Thursday, August 08, 2013

Mobile Virtualization

Virtualization is simulating one hardware or software platform on another and has been around since mainframes in the 1960's. Over the years, the use of virtualization has expanded beyond mainframes to include servers storage, network, applications, desktops, laptops and even mobile devices such as smartphones and tablets.

There are several types of mobile virtualization including operating system, applications and entire virtualized desktops.  Virtualization can provide flexibility as well as increased security.

A key concern for the enterprise securing corporate information on both corporate-owned as well as personally-owned devices or BYOD.  Enterprise adoption of "dual-persona" solutions which separate corporate and personal data for BYOD continues to increase and there are many solutions including visualization.  Red Bend TRUE is one such solution.

Red Bend TRUE incorporates a type-1 mobile hypervisor and is integreated into select Android mobile devices by mobile operators.   IT management provisions a "Secure Enterprise Domain" to the device which includes a separate "enterprise" Android operating system.  IT management can also provision enterprise applications that run inside the enterprise container.  The existing "personal" Android operating system, settings, applications and content are not modified and cannot be accessed by IT management.  IT management has full control of the enterprise area while the user has full control of the personal area of the mobile device.   The user experience is fantastic since both instances of Android retain the standard look and feel.   In addition, this model addressees a major employee dissatifier of BYOD in that a device passcode can be enforced only the enterprise area of the device and the personal area can be unlocked, if desired.  A disadvantage of Red Bend TRUE is that it is only available on certain Android devices from specific carriers thus limiting its BYOD appeal.

The Red Bend TRUE solution is similar to Samsung KNOX.  However, where they differ is that KNOX is not a hypervisor but rather it runs in the BIOS firmware. Earlier this year, the US Department of Defense (DoD) approved Samsung KNOX for government use without the dual-persona capability enabled as BYOD is not approved for use.  Samsung KNOX has additional security features such as secure boot, encryption and MDM enhancements that go beyond native Android features.

It's worth noting that BlackBerry is the only smartphone platform that ships out of the box with native dual-persona capability as part of BlackBerry Balance.  Earlier today, BlackBerry announced that the DoD approved the Z10 and Q10 for use. 

No comments: