Risk
5/15/2013
11:41 AM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

VMware Fights Android BYOD Headaches

VMware's BYOD ambitions kick into gear through its partnership with Verizon. But is the virtualization heavyweight making its mobile management play too late?

10 Top Password Managers
10 Top Password Managers
(click image for slideshow)
VMware announced Wednesday the availability of its Horizon Mobile product for certain Android-based Verizon smartphones. The technology establishes a second instance of Google's mobile OS on a compatible device, allowing employees to keep their personal content separate from an IT-controlled workspace.

Such partitions have been considered an ideal ever since workers began bringing their own smartphones into the office, but with many vendors already touting similar technologies of their own, it's not certain that VMware will gain traction in the crowded mobile enterprise management market.

VMware Horizon Mobile is available immediately for the LG Intuition and the Motorola RAZR M. New units will come ready to deploy the Android guest OS, but users who have previously purchased either phone can gain access as well. VMware plans to add support for additional models throughout the year.

IT managers once enjoyed uniform device deployments in which all employees were issued a pre-approved, easily managed device, such as a BlackBerry smartphone. As the bring-your-own device (BYOD) movement flooded the workplace with user-owned iPhones and Android models, however, IT staffers have been challenged to keep the devices secure while also respecting privacy concerns. Due to this tension, analysts have characterized the ability to isolate business data from personal data as the "holy grail" of mobile endpoint management.

[ The multitude of devices will test many IT teams' mobile application development plans. Read 9 Challenges To Your Mobile App Strategy. ]

The same is true at businesses that have eschewed BYOD for the corporate-owned, personally enabled (COPE) model, in which the company owns devices but allows employees to choose from a variety of options. Because smartphones have become so capable, many users use them for personal tasks, even when their employers own the devices. A division between work data and personal tasks allows companies to embrace this user tendency without putting corporate intellectual property at risk.

By building its work-focused space around a guest OS, Horizon Mobile gives IT staffers particularly granular controls. Administrators can set passwords, push applications to devices or approve them for download from a corporate app catalog, enforce VPN requirements, remotely wipe data, and more -- all without affecting the user-dedicated portion of the device. It also boasts a secure browser and AES-256 encryption.

It's worth noting that Horizon Mobile's implementation is somewhat different than other virtualization-based mobile security techniques. Thin clients are often praised for their security because they don't actually store data locally; whatever the user is working on essentially disappears once a session has been terminated. Horizon Mobile, in contrast, stores the second OS locally and uses a Type 2 hypervisor to run the second instance.

As IT has been forced to wrangle an increasingly diverse spate of devices, vendors have stepped in to help, and many mobile management features -- such as remote wipe capabilities -- have become more or less commoditized. BlackBerry, AT&T, AirWatch, MobileIron and others all have technologies, for example, that separate personal content from work content.

Despite the ubiquity of certain features, Jaleh Rezaei, director of product marketing for Horizon, said that VMware's approach is still distinct because it relies on virtualization. In an interview, she said most other approaches involve containerization processes, which require modification to individual apps. Because Horizon Mobile hosts corporate content in a complete OS, this extra step is unnecessary. Similarly, Rezaei said that because admins have access to an OS, rather than to just an app, they can control the workspace more tightly.

She also noted that Horizon Mobile could solve the problem of Android fragmentation. Many versions of Android are actively in use, making it difficult for IT admins to uniformly control the numerous variants that might be accessing their networks. Rezaei said that by orienting corporate activity around a standardized guest OS, VMware avoids this trouble.

VMware Horizon Mobile is available immediately with perpetual licensing starting at $125 per user.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
cbabcock
50%
50%
cbabcock,
User Rank: Apprentice
5/17/2013 | 10:35:54 PM
re: VMware Fights Android BYOD Headaches
A nice portrayal, Michael, of the configuration of the business/personal smartphone in the BYOD debate. Containerization has its management drawbacks but uses little memory. VMware/Horizon Mobile approach has management advantages but uses more memory to mount the second operating system for the virtual machine. I don't know for sure what the penalty is and maybe they've found a way to minimize it. But there is one, and memory is limited resource on the handheld device..Charlie Babcock, InformationWeek senior writer.
Laurianne
50%
50%
Laurianne,
User Rank: Apprentice
5/15/2013 | 7:09:43 PM
re: VMware Fights Android BYOD Headaches
It is late, but VMware has a strong management tool respect established with many IT groups. Anyone want to chime in on how this complements your existing mobile tools?

Laurianne McLaughlin
InformationWeek
1.9 Billion Data Records Exposed in First Half of 2017
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/20/2017
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Jan, check this out! I found an unhackable PC.
Current Issue
Security Vulnerabilities: The Next Wave
Just when you thought it was safe, researchers have unveiled a new round of IT security flaws. Is your enterprise ready?
Flash Poll
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
Enterprises are spending more of their IT budgets on cybersecurity technology. How do your organization's security plans and strategies compare to what others are doing? Here's an in-depth look.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.