At first blush, Google's purchase of Divide this week seems like way too little, way too late. But even if its dual-persona mobile-security approach isn't the right battle tactic, Android security is the war that needs to be fought. And maybe now it will be.
Ironically, had Google purchased Divide a year ago, it would have looked brilliant. Last spring, dual-persona mobile devices were all the rage; they were smartphones that had a personal space and a workspace, keeping applications and data safe and separate. IT shops loved the idea. Sure, the dual-persona approach had been around for a few years: It was part of BlackBerry's hoped-for rebirth, using its Balance technology. Enterproid, later renamed Divide, offered the technology for Android in 2011. Open Kernel Labs had a similar approach in 2012, and defense giant General Dynamics later bought it to offer dual-persona Android devices to the military.
[ Making sense of mobile device, app, and information management. | Mobile security: iOS vs. Android vs. BlackBerry vs. Windows Phone. | Keep up on key mobile developments and insights with the Mobilize newsletter. ]
But no one really cared until Samsung announced Knox in February 2013. Suddenly, dual-persona smartphones got IT's attention outside the military-industrial complex. Samsung was going all-in on Android security, an aspect of the mobile platform to which Google had long only paid lip service. In fact, Google cared so little about mobile security that it disbanded its highly respected 3LM security team, acquired when it bought Motorola Mobility. Given Android's huge popularity outside the enterprise, IT feared those unsecured devices would eventually break in, so the Knox promise seemed like manna from heaven.
Dual-persona mobile security isn't catching on
Here we are a year later, and Knox is struggling. The first version of Knox didn't live up to Samsung's promises, it was not widely available, and it came with sticker shock. News reports indicated the feds were unhappy with how Knox worked in practice. Today, the dual-persona frenzy in IT seems to have dissipated, and the newly released Knox 2.0 is struggling for attention.
It's not just Knox: BlackBerry keeps losing market share, even in the allegedly security-concerned enterprise -- Balance simply hasn't helped. The Divide product came and went as a relabeled AT&T offering and is rarely sighted in the real world. General Dynamics' military Android effort likewise seems stalled -- it's certainly invisible in the world at large -- even as defense agencies have certified iOS along with Knox and BlackBerry for most employees.
The bottom line: Dual-persona mobile security feels like a dead end.
Part of the issue is that switching personas is annoying to users. I can attest to that from my experience with BlackBerry Balance. BlackBerry did a good job with Balance's design, but even good design doesn't overcome the fact that you have to switch modes, and on a smartphone, you switch between personal and business modes a lot. It makes more sense to separate the data and apps under the hood, as some mobile-management tools allow on iOS and Android. Essentially, they let the originating server own its data and apps and manage them directly. Enhanced policies on data sharing offer easier control of data flow across apps, especially in iOS, which requires developers to whitelist sharing and makes sharing an explicit user action.