics
Here are some policies CIOs are using to get ahead of the wave of personal mobile devices:

  • Connectivity. Nothing will be connected to the network without the approval of IT.
  • Approved equipment. IT provides a list of approved devices and software. Others will not be supported.
  • Desktop standards prevail. Mobile policies mirror desktop policies where appropriate. For example, if laptops automatically log out users after 20 minutes to prevent theft or fraud, mobile devices will be programmed to do the same.
  • Disabling mechanisms. Mobile gadgets will be fitted with disabling mechanisms that can be remotely activated in case of loss or theft.