Roger Yang

2012 is shaping up to be a challenging year for CIOs as they figure out how to safely embrace the slew of mobile devices entering their networks. Smartphones and tablets are seriously threatening the IT status quo, and CIOs who fail to adapt and get ahead of this technological upheaval risk getting pink slips and seeing themselves replaced by more agile colleagues.

Clearly, 2012 is the year that organizations of all shapes and sizes must come to terms with their mobile problem. Here are five serious mobile challenges CIOs will have to deal with in 2012:

1. BYOD stressing networks and IT to the breaking point
This holiday season, smartphones and tablets topped everyone's wish list. After the holidays, every executive with a shiny new iPad or smartphone will want network access. Even if you are a BlackBerry-only shop, what will you do when your CEO demands access for his iPad? That's right, you'll capitulate.

A recent Dell KACE survey of IT pros, managers and executives revealed that 87 percent of their employees use personal devices for work-related activities, including email, SMS and calendar management. The same survey showed that 67 percent of respondents didn't have any policies, procedures, or systems in place to handle this influx of personal devices into their organizations.

BYOD presents a set of challenges that CIOs will have to come to terms with in 2012, including but not limited to security, protecting network bandwidth, dealing with platform fragmentation, and managing remote users.

Most organization will begin vetting various technologies, such as Mobile Device Management (MDM) and Network Access Control (NAC), but these aren't cure-alls. Corporate policies must be developed, and CIOs will soon realize that one-size-fits-all policies won't work. Your sales staff, for instance, will probably have much different mobile needs than, say, HR employees. Mobile policies that fail to weigh those considerations will undermine productivity.

2. Shifting security risks
According to Nielsen, within the next few weeks, fifty percent of all American mobile phones will be smartphones. Expect an uptick in mobile malware, mobile botnets, SMS fraud, and even "malvertising" in 2012. Personal devices that employees bring into the corporate network compound these risks, making them corporate threats, not just individual ones, no matter who paid for the phone.

As enterprises deploy new technologies to control and secure mobile devices, don't be surprised if some major corporations are blind-sided by things like mobile spear-phishing attacks and insider attacks.

In an economy where employees are already on edge, the term "disgruntled" takes a more ominous tone, and if yesterday's insider attack usually involved stealing IP by uploading files to Google Docs or downloading them to a thumb drive (risks companies are waking up to), tomorrow's inside thieves will probably rely on smartphones.

With enhanced audio and video recording capabilities, insiders don't have to steal IP from within their corporate PCs. Record a video while you scroll through customer records, and IT will be none the wiser. Or you could be recording a sensitive meeting while to everyone else it looks like you're just checking email.

These sorts of threats are far more difficult to predict or contain. Comprehensive mobile protection may mean that CIOs will have to coordinate with on-site security personnel to monitor mobile device use around sensitive assets and intellectual property.

Physical security now has to be a part of your digital security. How else would you catch a disgruntled employee taking pictures on his smartphone of a monitor displaying sensitive product designs? There's not any security software in the world that can do that.

3. Mobile devices overwhelming IT's ability to support them
The flood of mobile devices into the enterprise will quickly spark a deluge of help desk requests. The math is simple: as more devices enter the network, IT will have to cope with two or even three times as many devices as it previously handled.

Even if the organization embraces BYOD and doesn't technically own the device, don't be surprised if end users expect IT to fix anything that goes wrong. After all, employees will be using these devices for work. They will increasingly consider their own mobile phones and tablets as "mission critical," and if their employers can't help them when things go wrong, the whole BYOD idea falls apart.

Instituting policies that forbid IT from helping employees with their personal devices may be tempting, but it's a bad idea. Such provisions will only breed discontent. Employees will ask for IT's help. Heck, employees already badger IT about problems they're having on their home PCs, so it should come as no surprise when IT requests spike for these work-home hybrids.

To make matters worse, most organizations are consolidating IT positions rather than creating additional ones. Yes, it's the old "do more with less" mantra that IT hears every time there is downward pressure on budgets.

Most enterprise IT workers are not mobile experts. Mobility presents different challenges when it comes to apps, networks and OS fragmentation.

Don't be surprised if CIOs start rethinking BYOD to emphasize support. Anecdotally, I've heard of organizations simply paying for Best Buy Geek Squad support for employees. For CIOs who've had to cope with layoffs and attrition, outsourcing support may be the only way to manage this challenge.

4. Tablets presenting challenges, but also opportunities
While most CIOs are fretting about the security risks of tablets, business unit leaders are looking to them to help boost productivity. Gartner predicts that all sorts of business apps will start moving to tablets, everything from Business Intelligence (BI) to collaboration to Sales Force Automation (SFA).

Tablets could replace laptops altogether, or they could be tethered to specific applications for specific use cases. For instance, SAP AG has given iPads to executives with the sole purpose of giving them access to real-time BI data.

Other opportunities include using tablets to improve quality control at construction sites, to help doctors avoid medical errors, and to make onsite sales visits more interactive and effective.

CIOs are absolutely correct to worry about security, but smart CIOs won't let those fears undercut the range of opportunities association with a rise in tablet adoption.

5. Mobile expenses spiraling out of control
One factor often lost in the mobile discussion is cost. As enterprises embrace more and more mobile devices, it's obvious that mobile costs will go up. Less obvious are the hidden costs like data overages and roaming fees. When calculating costs, many CIOs are guilty of consumer-style thinking. They focus on the purchase price and the baseline contract cost, and forget about all of those other charges.

Have a few employees who regularly exceed data download limits, and you'll probably rue not getting all-you-can-eat data plans in the first place. Worse are roaming charges, which can be major budget busters. It's not unusual for a single executive or salesperson to rack up $1,000/month in roaming charges when working overseas.

Even if your organization decides simply to offer a one-time subsidy to help underwrite employee purchases of mobile devices, don't be surprised if mobile charges turn up on expense accounts. If a salesperson has maxed out his or her data allotment but needs to download an important presentation, that salesperson will want to be reimbursed. If an employee travels overseas for business, that person will, rightly, balk at paying for business-related roaming charges.

You don't want to drive up employee complaints by being rigid with mobile reimbursements. If employees feel like the organization is taking advantage of them, expecting them to be increasingly available (through mobile devices), but not footing the bill for their escalating mobile costs, the money the organization saves through its stinginess won't be worth it.