The naming of bring your own device (BYOD) initiatives alongside cloud computing as “one of the eight most disruptive IT forces” by Gartner has highlighted the growing acceptance of BYOD strategies in the corporate world. However, this trend is forcing enterprises to address a broadening range of management issues. In addition to being able to differentiate corporate-owned, employee-owned and visitor-owned smartphones, laptop and tablet PCs, they have also to be separately managed and secured. Moreover, BYOD protagonists are increasingly adopting printers and even VoIP phones into their fold, many of which are likely have wired Ethernet ports connected to a LAN.
In this light, we can expect organizations to have increasingly limited visibility and control of the multiple platforms with which they are tasked with managing, creating an administrative challenge for their IT departments. Solutions are thus urgently required that are able to apply policies and restrictions to a growing diversity of BYOD platforms, both wired and wireless. These solutions should be able to provide network access control based on the compliance state, ownership and many other attributes of a BYOD. This is beyond the scope of most current mobile device management (MDM) solutions. They are often limited to the provision of just two options with which network administrators are able to control a mobile device: refuse network access or remotely ‘wipe’ the device’s memory.
According to research, many employees are becoming less enthusiastic about using their personal devices on a corporate network if the organization’s IT department can erase their devices’ memory without warning, perhaps on a baseless premise. The possibility of wiping a device in error or blocking access to the network by a BYOD for a spurious reason defeats the point of providing network connectivity for user devices on a broad scale. With this in mind, it seems obvious why MDMs are being approached with caution, especially for true BYOD scenarios in major corporations.
However, there is an answer to the problem. This comes in the form of ‘containerization’, an emerging class of management tools and one of the latest MDM solutions.
Containerization builds on the notion that personal applications and data must be kept separate from corporate apps and data at all times. This allows for the application of strict governance policies for security and compliance on mobile devices without the need to ever interfere with personal content. Containerization creates a separate, encrypted zone or ‘container’ on a BYOD within which corporate apps and data can reside. Policy controls apply only to what is included in container, instead of the entire device.
One of the key benefits of containerization is that it actually relaxes the tight control over employee-owned devices common to many current MDM strategies. Because corporate apps and data have been unable to be separated from a user’s personal content in the past, MDM tools have had to be extremely conservative in terms of managing corporate resources on BYODs, with policies often applying to the entire device – addressing both personal and professional apps and data. For businesses needing to implement the strictest of security policy and compliance controls – such as those in the banking and financial services sectors – containerization can be useful in making the BYOD experience more acceptable for users.
Of course, containerization is not yet perfect. For example, container solutions do not yet automatically integrate corporate contacts into a phone, so a ‘containerized’ BYOD may be unable to identify every caller. Containerization also leaves corporate data on the device unprotected if the device is stolen or lost (in common with MDM solutions).
Nevertheless, looking to the future it’s possible to visualize the management of apps and data evolving towards full enterprise mobility management – including content management and application deployment. In this scenario, today’s drive towards acceptance of containerization technologies will have been seen to have played a vital role.