Work Zone On Smartphone (Part 1)

2/6/2013 6:10:41 PM

Emergent containerization technologies create a separate work zone that is protected on employee’s personal smartphone.

Description: Emergent containerization technologies create a separate work zone that is protected on employee’s personal smartphone

Emergent containerization technologies create a separate work zone that is protected on employee’s personal smartphone

Anthony Perkins wants employees at BNY Mellon carrying personal smartphones to company and use them instead of provided BlackBerries to enter emails, apps and business data.

But there is an obstacle: not all employees feel comfortable with the view in which they have personal phones locked and strictly monitored like BlackBerries that Perkins wants to be gradually less used. That is where the term ‘containerization’ jumps into.

BYOD (Bring Your Own Device) project is good, according to Perkins, CIO for BNY Mellon's Wealth Management business. It reduces time and cost involving maintaining and controlling company-owned BlackBerries. “We prefer managing software not hardware. In RIM world, you have to manage the hardware”, he says, referring to BlackBerry maker RIM (Research In Motion).

On the downside, common existing mobile devices are developed for consumer market, and third-party management tools don’t offer similar control level to user devices that RIM have over BlackBerries. RIM designed and controlled BlackBerry client’s structure and fast reacted to business’s customer demand.

As business apps and data are often mixed with user’s personal information, mobile device management (MDM) tools are often strict when mentioning managing business resources on user’s mobiles. Usage policies are commonly applied onto the whole device, including apps and data of both individuals and careers. User may not be ready to give up the right to control personal phones in exchange for the privilege of using them for work.

To get over such resistance of user, Perkins is moving to containerization, an emerging class of management technology that creates a separately encrypted area in user’s smartphone where some business apps and data may be within. Under such arrangement, policy controls only apply to what inside the container instead of the whole device.

Containerization tools are complementary to MDM software, plus more and more MDM providers are incorporating containerization functions.

Despite great policies that guarding corporate data, it is unnecessary to prevent personal information from being lost in a wipe done by IT department in case the phone is lost or stolen. Some IT firms realize several users may not know how to back up personal data and apps properly and are helping them to configure back-up systems.

Ryan Terry, division CIO and chief security officer at University Hospitals Health System in Shaker Heights, Ohio, has turned to containerization tech because he sees using conventional MDM tools to take full control of the device as a liability issue. The hospital needs apps or data that are securely provided to clinicians without interfering users’ access to their own apps and personal data. “We can’t remove everything of an individual or impede their ability to use own assets”, he says.

Alex John, assistant director of technology at West Virginia University, also appear prudent to say “I don’t want my people to make personal settings that could return to haunt us”, such as accidentally deleting or making configuration changes that affects the way user’s personal app runs, he says.

For companies in highly regulated industries which need powerful security policies and face missions requiring strict following, containerization can be useful in making BYOD acceptable for users, IT leaders says.

Choose your own container

Basically, providers offer 3 different approaches to containerization: creating an encrypted space, or folder, where apps and data can be poured into; creating an app wrapper that creates a secure bubble around each corporate app and associated data; and using hypervisors which create an entirely virtual mobile in user’s device that is specifically for work.

All of these solutions provide stricter control over apps and data in user’s device than any standard solution for existing smartphone. And with containerization, user is not limited to using devices in the list of smartphones that have been tested and confirmed by IT department, because corporate apps and data lie inside a secure and encrypted shell.

However, the need of switching between corporate and personal environments back and forth can be seen inconvenient, affecting general satisfaction of users, according Phillip Redman, Gartner’s analyst says.

Either Apple or Google offers containerization, and there’s no comment for this story, but each corporate points out to some useful resources.

Encrypted folders

Redman explains: the most mature containerization is using a container based on an encrypted folder. AirWatch has something like that, and Good Technology is a firm leading in selling to businesses that accept containerization all over the enterprise, especially in regulated industries.

Description: Encrypted folders

Encrypted folders

For simple mobile access, BNY Mellon uses Good for Enterprise to create an encrypted space on smartphone within where user can run Good’s email and calendar clients and use a safe browser. “It is a secure container with an app that can send and receive encrypted corporate emails” Perkins explains. All communications are routed through Good’s network-operating canter that authenticates mobile user’s right.

Good offered basic email and calendar tools several years ago. By the end of last year, it added an ability for other apps to run within its secure space by using Good Dynamics Platform, but each app must be edited to run in Good’s exclusive environment. Until now, nearly a dozen of commercial apps available, including QuickOffice, which is often used to read and edit attached Microsoft Office downloads.

Perkins is using Good only for email and calendar – “killer apps” for most of the employees, he says – and enters local browser-based apps through Good’s browser.

For user needing full access to corporate network, SharePoint and other services, BNY Mellon uses Fiberlink’s MaaS360, a cloud-based MDM system that can take full control over user’s device. MaaS360 keeps track of what is written and from OS, and it blocks access to some personal apps, such as Yahoo! Mail and Gmail when the device is entering corporate resource.

“When it’s on our network, we own and control it”, Perkins says. When used in personal mode, persons have the right to control over apps they can use.

Besides, BNY Mellon can remove devices – including all apps and personal data – lost or stolen, though MaaS360 and most of other important MDM tools allows for selective wipe. Citing security concerns, Perkins refuses to tell how many times his corporate had to wipe phones.

On the contrary, only corporate container is removed from lost or stolen devices which just have email access and calendar via Good technology.

Top 10
Free Mobile And Desktop Apps For Accessing Restricted Websites
TOYOTA CAMRY 2; 2.5 : Camry now more comely
KIA SORENTO 2.2CRDi : Fuel-sipping slugger
How To Setup, Password Protect & Encrypt Wireless Internet Connection
Emulate And Run iPad Apps On Windows, Mac OS X & Linux With iPadian
Backup & Restore Game Progress From Any Game With SaveGameProgress
Generate A Facebook Timeline Cover Using A Free App
New App for Women ‘Remix’ Offers Fashion Advice & Style Tips
SG50 Ferrari F12berlinetta : Prancing Horse for Lion City's 50th
Popular Tags
Video Tutorail Microsoft Access Microsoft Excel Microsoft OneNote Microsoft PowerPoint Microsoft Project Microsoft Visio Microsoft Word Active Directory Exchange Server Sharepoint Sql Server Windows Server 2008 Windows Server 2012 Windows 7 Windows 8 Adobe Flash Professional Dreamweaver Adobe Illustrator Adobe Photoshop CorelDRAW X5 CorelDraw 10 windows Phone 7 windows Phone 8 Iphone