Containerisation: the winning strategy for BYOD mobility

With personal smartphones and tablets now nearly ubiquitous among professionals, there are myriad opportunities for empowering mobile users with bring your own device (BYOD). Many professional roles are performed best when people have access to the information they need, when they need it, wherever they may be.  People tend to develop strong attachments to the devices they carry for their personal communication needs and are often averse to the inconvenience of carrying a second, ‘non-personal’ mobile device to perform essentially the same function for professional purposes.

It was recently predicted by analyst firm Gartner that by 2016 one fifth of enterprise BYOD programmes would fail because businesses are dictating MDM policies on employee-owned devices that are far too heavy-handed, making the concept less attractive to employees.  While for BYOD programmes to be a success employees need to be happy, it is also fundamental that the organisation can ensure its data is protected.  At a time when mobile malware is increasing at a rapid rate, with security firm Kaspersky stating that 104,421 mobile malware samples were found in 2013 alone, businesses quite clearly feel that they need to heavily manage all devices – personal or not – in order to avoid their information falling into the wrong hands.

BYOD a natural fit across enterprises

There are a variety of sectors where BYOD can increase productivity and facilitate ease of access to information at all times.  Healthcare professionals, for instance, need access to electronic health records as they move among patient rooms, offices, laboratories, and other facilities, as well as at home when they may be on-call.  Field sales people need access to multiple back-office systems for inventory checking, order processing, and issue resolution.  Countless other professionals have an ongoing need for quick mobile access to enterprise resources, usually with a strong need for security. Virtually all would prefer to conduct that secure access on the portable devices they have already selected as their preferred solution for personal use.

Mobile and collaborative needs for enterprise access originally drove organisations toward supplying these professionals with enterprise-supplied, managed devices. However, resistance towards carrying two devices presented an opportunity for an improved solution that satisfies the needs of both IT professionals and the mobile users they serve.

>See also: Taking mobility by the reins: the rise and fall of BYOD

BYOD as IT relief

BYOD is often seen as an IT challenge where the need for protection against data theft and unauthorised access must be balanced with users’ needs for personal-device flexibility and freedom of use.

Furthermore, IT departments are not accustomed to supporting users that can select their own computing platform and operating systems, as it is far more efficient for IT to set standards for the hardware and software it is responsible for supporting.

Unlike desktop/laptop computing, the smartphone and tablet markets offer a rapidly growing number of devices and OS varieties. However, when IT is no longer responsible for managing the device, there are significant advantages for both enterprise IT and end users. Given a safe and secure access methodology, IT should be no more obligated to support a personal smart device than it is obligated to support users’ home computers. Users in turn gain the ability to share information and access enterprise resources on the device they have already mastered for personal use.

Without the requirement to manage the device and OS – and with the right BYOD platform delivering an innovative approach to secure mobile access – IT is free to focus on the core issue at hand: securing informational assets and protecting enterprise resources.

Containerisation as a winning strategy for BYOD mobility

Unlike MDM solutions, which manage the mobile device and all of its contents, containerisation is uniquely suited to BYOD because it segregates enterprise and personal assets in the device.

IT establishes and manages encrypted, policy-enforced ‘containers’ within each personal device that give controlled access to email, documents, and applications. Enterprise data is encrypted, and if a device is lost or stolen, IT can wipe the containers without disturbing personal assets. There is no enterprise need for users to set device level security, as only their personal data is at risk should they choose to leave their devices unprotected.

To further protect the enterprise, communications with containers can be conducted over a private communications channel that encrypts and authenticates each connection, eliminating the need for virtual private networks (VPNs) or other inbound TCP/IP connections to the enterprise network. This approach shields the network from probes, attacks, malware, and compromised devices, as only the secure containers connect to the enterprise network.

By completely isolating personal assets from enterprise assets and the enterprise network, containerisation keeps the personal device ‘personal’, and free to be used for non-enterprise purposes.  Users are able to use the devices they carry at all times for convenient and secured enterprise access, with that access as familiar as all other device use.

>See also: FEATURE: Mobile collaboration in the enterprise

Containerisation and MDM

Containerisation may not solve each enterprise need for every mobile user, and containers and MDM do not need to be viewed as mutually exclusive, but may be mixed and matched according to mobility roles.

For employees who need routine access to email, shared documents, intranet sites and HTML or hybrid apps, containerisation is typically sufficient to enable productive mobility that is both secure and convenient. Other roles may warrant MDM, especially when the job function is completely mobile or requires information access beyond email/PIM, documents and intranet apps. In such cases, it may be simpler to supply enterprise-owned devices completely managed by IT. Even then, the use of containers within the enterprise-owned device can add an additional layer of security and application management.

The ability of BYOD and MDM to coexist relieves IT from the burden of having to manage every mobile device used for enterprise access, and relieves users from being subject to a one-size-fits-all approach to mobility. As long as employees are informed as to the reasons they’re getting containers or MDM, and how these measures protect both employee and enterprise, the result will likely be a much more satisfied, mobile-empowered workforce.

BYOD is rapidly becoming an enterprise fact of life. Thanks to the introduction of new technologies that make it practical, workable and secure, the BYOD dilemma – balancing the needs of the enterprise with the demands of its users – has been greatly diminished. Now is the time to consider containerisation as the means to increasing mobile productivity and improving collaboration while controlling costs and keeping IT focussed on managing applications, rather than devices.


This article was contributed by Jonathan Foulkes, VP of mobile product management at Kaseya

Avatar photo

Ben Rossi

Ben was Vitesse Media's editorial director, leading content creation and editorial strategy across all Vitesse products, including its market-leading B2B and consumer magazines, websites, research and...

Related Topics