The official hub of The Enterprise Mobility Foundation
Want more than just blog posts? Login or Sign up for a free acount and get research, videos, slide decks and more! Join the online social network for Enterprise Mobility.

To Containerize or Not Containerize? That Is The Enterprise Mobility Question!

Admittedly, unless you’re a wannabe Thespian, that was a pretty horrible title for a missive.  That said, I do feel as if it does a pretty good job of summarizing what seems to be the next great Topic du Jour – or at the very least, the latest idea to battle the “Voldemort of Enterprise Mobility.

While they may be a “new-ish” topic, containers for mobility are by no means a new concept.  Heck, some companies have been selling – with varying degrees of success – containers for PIM (i.e., email, contacts and calendar) for years.

But as we continue to open up the can of worms of that Four-Letter acronym that I just can’t seem to say anymore, I can’t help but wonder if some containers make more sense than others.  I’m saying this because it seems as if there are new solutions emerging every day to put “stuff” into a container.  But does it make sense to do that? Let’s go through some scenarios:

  • Containerize the entire OS:  One could argue that it’s a “blunt instrument,” but there’s an equally valid argument that it’s the simplest way to implement that dual persona concept.  One side of the device is for personal stuff, and one side is for work.  You can’t really get simpler than that.
  • Containerize the email:  Honestly, this one has always been a head scratcher.  Why would you want a 2nd email client, and a 2nd contact list or a 2nd calendar when the one that your mobile device provided you is perfectly adequate?  What’s more, there’s a trend of INTEGRATING all your calendars, contacts and calendars into ONE view (because you are ONE person) – so why would you try to block this trend?
  • Containerize your documents:  This one makes perfect sense to me.  It’s nothing but a (very intelligent) folder for your corporate files.  The “folder” wraps the totality of all your work documents and protects the data by potentially preventing you from copying/forwarding/sharing the files unless the permissions have been set by someone else.  Makes perfect sense to me.
  • Containerize your apps:  On the flip side, this one is as much of a head scratcher as is an email container.  Why would I want ONE container for ALL my apps?  That’s like saying I just need to have one VPN port available.  Besides, you can wrap apps individually and give them the individual policies and access rights for that added level on granularity.
  • Containerize your device:  It’s called a bumper or cover.  I add this one only in gest because of people who seem to crack their device’s screens on a regular basis.  I’m looking at you EMF member;-)

So what do you think about containers for enterprise mobility?  I’d love to hear your thoughts on the pros and cons of each one.

3 Comments

  1. Posted March 7, 2013 at 18:49 | Permalink

    Love your writing, Phillipe! I fully agree with the you-know-what acronym being abused by the industry. Containers are, as you say, by no means a new concept. What is new, however, is the way we containerize and what we containerize, and you have articulated it perfectly.

    Even before we consider containers, however, we need to understand the objective; what are we trying to accomplish? If it is just providing email access on personal mobile devices, #2 from your list works just fine. The containerization approach worked when email was the only app companies wanted to mobilize. But as organizations are reimagining their businesses in the mobile age and want to mobilize more apps, the sandboxing approach falls short. Any app that needs protection has to be built in or modified to fit into the sandbox. With the growing diversity of applications, that approach simply isn’t ideal anymore.

    Alternatively, MAM addresses these limitations while meeting the core corporate security needs. MAM technology allows companies to “wrap” their corporate apps and the data tied to them in their own security and management layers. This gives enterprises complete control of their apps and data while leaving the rest of the user-owned information untouched. In contrast to the legacy containerization approach, it does this without any additional overhead in the form of affecting device usage or source code modifications.

    With MAM, controls such as authentication, encryption, data loss prevention and expiration can all be applied to corporate apps and other resources on otherwise unmanaged, user-owned devices. In this way, complete end-to-end visibility and control over where sensitive data is flowing – regardless of what mobile application or service is being used to traffic the data – can be achieved, and just as importantly maintained. Recent advancements in MAM also allow multiple corporate apps to communicate with each other, securely. MAM also now allows traffic segregation so that all traffic from corporate apps can be routed through the corporate network, while the personal traffic is left unmonitored to maintain the privacy of the user.

    As for containerizing the device with a cover, well, you will be happy to see my new iPhone 5 when I see you next week!

    –Swarna.

    Thumb up 1 Thumb down 0

  2. Posted March 8, 2013 at 07:32 | Permalink

    This is another one of the classic “it depends” business issue. There are many different business, use and cost justifications that will support all of the different app security models. The question is which one(s) are right for your business model and which one(s) will gain the most traction in the market allowing the vendor to pull ahead of the others.

    I believe that there is a very real difference between App Security and Secure Apps:

    App Security is where I bring you a mobile App and you make it secure (container, wrapper, dual persona, virtualization…).

    Secure Apps are where I develop a packaged App and deliver it to you in a secure fashion, ideally using the App Security above.

    The reason that I think that this distinction is important is because you have to determine who you trust to do what. I want the best security experts in the industry building App Security and that is all that I want them to do. I want the best and most innovative App developers creating Secure Apps because it is not just about security, but about feature, function and end user experience.

    Putting the two together in one platform is certainly possible, but you need to ask very different questions when you evaluate App Security vs. Secure Apps.

    Thumb up 0 Thumb down 0

  3. Posted March 16, 2013 at 06:30 | Permalink

    What do you want to secure? Can the security be circumvented? Does it diminish usability or the cool factor? All head scratchers for me.

    Thumb up 0 Thumb down 0

Post a Comment

You must be logged in to post a comment.