Thursday, March 21, 2013

Dr. Jekyll and Mr. Hyde & BYOD!!


Ok it is not really split personality of BYOD (can happen when malware enter) but more of a Dual Persona. Today BYOD security solutions are maturing and creating new ways of securing them and Dual Persona is one of them which provides enough security for the enterprise so that they can feel secure about the BYODs and also create two separate spaces – one is business and one if personal. Also discussed is how it works and what are the advantages and disadvantages of such solutions.

BYOD has ushered an era what is called the Consumerization of IT in the enterprise (or CITE) where in mixing personal and business apps and data are happening and this has the potential to introduce malware into the corporate networks via these BYODs. Because of this fact, IT introduces the extra management and security protections such as those which restricts what you can do and what you cannot, what apps you can install and what you cannot with the possibility of even knowing what you might do with that device during your personal time. These security controls might work for IT to protect its resources they seem to be oblivion completely to the employee’s view and convenience that bought it in the first place for his personal usage. Why buy such as expensive device only to be told what you can and cant do with it and what web sites to go and what not to go and what is constantly watched by the an agent that are looking for potential data breaches even when you are conducting non-business activities. . Employees may be prevented from downloading personal applications from app stores or accessing Internet for games, social media, non-business browsing, and unauthorized productivity and entertainment tools. Why have our own device in the first place?

Welcome Dual persona!!! They have to come into the market to address the precise problem I just stated, “Employees did not buy those expensive devices just to be controlled by IT” J They are designed to meet the needs of both IT and the employee in a way. DP (Dual Persona) solutions are newer in the market, have very basic management capabilities and they are not positioned as full-blown MDM solutions but provide enough IT security for most industries and complete flexibility for the employee. For those highly regulated industries, DP can compliment the MDM solutions that already exist.


DP solutions create that two logical “sides” on a mobile by separating personal and business data and applications. This way IT can care for its portion and employees be as flexible as they want to be on their part of the device. As they as keeping business business, personal personal!! This goes against the way say MDM works as MDM locks down completely having a negative effect on the end user. No I don’t say DP will replace all of MDMs as in many highly regulated industries MDM is a must but even there DP can play a role and complement each other.
Hypervisor can be an example of this but hypervisors require the device OEM to participate to integrate their solution and it takes much longer to provide the support for all models, and generally not truly heterogeneous. Also there will be performance hit, as virtualization requires the device to run two separate OSs and application stacks. On the other hand there are other solutions such as AT&T toggle is more at the OS level and can be easily integrated.

Most of the dual persona solutions explicitly separate business and personal data. One can use two applications on appropriate devices and easy to toggle between these two persona. That way business can get the best of both worlds, a high level management and control while employees can use their part as they wish and hence better buy-in to the solution. DP is today available mainly on iOS and Android. Also this dual-persona can come up with separate bandwidth/data plans for billing and tracking purposes too. Hence DP solutions hold particular promise as they provide more power, choice, and convenience to the employee.

Of course dual persona comes with its own issues too. When you get a text/SMS, where does it go? Do you maintain two separate contacts list? Many mobile vendors don’t provide two separate contacts databases. When you want to call a friend also a business partner, which side will you flip? When you get a call is it personal or business and which one rings? How do you do social media, personal or business? Especially if you do both action items very often that is both personal (say Social Media) and business (say some salesforce update), will you keep flipping? Also not all OS are supported and of course again unauthorized devices are not take care of.

To summarize, the problem of BYOD today is looked upon on various angles and each angle has its own solution with its own strengths and weaknesses and a business has to do is to analyze all issues that plague them and then decide on a solution or a set of solutions that suit them best. There is no one size that fits all.

Manjunath M Gowda
CEO, i7 Networks,  “Agentless BYOD Discovery & Control”

in.linkedin.com/in/manjunathgowda, @i7networks, i7nw.com

(Reproduced from i7nw.com blog with permission)

1 comment:

  1. I am sure that byod is the only way to tackle the work efficiency now. as of increasing population in cities and the time require an employee to reach at workplace. it all shows that how important it is to implement BYOD and if not.. then think how it can be successfully implimented..

    ReplyDelete