Originally posted by Gartner

A well-executed single sign-on (SSO) strategy reduces password-related support incidents and provides users with improved convenience and more-efficient authentication processes, according to Gartner, Inc. A sound SSO strategy will give users fewer reasons to write down passwords. However, one password providing access to all in-scope systems can lead to compromised access to those systems.

“Organizations implementing SSO, particularly to systems that hold sensitive data, should implement risk-appropriate authentication methods with the SSO system,” said Gregg Kreizman, research vice president at Gartner. “Solutions are not ‘one size fits all,’ and solutions that provide SSO to all target systems may be deemed too expensive. Therefore, a best practice is to identify the tactical and strategic approaches that reduce enough of the problem space over time and within budget.”

Mobile devices can pose further challenges for SSO. “The proliferation of mobile phones and tablets with a variety of operating systems has created the latest and greatest challenges to authentication and SSO,” said Mr. Kreizman. “Web-architected applications can often be supported with existing access management tools, such as Web access management (WAM) and federation, because smartphones and tablets have Web browsers. Native mobile resident applications can create a gap in SSO support, and market offerings to resolve the issues are currently immature, proprietary, or not comprehensive enough to support multiple device and operating system variants.”

2012 was a pretty big year, in terms of mobile and enterprise mobility. Look at just a few of the milestones that spring to mind in a quick mental review of the year’s biggest mobile headlines:

A friend of mine was responsible for creating the BYOD pilot program for a Fortune 10, $50B healthcare company. In the process he learned several important and surprising lessons, which he has kindly passed along in blog form.

One lesson he learned is that the biggest cost in developing a large corporate BYOD policy rollout may not be directly related to technology or devices at all. In many cases, it’s the tab for lawyers and HR staffers to review proposed policies, and to develop the lengthy contracts employees ultimately need to sign to use their personal devices on the corporate network.

I get to talk to a lot of CIOs in my line, and I always enjoy getting their perspective on technology and change. I’m frequently awed by their intelligence and the sheer scope of their knowledge and experience. I’ve often been surprised by their backgrounds, as well. I can think of top CIOs who came out of college with degrees in Philosophy, Chemistry, even Zoology. None of them thought they’d end up running IT for a major agency or corporation. (Guess which one ran an entire State’s IT? See the answer below.*)

So it’s particularly interesting to talk to them now, as the world they grew up and carved out a career in begins to disintegrate around them. Some people are even questioning if there will be such a thing as a CIO role 10 years from now. The question isn’t that far-fetched: “Self service” IT is a reality now, with a complete range of custom IT resources readily available to any department or individual who decides to “go rogue,” while bring-your-own device (BYOD) is spreading through organizations like wildfire – regardless of IT’s official policy on the practice, one way or the other.

In my conversations with CIOs and IT leaders during the past 18 months, most consider it a given that they must have a mobile strategy for their organizations. These strategies range from allowing employees to access the corporate network with their personal devices (a practice widely known as Bring Your Own Device, or BYOD for short), to pursuing a full scale switchover to a tablet-based infrastructure for users. Most companies find themselves somewhere in the middle.

The one fly in the mobility ointment for the majority of IT leaders is the issue of data security. Simply put, mobility breaks the time-tested perimeter security model that most organizations are still desperately clinging to. The fact is, the perimeter model is already broken. Mobility just brings this issue out into the light.

Today’s workforce is increasingly empowered and enhanced with mobile technology. Colleges that are enabling their students to fully leverage mobile technology and learning are ultimately preparing them for success in today’s economy.

Consider some current trends:

At more and more organizations, mobility is driving the need for desktop virtualization. This is largely due to what Linda Tucci, senior news writer at TechTarget, describes as “the growing appetite for using smartphones and tablets to access desktops remotely—even if only in a pinch and only for limited use.”

In “CIOs Sell Enterprise Desktop Virtualization with Mobility,” Tucci quotes David Johnson, senior analyst at Forrester Research: “‘I can’t quantify it, but there is a link…Mobility is a tipping-point issue for desktop virtualization.’”

Originally Posted by Lane Jesseph, Tablets at Work Blog

When modern workers move from smartphone to desk phone to IM to email to conferencing—and from desktop to laptop to tablet and back to smartphone again—the conversation can get a bit muddled. But since each medium offers unique capabilities and strengths, none is likely to disappear in the short term. And the BYOD trend—whether contained, discouraged, or cultivated in your organization—surely adds more complexity.

That’s why more enterprises are pursuing unified communication strategies and solutions—ones that can help today’s mobile workers take advantage of all the communication tools available so conversations are enhanced, not fragmented.

Microsoft Lync is one such solution drawing increasing attention from enterprises determined to leverage diverse communication types, not restrict them. Why is this relevant now?

To control financial and human resources and reduce costs, most government agencies have standardization policies for desktop environments. Agencies routinely let their employees choose from a number of standard desktop hardware and software configurations.

In both the private and public sector, laptops, tablets and smartphones are well on their way to becoming indispensible productivity tools. As governments move toward the inevitable adoption of mobile end user devices, broadening existing standardization policies can bring many benefits to the mobile environment.

The use of mobile devices on public sector networks is top of mind for most government agency and IT leaders. You can be sure that some form of mobile endpoint device is coming soon to the public sector—in spite of the security risks that keep agency IT leaders awake at night.

Don’t let security challenges derail your mobility plans, says U.S. CIO Steve VanRoekel, who warns IT leaders against making a “false choice between security and innovation.”

Indeed, federal mobility initiatives such as VanRoekel’s federal mobility strategy, General Services Administration’s (GSA) strategic sourcing plan for mobility initiatives and National Institute for Standards and Technology’s (NIST) security guidelines for tablets and mobile phones will pave the way—and set the expectation—for state and local governments to securely use mobile devices while meeting their organizational objectives.