Handset virtualization makes it possible for companies to let employees bring their own devices, while maintaining secure control over enterprise content and security.November 15, 2011
The dual phone dilemma is becoming a common problem in business. Companies want to issue employees phones they know are secure and that can be managed, and if need be, wiped clean of data by the IT department.
Employees want the phone of their choice, loaded with the apps of their choice. A survey for the 2011 Cisco Connected World Technology Report found, for example, that 81 percent of college students around the world want to be able to choose their own device at work. The employee demands, especially when they come from senior managers, are becoming increasingly difficult to resist.
Until now, the best option has been the inconvenient choice of carrying both a personal and a business phone. But new technology is making it possible for a single Android handset to act as if it were two -- a managed business phone and a personal handset with which you can do what you want.
"If you look at what is happening with bring your own device, the IT department wants to provision, manage and de-provision the phone over the air," says Janet Schijns, vice president for the Verizon Wireless Business Solutions Group. "But there's a second lens through which to view this. People want to maintain privacy and control of their mobile environment. They don't particularly want their employer looking at pictures of their kids, or email from their husband."
Two solutions take somewhat different approaches to giving a phone a dual personality. VMware Horizon creates a virtual machine that gives you a secure, managed environment for business use and a wide-open one for personal use. Enterproid Divide, to be offered later this year by AT&T as Toggle, creates a secure work environment within a sandbox on the phone. In either case, users can switch quickly and easily between the corporate and personal modes.
The VMware approach is more comprehensive, since it really turns a handset into what appears to the outside world to be two separate phones. Each has its own phone number. Each has its own apps, and apps on the personal side cannot access corporate data and vice versa. If necessary, the corporate phone number along with all apps and data can be wiped remotely.
Verizon will begin offering the VMware solution, initially on LG Android phones, to its business customers before the end of the year. Eventually, it plans to expand the offering to all of its Android handsets. Verizon will even allow the two virtual phones to be billed separately, so the business could pay directly for the corporate side, while the employee would receive a bill for personal use. Telefónica is working with LG and VMware on a similar offering in Europe.
For the time being, at least, these solutions are available only for Android devices. Though there would undoubtedly be a huge amount of support for a dual personality iPhone, Apple does not give third-party developers the sort of deep access to the operating system needed to create a virtual machine. Enterproid says it is working on versions of Divide for the iPhone and Windows Phone 7.
Research In Motion offers a more limited option for BlackBerrys called Balance. On a BlackBerry connected to a BlackBerry Enterprise Server, Balance prevents communications between enterprise and personal applications—for example, you cannot cut and paste data from an enterprise app into a personal app and social networking applications cannot access corporate data. It also makes it possible for IT administrators to wipe corporate data remotely without affecting personal data.
Solutions like these are likely to become more common as employees demand more flexibility in choosing their mobile devices. They are a relatively simple and cost-effective way of keeping everyone happy.
The contents or opinions in this feature are independent and do not necessarily represent the views of Cisco. They are offered in an effort to encourage continuing conversations on a broad range of innovative technology subjects. We welcome your comments and engagement.
We welcome the re-use, republication, and distribution of "The Network" content. Please credit us with the following information: Used with the permission of http://thenetwork.cisco.com/.