But sandboxing is a Band-Aid approach: It separates the user experience as well, so you have to check multiple calendars, contacts lists, and email inboxes -- a surefire way to double-book yourself. But it's the fallback that IT and users alike can count on to separate business and personal.
Cloudsourcing. All the major mobile OSes -- now that BlackBerry OS 6 includes a WebKit-based browser -- can run apps from the cloud, whether public or private. So businesses can provision Web-based apps whose data never resides on the mobile device. It's a perfectly sensible way for businesses ilarge and small to provision apps across devices, especially as wireless broadband becomes nearly uniiversally available (it's even in aircraft now). But it becomes awkward for mainstay tasks such as email and calendars for the same reason as sandboxing: Users have to jump back and forth between isolated views of calendars and so on that are better seen as a whole. Still, it's an option.
As HTML5 adds more capabilities, including local storage and support for geolocation and other mobile sensors, such Web apps could become more popular, though the notion of local storage raises once again the issue of how to secure the corporate data. IT may have to create local applets to do so, says Tom Goguen, vice president of enterprise product development at RIM; he notes that the BlackBerry developer environment offers a widgets capability that can be used for such management.
Thin clients. One of the most popular iOS apps in the Apple App Store's Business category is consistently Citrix Systems' Citrix Receiver app, which lets you run Windows apps from an iPhone, iPod Touch, or iPad. (It's available for Android and BlackBerry as well.) Just like desktop thin clients, the mobile thin client provides a pane of glass to a Windows terminal services environment, so you can run apps and access files across the Internet regardless of the device you use. And IT gets the complete separation of data needed to meet the stringent security requirements at highly regulated companies, notes Chris Fleck, vice president of community and solutions development at Citrix.
On a smartphone, working with the back-end app such as Microsoft Office for Windows is a pain, as most such apps are designed for a full desktop monitor and thus require endless scrolling on a small screen, but on an iPad, I found it really easy to run Windows Office via Citrix Receiver. Citrix and competitors such as Wyse Technology have done the necessary UI conversion for their mobile clients, such as converting touch-based gestures to keyboard shortcuts and mouse movements, so server-based apps not designed for mobile UIs nonethless can work with them.
Client virtualization. This doesn't exist yet, but EMC VMware is working on it. It's more technically complex for the vendor than source tagging, but it provides an advantage for IT that source tagging cannot: It lets IT write one version of a mobile app that works (via a virtual machine) on multiple mobile OSes. The concept is more like Java than traditional desktop virtualization; I tend to think of client virtualization as allowing non-native apps and related services to run on a software abstraction layer (SAL) on top of the operating system. Thus, companies would create VMware client apps that ran on iOS, BlackBerry, WebOS, and so on through this SAL.
Perhaps VMware could deliver a more complex form of client virtualization that included a subset of Windows to also provide access to Windows apps that may have no mobile clients (workable on an iPad or slate, though painful on a smartphone), such as for emergency management of a server by an off-duty IT admin.
In VMware's view, smartphones would have multiple profiles -- a personal default one from the operating system, with additions as desired, such as one provisioned by the company. IT could manage the company profile remotely, and all data and apps are stored in or associated to that profile. Users wouldn't see these profiles as distinct operating system; the calendar would appear to be unified, for example, with perhaps different colors for different accounts as iOS and the rest already do. But under the scenes they would be separate, unified at the interface level by the virtualization software.
Also, users wouldn't launch a virtualization app as a Mac user today might launch Parallels Desktop or VMware Fusion to run Windows and Windows apps. Instead, mobile OS vendors would include the client in the operating system, so it launches as needed when you open an app from your home or equivalent screen, says Srinivas Krishnamurti, senior director of mobile solutions at EMC VMware. He says today's smartphones have fast enough processors and enough memory to run such an embedded client, especially because the client virualization that VMware envisions for mobile is not the full-on OS environment à la VDI but functions more on the app level.