the next generation of mobile device management will not include ...
THE NEXT GENERATION OF MOBILE DEVICE MANAGEMENT WILL NOT INCLUDE DEVICE MANAGEMENT
A growing number of thought leaders have been predicting that current MDM approaches, such as containers and dual personas, are not sustainable. One prominent example is John Girard, Vice President at Gartner, who wrote: “Mobile Device management is in chaos, and I think this market is going to die!” http://www.crn.com/news/security/240156399/mobile-de(Source: Mobile Device Management Market Won't Last)
To understand the situation, let’s do a quick review of the evolution of MDM.
Evolution of BYOD solutions
1
IT DEPT
DEVICE MANAGEMENT
2
3
CONTAINERS
DATA PROTECTION htp:/w w.zdnet.com/byod-brings-new-security-chalenges-for-italowing- reat r-ac es -while-protecing-networks-70 02 567/
THE FIRST GENERATION OF MDM: MANAGE THE DEVICES The explosive adoption of consumer smartphones over the past years has drilled large holes in the walls that were built to protect enterprise data. After all, until the advent of the smartphone, it was unheard of for an organization’s data to reside on any device not owned and controlled by the organization itself. While employees demanded the flexibility to access corporate email, calendars and documents on these devices, it was only natural that CIOs and CISOs pushed back, trying to maintain the level of control that they were used to having. The first generation of MDM systems thus provided the infrastructure to control and manage the devices.
leakage – once corporate data was on the device, employees could save it to external storage, copy/paste it into other apps, send it anywhere by email and so forth. First-generation MDM was simply not a good enough solution, so the second generation of solutions emerged.
While IT now controlled the devices and employees could access corporate data via a smartphone, neither side was satisfied with this solution: Employees felt restricted by the IT-imposed limitations and were not comfortable with the lack of privacy. Meanwhile, IT was still not able to prevent data
CONTACT INFO:
(646) 369-1685
IT DEPT [email protected]
© 2014 Nativeflow
www.nativeflow.com
THE SECOND GENERATION OF MDM: CONTAINERS The second generation of MDM consists of “secure container” and “dual-persona” solutions. These are different approaches to dividing smartphones into two partitions, one for personal use and the other for corporate use. The idea is that the employees can happily use their favorite apps for personal use while, on the same device, they have separate apps or modes for accessing corporate data. Solutions in this category include AirWatch, Good, MobileIron and Zenprise. While this is a clever concept in theory, the user experience is too severely affected. People love using smartphones because of the wide variety of available apps and the seamless data sharing possible between them. When IT forces employees to access corporate data via a small selection of limited and often unfamiliar apps, or to switch back and forth between work and personal modes, most of the fantastic user experience is lost. For example, users may no longer be able to open Excel files, sign a PDF or even share an interesting web page with their personal contacts – just because they happen to read it via the dedicated browser they were forced to use by IT.
Evidence that this approach is not working is coming to light:
“Users cannot make their own workflows, select the best apps for their job functions, and capitalize on the potential for incrased productvity and satisfaction” Highlighting how severely user experience is impacted utilizing this approach, Bobby Gill writes in his blog that he considers one of the leading secure container solutions, Good for Enterprise, a leading contender for the title of “worst piece of software.” He says, “You want to check your work email on an iPhone, don’t you dare open the Mail app that comes with the iPhone! No sir, you must use the ‘Good’ app.” (Source: App Review: Good For Enterprise, Bad For Everybody Else)
http://www.ideatoappster.com/app-review-good-for-enterprise-bad-for-everybody-else/
THE THIRD GENERATION OF MDM WILL BE DATA ENCAPSULATION
“Users didn't like the idea that they had to be in one world or the other,” said Judy Batenburg, vice president of IT infrastructure and operations at Starz, of dual persona solutions. (Source: Dual persona smartphones non grata at Starz)
The future of MDM rests on a simple tenet: Lock down corporate data while still enabling the broad apps ecosystem and without altering the native user experience. In other words, the next generation of MDM will not restrict users to a limited set of apps. Instead, it will only ensure that corporate data is protected from misuse and leakage.
ht p:/ w w.computerworld.com/s article/9239756/Dual_persona_smartphones_non_grat _at_Starz
“Users cannot make their own workflows, select the best apps for their job functions, and capitalize on the potential for increased productivity and satisfaction,” writes Ryan Faas of CiteWorld. He explains that the dual-persona approach is very similar to forcing employees to work with two entirely separate devices, a personal one and one provided by the company, which is essentially returning to the type of solution provided by first-generation MDM. (Source: Containerization can create a BYOD disaster) http://www.citeworld.com/consumerization/22094/containerization-byod-disaster
CONTACT INFO:
Even leading MDM vendors, such as MobileIron and AirWatch, advocate allowing users to choose their smartphone’s native emails app instead of using a dedicated work email app. Unfortunately, these solutions provide no protection of the email body content, they don’t easily scale (because they require proxy servers) and users are limited to proprietary viewer apps that support relatively few file types.
(646) 369-1685
Imagine a world where users can download and install any app they wish and then use it without restriction with corporate data. Meanwhile, imagine that IT ensures that corporate data is protected while in transit, at rest and in use – without any custom development or integration overhead. htp:/w .zdnet.com/byod-brings-new-security-chalenges-for-italowing- reat r-ac es-while-protecing- etworks-70 02 567/
[email protected]
© 2014 Nativeflow
www.nativeflow.com
The technology of “Data Encapsulation” provides exactly this type of solution. This technology eliminates the tension between IT and BYOD users, while satisfying the requirements of both. Existing “application wrapping” technologies were a first step in the right direction, but because they inherently restrict app and device functionality, they are not a sustainable solution. Data Encapsulation allows IT to say “Yes!” to users, liberating them to work with any app they wish exactly as they are used to. As summed up nicely by Gartner’s John Girard: “MDM will reach an endpoint and then we’ll really start to see vendors have to look at mobile application management and application shielding around the app – that is really what is happening.” (Source: Mobile Device Management Market Won't Last)
http://www.crn.com/news/security/240156399/mobile-device-management-market-wont-last-gartner.htm
Introducing Nativeflow To meet these challenges, and to relieve the tension between users and IT, Nativeflow has developed a patent-pending Mobile Security Platform which dedicate is all about protecting corporate data. This platform retains the full native mobile device experience while meeting stringent IT security and compliance requirements. The solution does not involve any proprietary apps, viewers, SDKs or custom development. Leaving behind the era of cumbersome device and application management, Nativeflow focuses on what matters: corporate information protection. Nativeflow enables users to work with any app from any source on any data, without altering data flow or the native user experience (i.e., no containers, dual personas or disabled functionality). Organizations can finally embrace BYOD to boost user mobile productivity without the possibility of inadvertent or malicious data leakage
Learn more at www.nativeflow.com or call (646) 369-1685
htp:/w .zdnet.com/byod-brings-new-security-chalenges-for-italowing- reat r-ac es-while-protecing- etworks-70 02 567/
CONTACT INFO:
(646) 369-1685
[email protected]
© 2014 Nativeflow
www.nativeflow.com
A growing number of thought leaders have been predicting that current MDM approaches, such as containers and dual personas, are not sustainable. One prominent example is John Girard, Vice President at Gartner, who wrote: “Mobile Device management is in chaos, and I think this market is going to die!” http://www.crn.com/news/security/240156399/mobile-de(Source: Mobile Device Management Market Won't Last)
To understand the situation, let’s do a quick review of the evolution of MDM.
Evolution of BYOD solutions
1
IT DEPT
DEVICE MANAGEMENT
2
3
CONTAINERS
DATA PROTECTION htp:/w w.zdnet.com/byod-brings-new-security-chalenges-for-italowing- reat r-ac es -while-protecing-networks-70 02 567/
THE FIRST GENERATION OF MDM: MANAGE THE DEVICES The explosive adoption of consumer smartphones over the past years has drilled large holes in the walls that were built to protect enterprise data. After all, until the advent of the smartphone, it was unheard of for an organization’s data to reside on any device not owned and controlled by the organization itself. While employees demanded the flexibility to access corporate email, calendars and documents on these devices, it was only natural that CIOs and CISOs pushed back, trying to maintain the level of control that they were used to having. The first generation of MDM systems thus provided the infrastructure to control and manage the devices.
leakage – once corporate data was on the device, employees could save it to external storage, copy/paste it into other apps, send it anywhere by email and so forth. First-generation MDM was simply not a good enough solution, so the second generation of solutions emerged.
While IT now controlled the devices and employees could access corporate data via a smartphone, neither side was satisfied with this solution: Employees felt restricted by the IT-imposed limitations and were not comfortable with the lack of privacy. Meanwhile, IT was still not able to prevent data
CONTACT INFO:
(646) 369-1685
IT DEPT [email protected]
© 2014 Nativeflow
www.nativeflow.com
THE SECOND GENERATION OF MDM: CONTAINERS The second generation of MDM consists of “secure container” and “dual-persona” solutions. These are different approaches to dividing smartphones into two partitions, one for personal use and the other for corporate use. The idea is that the employees can happily use their favorite apps for personal use while, on the same device, they have separate apps or modes for accessing corporate data. Solutions in this category include AirWatch, Good, MobileIron and Zenprise. While this is a clever concept in theory, the user experience is too severely affected. People love using smartphones because of the wide variety of available apps and the seamless data sharing possible between them. When IT forces employees to access corporate data via a small selection of limited and often unfamiliar apps, or to switch back and forth between work and personal modes, most of the fantastic user experience is lost. For example, users may no longer be able to open Excel files, sign a PDF or even share an interesting web page with their personal contacts – just because they happen to read it via the dedicated browser they were forced to use by IT.
Evidence that this approach is not working is coming to light:
“Users cannot make their own workflows, select the best apps for their job functions, and capitalize on the potential for incrased productvity and satisfaction” Highlighting how severely user experience is impacted utilizing this approach, Bobby Gill writes in his blog that he considers one of the leading secure container solutions, Good for Enterprise, a leading contender for the title of “worst piece of software.” He says, “You want to check your work email on an iPhone, don’t you dare open the Mail app that comes with the iPhone! No sir, you must use the ‘Good’ app.” (Source: App Review: Good For Enterprise, Bad For Everybody Else)
http://www.ideatoappster.com/app-review-good-for-enterprise-bad-for-everybody-else/
THE THIRD GENERATION OF MDM WILL BE DATA ENCAPSULATION
“Users didn't like the idea that they had to be in one world or the other,” said Judy Batenburg, vice president of IT infrastructure and operations at Starz, of dual persona solutions. (Source: Dual persona smartphones non grata at Starz)
The future of MDM rests on a simple tenet: Lock down corporate data while still enabling the broad apps ecosystem and without altering the native user experience. In other words, the next generation of MDM will not restrict users to a limited set of apps. Instead, it will only ensure that corporate data is protected from misuse and leakage.
ht p:/ w w.computerworld.com/s article/9239756/Dual_persona_smartphones_non_grat _at_Starz
“Users cannot make their own workflows, select the best apps for their job functions, and capitalize on the potential for increased productivity and satisfaction,” writes Ryan Faas of CiteWorld. He explains that the dual-persona approach is very similar to forcing employees to work with two entirely separate devices, a personal one and one provided by the company, which is essentially returning to the type of solution provided by first-generation MDM. (Source: Containerization can create a BYOD disaster) http://www.citeworld.com/consumerization/22094/containerization-byod-disaster
CONTACT INFO:
Even leading MDM vendors, such as MobileIron and AirWatch, advocate allowing users to choose their smartphone’s native emails app instead of using a dedicated work email app. Unfortunately, these solutions provide no protection of the email body content, they don’t easily scale (because they require proxy servers) and users are limited to proprietary viewer apps that support relatively few file types.
(646) 369-1685
Imagine a world where users can download and install any app they wish and then use it without restriction with corporate data. Meanwhile, imagine that IT ensures that corporate data is protected while in transit, at rest and in use – without any custom development or integration overhead. htp:/w .zdnet.com/byod-brings-new-security-chalenges-for-italowing- reat r-ac es-while-protecing- etworks-70 02 567/
[email protected]
© 2014 Nativeflow
www.nativeflow.com
The technology of “Data Encapsulation” provides exactly this type of solution. This technology eliminates the tension between IT and BYOD users, while satisfying the requirements of both. Existing “application wrapping” technologies were a first step in the right direction, but because they inherently restrict app and device functionality, they are not a sustainable solution. Data Encapsulation allows IT to say “Yes!” to users, liberating them to work with any app they wish exactly as they are used to. As summed up nicely by Gartner’s John Girard: “MDM will reach an endpoint and then we’ll really start to see vendors have to look at mobile application management and application shielding around the app – that is really what is happening.” (Source: Mobile Device Management Market Won't Last)
http://www.crn.com/news/security/240156399/mobile-device-management-market-wont-last-gartner.htm
Introducing Nativeflow To meet these challenges, and to relieve the tension between users and IT, Nativeflow has developed a patent-pending Mobile Security Platform which dedicate is all about protecting corporate data. This platform retains the full native mobile device experience while meeting stringent IT security and compliance requirements. The solution does not involve any proprietary apps, viewers, SDKs or custom development. Leaving behind the era of cumbersome device and application management, Nativeflow focuses on what matters: corporate information protection. Nativeflow enables users to work with any app from any source on any data, without altering data flow or the native user experience (i.e., no containers, dual personas or disabled functionality). Organizations can finally embrace BYOD to boost user mobile productivity without the possibility of inadvertent or malicious data leakage
Learn more at www.nativeflow.com or call (646) 369-1685
htp:/w .zdnet.com/byod-brings-new-security-chalenges-for-italowing- reat r-ac es-while-protecing- etworks-70 02 567/
CONTACT INFO:
(646) 369-1685
[email protected]
© 2014 Nativeflow
www.nativeflow.com
