Two Phones in One: An Enterprise BYOD Solution

Steve Wildstrom / November 23rd, 2011

I’m not usually terribly sympathetic to the problems of corporate IT departments. It seems that corporate employees, including senior executives, are no longer willing to accept whatever miserable handset the company designates as its official phone. At the same time, IT managers and their colleagues in legal, corporate security, and finance need secure, managed mobile platforms that can deploy custom apps and satisfy a big pile of compliance needs. Letting execs bring their own devices is popular, but can be very difficult to implement.

“If you look at what is happening with bring your own device, the IT department wants to provision, manage, and deprovision the phone over the air,” says Janet Schijns, vice president for the Verizon Wireless Business Solutions Group.  “But there’s a second lens through which to view this. People want to maintain privacy and control of their mobile environment. They don’t particularly want their employer looking at pictures of their kids, or email from their husband.”

For a long while, the BlackBerry was the solution. Providing what IT wants is part of BlackBerry’s DNA and the BlackBerry Enterprise Server and Research In Motion’s back-end network gave IT tools that were comprehensive and cost-effective. But trouble came as BlackBerry handsets began to fall further and further behind Apple and Android offerings.

Now a solution of sorts is emerging, at least for Android. Virtualiztion software can give a single handset two separate personalities. VMware Horizon creates a virtual machine that gives you a secure, managed environment for business use and a wide-open one for personal use. Enterproid Divide created a secure work environment within a sandbox on the phone. In either case, users can switch quickly and easily between the corporate and personal modes.

For now, these options exist only on Android phones, and it’s likely that’s where the VMware solution will stay for now. Creation of a full virtual machine requires low-level access to the operating system that is possible with Android but strictly prohibited by Apple for iOS or Microsoft for Windows Phone 7.

The VMware approach turns a handset into what appears to the outside world to be two separate phones, each with its own phone number. Each has its own apps, and apps on the personal side cannot access corporate data and vice versa. If necessary, the corporate phone number along with all apps and data can be wiped remotely. Verizon plans to roll out VMware Horizon as a pre-installed package on LG Android handsets before yearend and will eventually expand it to its entire Android portfolio. Verizon will, if asked,  also provide dual billing so that the employee gets billed for use of the personal side of the phone, while the corporation pays its bill directly.  Telefónica is working with LG and VMware on a similar offering in Europe.

Enterproid Divide will be offered by AT&T as a service called Toggle. Enterproid says it is working on versions of Divide for Windows Phone 7 and even iPhone, though whether it can comply with Apple’s complex and often obscure rules remains to be seen.

iPhone’s (and iPad’s) place in the enterprise would surely benefit from solutions like these, but it can probably hold its own without help. Apple has quietly worked with Microsoft for the past several years to give the iPhone the best Exchange support of any phone other than a BlackBerry Enterprise Server-backed BlackBerry. The manageability of an iPhone is not as comprehensive as what BES provides, but it is acceptable to many IT departments. The biggest problem is the deployment of corporate custom apps. (Good Technology provides BlackBerry-like server based support for iPhones, iPads, and select Android handsets.)

Windows Phone provides an interesting challenge. Its predecessor, Windows Mobile 6.5, offered extensive manageability through Microsoft Exchange Server. But the company decided to focus heavily on consumer markets when it developed Windows Phone 7 and it and its recent Mango update have very limited Exchange support. But with Microsoft looking for a bigger market, and especially with the new alliance with Nokia, a Windows Phone push into the enterprise looks inevitable. Built-in virtualization could be a nice differentiator.

 

 

Steve Wildstrom

Steve Wildstrom is veteran technology reporter, writer, and analyst based in the Washington, D.C. area. He created and wrote BusinessWeek’s Technology & You column for 15 years. Since leaving BusinessWeek in the fall of 2009, he has written his own blog, Wildstrom on Tech and has contributed to corporate blogs, including those of Cisco and AMD and also consults for major technology companies.
  • JohnnyMac

    Your readers might also like to know that RIM has a similar offering as part of their core enterprise solution now – called ‘BlackBerry Balance’. Balance fully segments personal use data from corporate data, and it’s a built-in solution; no cost and no extra server license and hardware/software needed. More information can be found at http://www.blackberry.com/balance

  • Surely any “solution” that doesn’t embrace iOS is ridiculously hamstrung. Also, wouldn’t it be better of you could secure corporate apps and data without having to confuse the user with which personality profile they are using? If you agree, why not check out Nukona’s approach at http://www.nukona.com

Protected by Gerben Law