The real solution to BYOD security: virtualization
A recent Ovum Research report found that nearly 70 percent of smartphone-owning professionals use a personal device to access corporate data. That's rather stunning, given the fact that at many companies, the IT department doesn't even support personal devices. At this point, BYOD is happening at companies whether they like it or not, so they might as well take affirmative steps to make sure the trend occurs within the parameters of sound compliance policies.
The CEO of Cellrox puts forth an interesting concept: "These days, mobile virtualization is certainly becoming a valid option due to the fact that it allows users to separate the work and private environments (a.k.a. personas) and enforce different policies for each, sort of like having two phones on one device." It makes sense. If IT compliance and security staff could find a way to effectively segment the phone, ring-fencing the portions that deal with corporate network access while leaving all other features untouched, everyone would be happy. "Users can benefit from personas for their kids or for gaming and social networks in addition to their business and private personas. Why limit them to just two?"
Sadly, these sorts of virtualization solutions are not delivering on the promise. "This leads to a bad user experience, and limits the phone to two personas. Plus, running a full, extra operating system will consume more energy than only using one and will drain the battery life." That said, there's a lot of innovation going on around mobile security, and there will be host of solutions that bubble forth at some point. Some may hit the sweet spot dead on.
- here's the article