Risk
5/15/2013
11:41 AM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

VMware Fights Android BYOD Headaches

VMware's BYOD ambitions kick into gear through its partnership with Verizon. But is the virtualization heavyweight making its mobile management play too late?

10 Top Password Managers
10 Top Password Managers
(click image for slideshow)
VMware announced Wednesday the availability of its Horizon Mobile product for certain Android-based Verizon smartphones. The technology establishes a second instance of Google's mobile OS on a compatible device, allowing employees to keep their personal content separate from an IT-controlled workspace.

Such partitions have been considered an ideal ever since workers began bringing their own smartphones into the office, but with many vendors already touting similar technologies of their own, it's not certain that VMware will gain traction in the crowded mobile enterprise management market.

VMware Horizon Mobile is available immediately for the LG Intuition and the Motorola RAZR M. New units will come ready to deploy the Android guest OS, but users who have previously purchased either phone can gain access as well. VMware plans to add support for additional models throughout the year.

IT managers once enjoyed uniform device deployments in which all employees were issued a pre-approved, easily managed device, such as a BlackBerry smartphone. As the bring-your-own device (BYOD) movement flooded the workplace with user-owned iPhones and Android models, however, IT staffers have been challenged to keep the devices secure while also respecting privacy concerns. Due to this tension, analysts have characterized the ability to isolate business data from personal data as the "holy grail" of mobile endpoint management.

[ The multitude of devices will test many IT teams' mobile application development plans. Read 9 Challenges To Your Mobile App Strategy. ]

The same is true at businesses that have eschewed BYOD for the corporate-owned, personally enabled (COPE) model, in which the company owns devices but allows employees to choose from a variety of options. Because smartphones have become so capable, many users use them for personal tasks, even when their employers own the devices. A division between work data and personal tasks allows companies to embrace this user tendency without putting corporate intellectual property at risk.

By building its work-focused space around a guest OS, Horizon Mobile gives IT staffers particularly granular controls. Administrators can set passwords, push applications to devices or approve them for download from a corporate app catalog, enforce VPN requirements, remotely wipe data, and more -- all without affecting the user-dedicated portion of the device. It also boasts a secure browser and AES-256 encryption.

It's worth noting that Horizon Mobile's implementation is somewhat different than other virtualization-based mobile security techniques. Thin clients are often praised for their security because they don't actually store data locally; whatever the user is working on essentially disappears once a session has been terminated. Horizon Mobile, in contrast, stores the second OS locally and uses a Type 2 hypervisor to run the second instance.

As IT has been forced to wrangle an increasingly diverse spate of devices, vendors have stepped in to help, and many mobile management features -- such as remote wipe capabilities -- have become more or less commoditized. BlackBerry, AT&T, AirWatch, MobileIron and others all have technologies, for example, that separate personal content from work content.

Despite the ubiquity of certain features, Jaleh Rezaei, director of product marketing for Horizon, said that VMware's approach is still distinct because it relies on virtualization. In an interview, she said most other approaches involve containerization processes, which require modification to individual apps. Because Horizon Mobile hosts corporate content in a complete OS, this extra step is unnecessary. Similarly, Rezaei said that because admins have access to an OS, rather than to just an app, they can control the workspace more tightly.

She also noted that Horizon Mobile could solve the problem of Android fragmentation. Many versions of Android are actively in use, making it difficult for IT admins to uniformly control the numerous variants that might be accessing their networks. Rezaei said that by orienting corporate activity around a standardized guest OS, VMware avoids this trouble.

VMware Horizon Mobile is available immediately with perpetual licensing starting at $125 per user.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
cbabcock
50%
50%
cbabcock,
User Rank: Apprentice
5/17/2013 | 10:35:54 PM
re: VMware Fights Android BYOD Headaches
A nice portrayal, Michael, of the configuration of the business/personal smartphone in the BYOD debate. Containerization has its management drawbacks but uses little memory. VMware/Horizon Mobile approach has management advantages but uses more memory to mount the second operating system for the virtual machine. I don't know for sure what the penalty is and maybe they've found a way to minimize it. But there is one, and memory is limited resource on the handheld device..Charlie Babcock, InformationWeek senior writer.
Laurianne
50%
50%
Laurianne,
User Rank: Apprentice
5/15/2013 | 7:09:43 PM
re: VMware Fights Android BYOD Headaches
It is late, but VMware has a strong management tool respect established with many IT groups. Anyone want to chime in on how this complements your existing mobile tools?

Laurianne McLaughlin
InformationWeek
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading, September 16, 2014
Malicious software is morphing to be more targeted, stealthy, and destructive. Are you prepared to stop it?
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-1032
Published: 2014-09-17
Cross-site scripting (XSS) vulnerability in the Euroling SiteSeeker module 3.x before 3.4.5 for EPiServer allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party inf...

CVE-2012-1417
Published: 2014-09-17
Multiple cross-site scripting (XSS) vulnerabilities in Local Phone book and Blacklist form in Yealink VOIP Phones allow remote authenticated users to inject arbitrary web script or HTML via the user field to cgi-bin/ConfigManApp.com.

CVE-2012-1506
Published: 2014-09-17
SQL injection vulnerability in the updateStatus function in lib/models/benefits/Hsp.php in OrangeHRM before 2.7 allows remote authenticated users to execute arbitrary SQL commands via the hspSummaryId parameter to plugins/ajaxCalls/haltResumeHsp.php. NOTE: some of these details are obtained from th...

CVE-2012-1507
Published: 2014-09-17
Multiple cross-site scripting (XSS) vulnerabilities in OrangeHRM before 2.7 allow remote attackers to inject arbitrary web script or HTML via the (1) newHspStatus parameter to plugins/ajaxCalls/haltResumeHsp.php, (2) sortOrder1 parameter to templates/hrfunct/emppop.php, or (3) uri parameter to index...

CVE-2012-2583
Published: 2014-09-17
Cross-site scripting (XSS) vulnerability in Mini Mail Dashboard Widget plugin 1.42 for WordPress allows remote attackers to inject arbitrary web script or HTML via the body of an email.

Best of the Web
Dark Reading Radio