Can Dual-Identity Smartphones Solve Corporate and Personal Split? (Part 1)
Can Dual-Identity Smartphones Solve Corporate and Personal Split? (Part 1) by UCStrategies Staff
By late 2013, it will be possible to purchase smartphones with more options for the dual-purpose user. Consumers will have the ability to choose either the hypervisor software or utilize a new application that makes it possible to run two interfaces – one for work and one for personal use.
This new technology may finally address the security issue that has become increasingly common in the workplace. Since many employees are now using their personal devices at work to correspond with clients and access private corporate data, the issue of needing to protect sensitive information comes into play. Employers want to have the ability to wipe the devices remotely in the case of theft, loss, or if the employee leaves the company. This has been known to cause friction between employees and employers.
The recent trend of “bring-your-own-device” (BYOD) has allowed mobile workers to become more efficient and effective by enabling them to use their personal mobile devices for work purposes as well. At the same time, BYOD has ushered in a new host of data management and security questions for employers. Corporate BYOD policies, for example, restrict which devices are allowed based on the company’s mobile device management software.
In 2013, software and mobile device manufacturers will make is possible to run two cases of the same operating system on the employee’s smartphone. This gives the company control over their sensitive data while still allowing employees to maintain privacy over their personal data. This new technology will also keep employees’ personal data safe from corporate IT and protect it from being wiped.
Two of the leading software companies in this upcoming development are VMware and Red Bend, both of whom have already signed OEM agreements with certain smartphone manufacturers. These two companies will be the first to create dual-identity mobile devices using several popular models.
The smartphone virtualization market has two distinct approaches, however, and they depend entirely on which hypervisor, Type 1 or Type 2, is being use by the software provider.
The hardware-based Type 1 hypervisor operates by producing a second copy of the OS and then running both instances in two different processor regions. The Type 2 hypervisor, on the other hand, works as a guest OS on top of the host OS, rather than parallel to it. To access the hardware, then, the guest must communicate through the host OS first.
Of the two, the Type 1 hypervisor technology is viewed as more secure because it is assimilated into the processor, according to Gartner’s vice president and analyst, Ken Dulaney.
Red Bend is set to release their Type 1 hypervisor next year, which will operate on a newer generation of mobile processors. The company is currently in partnership with ARM, which is working on a Cortex-A15 processor that will function well with mobile virtualization. Lori Sylvia, Red Bend’s executive vice president of marketing, describes it as “the best security combined with the best performance.”
ARM has also worked with AMD to create the new x86 processors that are enhanced for virtualized smartphones.
Even though it more secure than devices today, Dulaney views the Type 1 hypervisor as a clunky technology since it requires booting both operating systems. Dulaney says that many users “reject this kind of operation because you have to go back and forth between the two OSes.”
While Sylvia acknowledges this issue, she said it does not adversely affect performance and maintains the “standard Android boot time.”
“In Red Bend’s solution,” Sylvia explains, “the personal virtual phone boots first, and then the virtual work phone boots second. After the first one is running, it takes a few moments and then the second one is good to go, too.” As for what goes into the work-phone specifically, it “will all be customized on the back end by the IT admins,” she says.
At a recent meeting with Computerworld, Sylvia showed attendees how the Red Bend technology works using an Android-enabled Samsung Galaxy Nexus.
During the demo, she showed how smoothly the device moved between the interfaces by having a caller from the phone’s corporate contact list call in while using the private user interface. Automatically, the phone switched to the business interface.
She claims that the performance “can be totally optimized” due to the fact that the user only sees “one instance at a time.” “The other OS is there,” she continues, “but it’s not consuming the same resources at the same time.”
Other smartphone manufactures are considering different UI implementations for switching between interfaces. One such option is a home screen icon that, upon being pressed, will switch between corporate and private instances. According to Sylvia, “the [ones] we’re working with are designing their phones to be virtualized. So the issues of additional RAM, which is the main requirement for this hypervisor, will be addressed on an enterprise-ready phone.”
Although Red Bend began in 1999 writing software to enable upgrades on AOL browser, they moved into the mobile sector in 2003 by introducing the Firmware Over The Air (FOTA) technology. FOTA is now used for mobile OS and application updates on 1.6 billion mobile devices.
In 2010, when Red Bend gained VirtualLogix, they began work on its mobile virtualization platform.
Once this technology becomes available to consumers in the latter half of 2013, a user who wishes to use a dual-identity smartphone need only inform the corporate IT admins about the type of device they have. Assuming the company has Rend Bend’s Software Management Center installed on its mobile device management (MDM) servers, the software can then begin the OMA Device Management session. This session will then send a delta file to the phone, which copies the Android operating system to produce a second instance on the smartphone.
From there, the IT administrator will be able to customize the specific “corporate image” on the smartphone. This could include, but is not limited to, a VPN, meeting apps, and access to the corporate email system. (RP)
Also on UCStrategies.com on this topic: