Simply Security - News, Views, and Opinions from Trend Micro

Posted on March 16th, 2012 in Current News, Mobility by Simply Security | Be the first to comment | Tags: virtualization

Researchers are looking to virtualization to answer their BYOD troubles.

As organizations begin to face the unavoidable issue of mobile device management, questions of cost, functionality and security all come into play. Researchers from Zenprise recently analyzed the popular strategy of allowing employees to access company resources directly from their personal smartphones and tablets.

The primary advantage of the BYOD [bring your own device] framework is convenience. Instead of purchasing a fleet of new devices for the workforce, managers can conserve resources while still realizing the productivity advantages mobility can bring. This strategy is particularly attractive for smaller firms in which equipping each employee with a new smartphone or tablet would be prohibitively expensive. BYOD has the potential to be less expensive, but it is by no means free, as IT teams are often forced to purchase robust new solutions capable of safeguarding company networks and data.

"This report finds two overarching concerns in corporations over employees using personal mobile devices at work – security and a potential loss of productivity," explained Zenprise chief marketing officer Ahmed Datoo. "As the BYOD trend continues to gain momentum, we expect that advance in mobile device management will offset these concerns and companies will start viewing mobile devices as increasingly critical tools for business success."

In terms of ensuring employees make the most productive use of their smartphones and tablets while on company time, IT managers have taken to regulating the applications and web browsers that workers can use. The blacklisting of certain mobile apps was approximately twice as popular as whitelisting, according to Zenprise. Facebook, Dropbox and Angry Birds were the most popular titles found on IT blacklists, while Citrix, Adobe and Xora were mainstays in corporate mobile app libraries.

Zenprise analysts also discovered that the rate at which iOS, Android and Windows devices were enrolled in BYOD programs differed slightly from overall mobile marketplace sales.

According to the comScore, Google continued to hold a commanding lead in the U.S. market in December with 47.3 percent of smartphone subscribers using Android handsets. Apple, Research In Motion and Microsoft trailed behind with approximately 30 percent, 16 percent and 5 percent market share, respectively. Conversely, Zenprise analysts discovered that iOS devices commanded 57 percent of BYOD enrollment figures, followed by Android at 33 percent and Windows at 10 percent. Two possible explanations for these findings include the rise of the iPad in corporate settings and the continued struggles of the BlackBerry brand on several fronts.

Most importantly, Zenprise researchers delved deeper into the data security and access control policies and mechanisms used by IT personnel. Although there was a marked increase in the number of companies implementing over-the-top, cloud-based mobile device management solutions, it appears most organizations still need to work on their fundamentals. Just 29 percent of BYOD plans analyzed by Zenprise mandated password protection for all devices and only one in three had virtual private network (VPN) policies in place.

That last point may be of particular interest as more mobile security researchers have pointed to the potential of virtualization in recent months. According to InfoBoom contributor Rick Robinson, the U.S. federal government is already looking at a "technology akin to desktop virtualization" to address its unique mobile device management concerns. Essentially, data security is achieved by splitting a smartphone's interface into two distinct systems – one for work and one for play.

"The program will deploy Android smartphones running two independent operating systems. One will be for the user's personal use and managed by the user. The other operating system, for workplace use, will be government-managed," Robinson explained.

The strategy will be different from traditional desktop virtualization in the sense that the two systems will not be able to communicate with one another. This may limit  the functionality available to users, according to Robinson, but IT managers will be able to rest easy. In the event a smartphone is lost, stolen or hacked, administrators could virtually sanitize data from the government-controlled portion of the phone without disrupting or deleting the owner's personal applications.

While federal researchers refine this innovative approach, there is still reason to believe that desktop virtualization could be a valuable asset in mobile device management plans. According to recent independent analysis conducted by Virtual Computer, tablets are still seen as a complement, rather than a replacement, to the PC by the majority of IT professionals.

"There's been great interest in desktop virtualization for addressing security and mobility goals, but 58 percent of respondents were concerned with high infrastructure costs and 57 percent with end-user performance," explained Virtual Computer chief marketing officer Sham Sao. "This is where intelligent desktop virtualization has a huge growth opportunity."

It remains to be seen how companies will ultimately allocate their resources and address the concerns of cost-efficiency, employee productivity and data security. However, it appears as though the best strategy for any organization will involve multiple layers of both technological solutions and managerial mandates.

Virtualization Security News from SimplySecurity.com by Trend Micro