Four Zones of Mobile Success (or failure): Part 4, Device User


This is the final installment in my four-part series discussing four zones of Mobile Success.  The first post discussed the enterprise zone: the enterprise back end, including mail servers, messaging solution and directory services. The second zone is the enterprise security zone consisting of firewalls, VPN’s and reverse proxy. The third zone I covered was the Internet. All of these function as points of success or failure in mobility.

The final zone is the device user zone, which is probably the zone most prone to failures. The zone consists of the user, device, applications and the local wireless carrier. For many reasons, new devices, replacement devices, provisioning, re-provisioning with the carrier messaging system and enterprise often result in a issue and call to the help-desk. The vast majority of interactions occur in this zone, and the more interactions there are, the more opportunity for errors.

From part three of the series, the Internet Zone; data travels the course of the wireless carrier’s wire, fiber, switches and routers until it reaches a wireless tower associated with a device. Then the tower transmits the data to the device. Because a mobile device is an “always on” device, the associated tower can change and must be maintained throughout the day as you travel to different locations.

In short, the meeting notice I mentioned in part 3 leaves the enterprise and finds the first wired network on-ramp to  a devices carrier, traverses their network to the tower near the device and then wirelessly sends the meeting notice to the device.

How does all this magic happen?  When the phone or tablet is turned on, it looks for a tower to associate with.  Once that happens the carrier notes that user Juanita Doe’s device can communicate through tower XYZ, regardless of where a message traffic originates.

As for points of failure, any of the following could apply at the device level:

  • Failing device hardware
  • Battery that’s low or spent
  • Device out of coverage, weak or no signal
  • First time use or replacement, not provisioned or properly provisioned with the carrier
  • First time use or replacement, not provisioned or properly provisioned with the enterprise
  • Encryption or decryption failures, expired keys
  • Incorrect password
  • Corrupt application service books, policies or certificates on the device
  • Incompatible OS level

Below we have the complete picture of the basic mobile enterprise network again. As demonstrated by the discussion in this series, so much technology has to go right for the basics of wireless and mobile applications to work. It takes even more for an enterprise wireless strategy to be effective and successful. For a strategy to be effective it must include mobile management processes, such as procedures and tools including predictive analytics to detect problems, alert the enterprise administrators and help isolate any issues or failures in the enterprise mobile ecosystem.

As mentioned in Part 1 of the series, As an Architect in Mobility for over 17 years now, I have found this diagram and discussion to be extremely valuable tools.

I believe the 1st incarnation of this was in 2003 when an IBM colleague (Scott Symes) and I had the blackeye’s as we experienced the effects of issues in different zones.  It was BlackBerry at the time, hence we gave it the nickname of “BlackBerry Blackeye” chart.  But, as other technologies have come to market, the essentials are still true today regardless of device manufacturer, operating system or application.  The diagram has been updated and expanded reflect some of these changes as Android, IOS Devices, Messaging, Monitoring and MDM/EMM (Airwatch, IBM/Fiberlink, BlackBerry/Good, MobileIron, Tangoe, Zenprise, etc.) have come along. Others have disappeared or been consolidated.  However, the fundamental issues and the concepts remain constant.  There are many points of success and failure in a Mobile enterprise infrastructure.

A well designed, planned and implemented strategies, infrastructures and applications will prevent  lost sales due to abandoned carts, increase customer loyalty and repeat use.  Will increase employee productivity and prevent  lost investment in the failure of application adoption

In the simplest of terms, success equals good high quality uninterrupted service.  Applications that consider the diverse screen real estate and user interaction. Unresponsiveness due to back-end servers, load balancing or firewall issues, internet network congestion will be seen as the fault of and blamed on the application.

Mobile success, like beauty, is in the eye of the beholder or in this case the user.  Therefore, the success of a mobile enterprise infrastructure and whether or not you get a “black-eye” depends on how well these points of failure are understood and managed.

It’s my hope this series, revised from original publication at IBM Mobile Insights, has been and will be helpful to you.  Please leave comments below or contact me on  LinkedIn.

Four Zones of Mobile Success (or failure): Part 3, Internet


This series of articles describe the four zones of success or failure (points of failure)  in an end-to-end mobile enterprise infrastructure.  In the first part  I discussed the enterprise zone—the enterprise back-end, including mail servers, messaging solution and directory services. In the second part I covered the enterprise security zone, consisting of firewalls, virtual private networks (VPNs) and reverse proxy.

The third zone in the journey is the zone where the enterprise has absolutely no control, the Internet zone! The Internet zone stretches out, encircling the globe, a mysterious cloud with an army of routers, switches, wires, fiber and wireless carriers that provide the infrastructure and plumbing to carry your data packets from end to end. It’s the big hop between your enterprise and devices.

Within the Internet zone are two key add-ons: push notification services and network operations centers.

Push notification services: Non-BlackBerry solutions require integration and connectivity to the Apple and Google push services for Apple iOS and Google Android device support.

Network operations center (NOC): Some of the mobile enterprise solutions make use of an NOC concept. The two most notable are BlackBerry and Good Technology. In these solutions all traffic related to their solution passes through the NOC. This has the advantage that the enterprise’s security zone only needs firewall rules to the trusted NOC. The NOC integrates all communications from devices on the various carrier networks.

Like any other link, a broken link affects the chain. However, the NOCs are highly redundant, fault-tolerant configurations that are rarely down. They are so reliable that when an incident occurs the disruption often makes the evening news. As far as point of failure, it is far more likely that your local network connection to the NOC will fail rather than the NOC itself.

The second to last leg of the Internet zone is the wireless carriers (that is if the device is not WiFi connected). Interestingly enough 99 percent of the path of a meeting notice going from server to wireless device is not over wireless. The notice will follow the wired or fiber connections of the Internet and wireless carrier until the meeting notice hits the cell tower nearest the intended device. Wireless carriers have a vast array of switches, routers and wired or fiber networks before anything goes wireless.

Once again, any of these elements can create a point of failure in the communication path. The user perception will be that the mobile device or application is at fault and failing again. As in the first two zones, some monitoring and mobile device management (MDM) or Enterprise Mobility solutions provide tools to help determine these issues.

2017 Update: Today various Mobile analytics tools are available to assist in the identification of a failing node in the network, point of failure.   Don’t let the term analytics put you off.  Often significant data and analysis can be done with just a few lines of code and the tool will do the heavy lifting.  Please refer to my article Demystifying Analytics and a short video example

The next and final zone in the series will be the user zone.

I hope this was helpful, Please leave comments below or contact me on  Linkedin and stay tuned to finish out the series republication.

The four zones of mobile success (or failure): Part 1, enterprise zone

“updated slightly from original publication in IBM Mobile Insights, December 2013, content still holds true”

The IT Managers nightmare !

It’s 2am, the phone by your bed wakes you. It’s only 11pm in “Next to Nowhere by the Trees”, Oregon.  The CEO is just getting back to his hotel from the big meeting and dinner with a client. He needs to stay another day, wants to rearrange his schedule and see if the inventory update came in and His device hasn’t updated in 3 hours; Where O Where can the problem be?

This series will discuss four “zones” of success or failure in an end-to-end mobile enterprise infrastructure.  The diagram below represents the typical end-to-end mobile enterprise network containing four zones: enterprise, security, Internet, and user zones.

2017 Note: for the purpose of illustration I’m using “mail” as the end to end application.  In reality, this directly relates to other B2B, B2Eor B2C business critical applications, website, storefront, claim processing, etc.  

All of these zones must be working properly for the successful daily use of mobile devices in the enterprise. However, they are not all under the control of the enterprise, and a failure of any one of the elements in a zone can cause an inability to perform daily enterprise activities on mobile devices.

We have all heard the help desk cries:

  • I can’t activate my BlackBerry! iPhone or new S7…
  • I stopped getting mail to my iPad!
  • My calendar won’t sync to my device!

Mobile infrastructure administrators and help desks hear these statements day in and day out. But they never hear:

  • My new iPhone 7 has been running fine for weeks!
  • I never have any trouble getting to my applications on the iPad!
  • I can work just as well with my tablet on the road as I can in the office!

—even if they are outside the control of mobile IT—mobile IT gets the blame because the user perceives that the servers or applications are not working. The chart above is sometimes called the mobile IT “black eye chart” because no matter the failure mobile IT gets the black eye for the trouble.

Only one thing has to go wrong in the enterprise network in order to get messages of frustration from users, like those in my first list.  But a lot has to go right in order to hear the other positive message “silence”.

The enterprise zone

For my first blog post in this series I will discuss the enterprise zone. The enterprise zone consists of the enterprise infrastructure servers—those boxes in the server farm or room.

The back-end infrastructure that exists in the enterprise zone (but not in the diagram) is the server farm itself: the racks, servers, storage, switches, cables, network, cooling, power and so on that the mobility application infrastructure runs on. Each is a possible point of failure that can potentially be immobilizing.

For the purposes of a mobility discussion it is assumed that the enterprise back-end application to be accessed by mobile devices is the typical mail, calendar and contacts. Therefore the enterprise zone for mobility would typically be the following servers: mail, mobile messaging, mobile messaging control, active directory or Lightweight Directory Access Protocol (LDAP) services for authentication and an SQL database to contain all the data about the mobile users, and in some cases a monitoring server.

The scenario also assumes that the enterprise zone is connected to the Internet for data flow to from the mail servers to devices through the Internet. This brings up the very first element of success or failure of the mobile infrastructure: the mail server.

The mail server, typically Lotus Domino or MS Exchange, is the heart of this and most scenarios. It is where all device-destined data originates. Again we make an assumption that everything is working in the infrastructure to ensure that data can flow into an individual’s mailbox on the server. When the mail server is down, is unavailable, has lost connectivity or is having other functional issues, the mobility infrastructure cannot begin to deliver data to devices. If it’s down long enough, it will begin to result in calls for help desk tickets indicating that the user is having trouble getting mail on a BlackBerry, iPhone, iPad, Windows phone or Android device. Quite simply, any issue with the mail server will be perceived by the user as a problem with the mobile technology.

The mobile messaging server (Lotus Traveler, BlackBerry, Good, MobileIron, Airwatch and so on) polls the mail server to determine if anything needs to be sent to the user device and forwards items created on the device to the mail server.

Mobile control server is a component of the mobile messaging solution. It manages the messaging servers and handles device enrollment. Device policy management in some cases provides the virtual private network (VPN) for the messaging service.

The Active Directory (AD) or LDAP server is an essential element of an infrastructure that is essentially the enterprise address book of all users. It is an essential part of enterprise security, managing the enterprise ID’s passwords, permissions and so forth. Any issues related to directory services will result in request failures in the mobility critical path and again simply be perceived by the user as a problem with the mobile technology.

Issues with the mail, messaging, control or AD/LDAP servers will result in issues for users. However, there are numerous times when these servers are fully functional and another component of the end-to-end infrastructure causes the user’s activity to fail.

The reality is, the average user will not even know a control or AD component exists and will blame mobility (more often than mail) as the issue, since they don’t understand which link in the chain is currently broken. Mobility apps by Traveler, BlackBerry, Good Technology, MobileIron or AirWatch are the most blamed and maligned element of the mobile infrastructure. This is simply because it’s the element the user is attempting to use and therefore must be the problem.

It is critical to an enterprise to have tools in place for monitoring, such as mobile device management (MDM) to identify, isolate and assist in resolving issues in the above components that are within the enterprise control.

More Importantly for 2017 and beyond as some monitoring tools have gone by the wayside the role of active and passive Analytics will be drivers in determining points of failure and success.

The next area discussed is the enterprise security zone.  share your thoughts below and stay tuned for more in my “Four zones of mobile success (or failure)” series.