Good Technology has become one the leaders in mobile management, amassing more than 4,000 customers, including many in government and highly regulated industries.
CEO Christy Wyatt joined the company in January, after a stint leading Citi's mobile efforts. She boasts considerable experience in the mobile industry, including time as the head of enterprise for Motorola Mobility (she left when Google bought the company) and head of developer evangelism for Apple.
In this installation of the IDG Enterprise CEO Interview Series, Chief Content Officer John Gallant and CITEworld Editorial Director Matt Rosoff talked to Wyatt about her plans for Good, and how she intends to make the company stand out from competitors like Airwatch. In addition to explaining the recent spate of management changes at the company, Wyatt also talked about:
- Good's advantage on security: "Our security model has been tested and proven with large federal agencies, with the world's largest banks, healthcare providers. About 50% of our customers come from regulated industries."
- How Good's approach differs from the competition: "I think the key differentiator is we focus on the data, not the device. There are two other very popular approaches. You have either device manufacturers like BlackBerry or device-management organizations that try to replicate a BlackBerry-type device management experience, but on non-BlackBerry devices. I think you're drawing the perimeter around the wrong place....I think you have other companies that are looking at server-based virtualization. So folks like Citrix or others, and I think that is closer to being data focused, but it keeps so much of the usability and the user experience off the device, that unfortunately the user experience becomes very challenged."
- Mobile vendors cannot ignore user experience: "Citi tried to give me a device that was a non-Good-enabled device; it was completely managed with traditional enterprise mobility stuff....I think my conclusion after that was, by giving a user a user experience that they couldn't embrace, I was actually creating the security and the data leakage that I was trying so hard to prevent. If there was an attachment on something, or if I needed to send a text message to someone, and the solution they gave me prevented me from doing that, I would grab my second device, which was in my bag, and just do it from there."
- Containerization is OK; dual-persona devices are not: "We sell containerized apps or we give you the ability to containerize your own apps and data and then manage and distribute the data between them. So the benefit to that is that it doesn't interfere with the user experience at all. You're not logging into a separate profile or separate work experience.... We're not carving up the OS. We're not separating it. It is completely native and intuitive."
- Good Dynamics is not just about commercial apps: "We have a large number of commercial applications, things like Box for Good. You can do integration with IBM Worklight, with Salesforce, with HP ePrint, DocuSign. But what most people don't realize is that for every single commercial application that you see, there are probably 20 to 30 in-house developed applications behind the firewall that our customers have developed for themselves."
- Good will move downmarket: Over the next year, outsiders "should continue to see us bringing the barrier to entry lower for consumers. I think, again, because our solution has been enterprise-grade, there's a perception that it's somehow inaccessible to the average enterprise, that you need to be a global bank or a large federal agency in order to use Good, which is just completely not the case."
Here's the full interview:
John Gallant: You joined in January after serving as Global Head of Citi's Consumer eBusiness and Mobile Technology Group. A couple of things about that transition. First, what appealed to you about this role? Why did you take this job?
I was very familiar with Good from a lot of different places. I knew them at Palm a long time ago. I'm dating myself. I knew them at Motorola, where they came into Motorola and then consequently left from Motorola. Actually, I first heard of the opportunity with Good in the summer when I was looking at a number of different opportunities, and chose to go to Citigroup. Citigroup is a customer of Good's, so from within Citigroup I was all of a sudden using the products in a way that I hadn't used them before. I had this kind of "aha" moment. It was sort of a transformational experience where my business at Motorola had been heavily focused on enterprise mobility, but looking at it from the inside perspective, from the CIO perspective, it was kind of, as I said, an ah-ha moment. All of a sudden I was doing 99% of my job on my iPad and my smartphone. I was no longer VPN'ing in. I wasn't doing heavy device management. I really had a different sort of appreciation. So when King [Ed. Note: King Lee, executive chairman and former CEO of Good] cornered me again and tried to resell me on the opportunity it was too good to pass up.
JG: What did you learn from Citi's experience with BYOD, and from your team's roll out of consumer-facing mobile services, that will shape your work at Good?
A couple of things. First of all, in my role within Citi, I was a consumer of a lot of these technologies in a large, traditional, enterprise environment -- the way that CIOs and the internal IT organization looked at investment decisions and return on investment, as well as the conversation which we were constantly consumed by around security, risk management, and data protection. I had a whole new appreciation for what that looked like from the inside of one of the world's largest banks. I owned a lot of technology that was consumer-facing, so right in the middle of a lot of the cyber attacks, a lot of the cyber security conversations, and it just became completely clear to me that these two things were completely at odds, that there was this massive pressure and concern around the value of data and the risk of that data getting into the wrong hands, and the opposite tension, which was the consumer experience. IT is giving me technologies that were really intrusive or overly confining and preventing me from getting my job done. That became a massive impediment to me being able to be successful. I had a unique role sitting right in between those two conversations within a very large organization, and that, I think, helped me frame the opportunity around Good. When I found out what Good was doing with Good Dynamics and their development framework and the development tool kit, it was powerful. What more could we do, as an enterprise mobility organization within the bank, if I could continuously manage that risk portfolio? And what other bolder things could we do, for our consumers, our employees or our business partners?
JG: Knowing all that, what are, say, the top two or three things that you think Good needs to do?
Number one was user experience. Citi tried to give me a device that was a non-Good-enabled device; it was completely managed with traditional enterprise mobility stuff. If I didn't want to use that that, they would make Good available to me. I think my conclusion after that was, by giving a user a user experience that they couldn't embrace, I was actually creating the security and the data leakage that I was trying so hard to prevent. If there was an attachment on something, or if I needed to send a text message to someone, and the solution they gave me prevented me from doing that, I would grab my second device, which was in my bag, and just do it from there. The user became kind of the liability if I didn't give the user a way to do their job in a very comfortable and intuitive way. I think that was the first one.
I think the second one was just the liability. Prior to coming into the organization I had a very different view of the framework for security investments, and what impact security investments had on a business. I think the realization, for me, was that the bank was essentially a very large technology organization whose product happened to be money. And it wasn't completely different than being a large telecommunications or consumer electronics provider whose product happened to be computers or cell phones. So IT was what was driving that company. It was how they were doing what they were doing. It was how they managed risk. So the value in the organization is the data. And the data became everything. So how IT organizations are making decisions around how to value that data and protect that data is very different than most. I think, enterprise companies think about how CIOs look at ROI conversations.
MR: Good plays in a competitive and crowded market with a lot of other companies specifically focused on MDM, and then security and other companies addressing similar problems. To some degree mobile device management is becoming a commodity offering. So how do you deal with that, and how does Good stand apart from the competition?
The first thing I'm going to say is we're not really a device management company. When I was at Motorola I acquired a device-management company that was created by a group of guys that had jumped out of the Android team from Google. If you would have asked me, I would have said that was absolutely the right answer. What you need to do is lock down the hardware and plug all the holes, because that's exactly how BlackBerry did it, and if I could do those same things on an Android device or an iOS device, then I could provide the same level of assurance to the CIO who is looking at using mobile products.
I think, again, my becoming a user of the Good products made me realize that I had that completely wrong. Device management absolutely has a role. It has a role when your biggest concern is what happens to the hardware. But when your biggest concern is what happens to the data, you need an entirely different set of tools.
I believe a CIO is going to need a variety of different tools to be able to deploy a number of different mobility strategies across the organization. Let's say I'm a bank and I want to put a tablet in the retail branches so that a new customer coming in just wants to pick up a tablet and open an account. That's a great usage for device management because I really care about the hardware. I don't want the hardware to leave the building. If the hardware leaves the building I want to turn it off, shut it down. It's going to be almost purely a corporate device. So it's a very fixed functionality kind of purpose. The second I start to believe that there's any mixture of personal and corporate data being intermixed on that device, you need an entirely different set of tools. I like to use the analogy of a hotel. Device management is kind of the doorman. He lets the people who have authority to have access, access, and people who don't have a reason to be there, he asks them to leave. But it doesn't actually help you secure your watch from the housekeeper. It's not going to help you at all.
When you really care about the assets that are inside the phone -- and what I really care about is that you don't breach the data that's either in my productivity applications or in my corporate developed applications or in any of my applications -- that's an entirely different set of tools. They need to be able to secure the app, secure that data within the app, be able to create workflow with multiple apps that share data across in a secure and transparent way. Most people don't realize that a lot of the data leakage comes from the space where data moves between applications, not from when the data goes in and out of the device. So that's, I think, a very different approach. There's a whole suite of products and solutions that sort of stream out of that if you fundamentally believe your focus is the data. So we do offer device management, but I would say it's, in our world, a feature. It's not a platform. The platform is really the end-to-end security architecture that will let you secure productivity apps, secure development of your own apps, create secure workflows, do distribution and management of data and applications as well as devices.
MR: It was almost a year ago that Good acquired AppCentral. How has that played into these plans and how has that acquisition gone?
AppCentral has been integrated. There is a stand-alone app store which is made available separately, but also as a part of our collaboration suite. If I take the broad view of what the portfolio is, then maybe that helps explain how AppCentral fits in it.
What people are most familiar with is Good for Enterprise. Think of it as a vertically integrated productivity-in-a-box solution. It is your email, calendar, address book, etc., a self-contained, kind of a single container that just gives the employee productivity. That lets them secure the data and things that are going in and out of that secure collaboration workspace, but doesn't necessarily have any impact on the rest of the environment around it.