New ideas in IT go through a long distillation process. Someone invents the idea, vendors talk about new product concepts, analysts weigh in on the value. Eventually, a new category of hardware or software materializes, but rarely in a fully formed state. With mobile virtualization, the pedigree is sound: Most organizations use some form of server virtualization in their data centers.
Now, IT executives are faced with a new form of virtualization that takes place on smartphones. The idea is to run two instances of an operating system on the same phone. That way, employees (and IT) can relegate personal apps and services to one OS and business services to a more secure OS. There are two distinct approaches:
[ Understand how to both manage and benefit from the consumerization of IT trend with InfoWorld's "Consumerization Digital Spotlight" PDF special report. | Subscribe to InfoWorld's Consumerization of IT newsletter today, then join our #CoIT discussion group at LinkedIn. ]
Type 1 runs at the root hardware level and requires participation form the OEM phone maker, while Type 2 virtualization runs as a secure app on any device.
As analyst Chris Hazelton with The 451 Group notes, there are pros and cons to each approach. Root level virtualization is more secure, he says, and means trusted access to root-level services such as Bluetooth connectivity or firmware changes. The downside is that this root level access often requires permission and cooperation from phone vendors like Samsung and Motorola. "This involves longer sales cycles, meaning limited device reach, and many layers of management (people) to go through," he says.
Meanwhile, mobile virtualization software that runs as an app can mean easier deployment to more devices in a shorter timeframe. Type 2 virtualization is inherently less secure, he says, because the software does not work at the hardware layer. And, Type 2 may run slower than native apps.
Mobile virtualization meets the challenge
Either approach will address a fundamental problem within many organizations: the dreaded BYOD (bring your own device) conundrum. The reality of IT is that employees will bring their favored device into work, tap into company resources, and can compromise your security infrastructure. In fact, IDC estimates that 55 percent of all smartphones used in business will be employee owned by 2015. Mobile virtualization provides a way to meet this challenge head on, and even fully resolve it.
"Enterprise data can be kept separate from consumer applications and potential mobile malware," says Hazelton. "Any data within the virtualized environment is encrypted, preventing outside applications from accessing or interacting with corporate data and apps. IT can mandate a password on the corporate side of the device, letting users avoid password protection for consumer apps for the camera, social networks, personal emails, [and other apps]. If the employee leaves or the device is lost or stolen, IT can wipe the enterprise data without touching personal data."
"The idea of mobile device virtualization is to create a partition between enterprise and consumer apps and data," adds Stacey Crook, a mobile enterprise analyst at IDC. "Once device virtualization is applied, the device can run two OS's that are completely separate from each other. Companies will be interested in doing this to protect their sensitive corporate data from viruses and data loss."