Business mobility continues to evolve from controlled environments in which information technology (IT) departments dictate hardware, software/applications, carrier/plan, and release schedules, to fragmented environments driven by advances in hardware, form-factors, different operating systems and applications, resulting in increasingly less control for the enterprise business across the mobility ecosystem used by personnel of the business enterprise.
The practice of “Bring Your Own Device” (BYOD) is perpetuating the challenge with numerous “Smart End Points” (SEPs) including smartphones, tablets and laptops, being leveraged to access corporate assets. BYOD implies each end-user makes the decision on device type and thus the operating system, and in an increasing number of cases, each end-user makes the decisions as to the carrier, the carrier's service plan, applications and the network connection. IT department control and influence over standardization is circumvented, resulting in an absence of consistency and in an ever-increasing complexity of policy management challenges. For example, challenges include the development of consistent and equitable methods for employee reimbursement for “business usage” across multiple carriers and varying connectivity plans; consistent enforcement of policies associated with connection-security for mobile devices when accessing business resources; issues related to leveraging incumbent virtual private network solutions; multiple and rapidly changing mobile device form factors; multiple and rapidly evolving operating systems and/or applications; multiple connectivity service providers (e.g., Wi-Fi provider at different locations (e.g., coffee shop, library, public parks and the like), cellular, wireline, and the like), a wide variance of connectivity service plans and pricing.
Such management challenges are exacerbated with the current mobile wireless access point devices also referred to as “mobile hotspot” devices, such as the MiFi® and Jetpack® devices, and in-vehicle Wi-Fi hotspots, that provide access to the Internet for various Wi-Fi enabled devices, such as a smartphone, laptop or tablet and the like, through a cellular data connection. A mobile wireless access point device typically only provides WiFi or similar wireless local area network connectivity to local end user devices and routes communications of the end user device to/from the Internet via a mobile wireless wide area communication network service, e.g. via a public cellular data network. In other words, a mobile wireless access point as discussed herein is a device that is dedicated to providing wireless access for end user devices to data communication networks and that is unequipped to provide the direct voice communication functions of a cellular telephone or a smartphone. The mobile wireless access point device includes universal serial bus (USB) port or other wired connection port that allows tethering as well as allowing an enterprise IT administrator to access the configuration settings of the mobile wireless hotspot device. Such mobile wireless hotspot devices, which are separate and different from a smartphone, are targeted to consumers so the consumer can access the Internet from various devices, which may not have mobile wide area communication service or have more expensive mobile wide area communication service, through the mobile wireless access point device data connection. The mobile wireless access point device allows the user to manage the mobile wireless access point device either via an on-device user interface (UI) or through a server-based configuration manager application that requires an IT administrator of the device owner to physically connect to the mobile wireless access point device and change settings via the IT administrator's desktop UI that is similar to a web-browser. This server-based configuration manager application may be hosted on a server and may interact with a web client that is local to the mobile wireless access point device. Presently, the configuration settings of the mobile hotspot cannot be remotely accessed by the enterprise's IT administrator. It is anticipated that the challenge will also exist with in-vehicle mobile hotspots.
Enterprise customers also are distributing mobile hotspot devices to their workforce in increasing numbers. As a result, the enterprise IT administrators must spend more time manually configuring and assigning each of the mobile hotspot devices for distributed to respective workforce employees. Enterprise customers will be faced with the same challenge when leveraging the hotspot capability in corporate owned vehicles.
While enterprise customers deploying mobile wireless access point devices to their employees want the ability to remotely manage mobile wireless access point devices, presently there is no mechanism for securely providing remote configuration. The limitations of having to have physical possession of the mobile wireless access point device to configure or reconfigure the mobile wireless access point device are further magnified when the mobile wireless access point device user may be located in locations remote from IT administrators. Furthermore, since large scale use of mobile wireless access point devices in which tens or hundreds of mobile wireless access point devices are deployed at a single time with similar configurations, present enterprise IT administrators only have limited time and resource to manually manage the configuration of each of the tens or hundreds of mobile wireless access point devices. In order to maintain the enterprise's mobile wireless access point device, IT organizations spend considerable time and money executing their deployment and support processes. In some instances, remote employees even have to ship their mobile wireless access point device back to headquarters to get their mobile wireless access point device reconfigured.
In addition to having to manually configure/reconfigure mobile wireless access point devices, the security features of the present day mobile wireless access point devices may be bypassed by an employee or other user by performing a factory reset of the mobile hotspot device, which changes all of the security settings made by the enterprise IT administrator to the factory default settings of the mobile wireless access point device. The factory default settings include a standard password, e.g., “guest” or “Admin” and login name. Now without a proper secure configuration, an unauthorized user, e.g., an enterprise employee's child may be able to access the Internet via the mobile communication network, which may incur additional and unauthorized charges to the enterprise mobile communication network subscriber account for the mobile wireless access point device and possibly allow an unauthorized user access to an enterprise network.