Mobility

Use Divide to secure an iPhone for BYOD

Will Kelly reviews Divide, a secure workspace app for iOS, and tells us why he likes it for BYOD.

Many people say that the iPhone helped launch Bring Your Own Device (BYOD) into the phenomenon it is today. Of course, this is a matter of opinion, but I do keep my eyes open for easy-to-use BYOD security and management tools that support the iPhone that organizations can implement without taxing a lot of technical resources. I give extra points if they have a great user experience on the mobile app side.

Recently, I came across Divide, a secure workspace app that I like for BYOD iPhones, especially for Small to Medium Businesses (SMBs) and even larger enterprises who are launching BYOD initiatives.

The Divide app is available for both iOS and Android. There are two versions to choose from:

  • Divide Basic is free and doesn't require backend management tools
  • Divide Enterprise cost $5.00 (USD)/month per user

Setting up Divide

I used Divide Basic during the writing of this post. Setting up a secure workspace with Divide is easy. After downloading and opening the app, tap Enable Secure Workspace. The app then prompts you to setup your email. Enter your email credential, and then tap Activate. Figure A shows the Setup Email screen: Figure A

Setup Email Screen in the Divide app.

Divide offers the following options for setting a screen lock over the secure workspace it creates:

  • No Password
  • Set Pin
  • Set Password
Once you set a screen lock, Divide proceeds to setup your secure workspace. This is the kind of simple setup that makes Divide worth a look for SMBs and even larger enterprises who may not have the available technical resources to lock down BYOD iOS devices. Figure B shows the secure workspace setting pulling in contacts from my Google Apps for Business account: Figure B

Setting up a secure workspace in Divide.

The Divide app supports Exchange ActiveSync, Google Apps, and other major enterprise email platforms. I ran my test using a Google Apps account, and it was pain free. In fact, the setup could be accomplished by a novice iPhone user.

Inside the Divide secure workspace

The Divide secure workspace includes the following features:

  • Mail client
  • Contacts
  • Calendar
  • Feedback
  • Settings
  • Secure browser with shortcuts for web apps
  • Support

LinkedIn, Salesforce, and Box also appear, even if you don't have those apps installed on your device.

Mail with Divide

My fat fingers and I have a love/hate relationship with iOS mail, so I was anxious to try out the mail app available in the workspace. While it follows nearly the same design as the iOS mail app, the Divide mail app seems to have a friendlier layout. The bottom line is that users won't be shortchanged on features at all. I didn't notice any lapses in performance from using mail inside the Divide secure container vs. my usual iOS app. Figure C shows the Divide mail app: Figure C

The Divide mail app.

Contacts with Divide

The Contact app is very user friendly and even lets you select Favorites from your corporate contacts for easier access. However, the ownership of business contacts can be an overlooked challenge for BYOD initiatives. For example, think of the corporate sales person who has a smartphone full of your existing customer contacts and prospects. If that person leaves the company, his phone still has that critical information. The Divide secure container could be a potential option for segregating corporate contacts from personal contacts on a phone. When the employee leaves the company, you can wipe the corporate contacts from his or her device.

Secure browser

Divide also includes a secure browser from which you can add shortcuts to corporate web apps. Figure D shows the secure browser open in the Divide workspace: Figure D

Secure browser in Divide.

Divide Settings

The Divide secure container includes typical settings that govern the user experience. There also are a few nice touches, like an email signature for "Sent via Divide iOS" and a big red button at the bottom to Wipe Divide from the iOS device. A user could take themselves out of a BYOD program all by themselves, without intervention from IT. Figure E shows the Divide Settings screen: Figure E

The Divide Settings screen.

IT management of Divide

Divide Enterprise includes cloud-based management tools, which I prefer for SMBs and other organizations that want to make a gradual move to BYOD. The cloud features include:

  • Remote management support
  • Screen lock enforcement
  • Corporate-only data wipe
  • Cloud-based activation and deployment of Divide to iOS and Android devices

Go to Divide for BYOD

From a pure setup and user experience perspective, Divide is a viable BYOD security option for SMBs. Consider taking Divide for a test drive, whether you're looking for full deployment or if you want to be IT resource conservative in your initial BYOD launch. Do you have experience with Divide? Share your opinion of this app in the discussion thread below.

Also read

TechRepublic and ZDNet delve deeper into this topic in a special report page: BYOD and the Consumerization of IT.

About

Will Kelly is a freelance technical writer and analyst currently focusing on enterprise mobility, Bring Your Own Device (BYOD), and the consumerization of IT. He has also written about cloud computing, Big Data, virtualization, project management ap...

9 comments
onlinejimk
onlinejimk

Will Divide be made available to the tablet side of Mobile also, and in what time-frame?

DividebyEnterproid
DividebyEnterproid

Thanks for the post about Divide! We're glad you like it as much as we do. I can answer any questions you have about Divide or you can tweet your questions @Divide and we can answer them from there. Best, The Divide Team

Michael Kassner
Michael Kassner

I may have missed it, but what is the advantage to this? It is just another layer on top that relies on the underlying security.

mountjl
mountjl

How is a system admin meant to enforce any policies? How can they ensure that end users are employing a system like Divide and not connecting directly to a mail server using the native mail client in their device?

securitycrush
securitycrush

It's great to see another player in this space. Some concerns I think about when thinking about applications such as these in general, and with Divide in particular: 1) Enterproid (makers of Divide) mention FIPS validated AES-256 encryption but no mention that devices need to be configured for FIPS mode. 2) Apple iOS has not been finalized as being approved by the Cryptographic Module Validation Programs for FIPS 140-2 accreditation. Apple iOS CoreCrypto Module is in the Coordination phase, and the iOS CoreCrypto Kernel Module is still under Review. So, stating that a product meets FIPS validation for AES-256 means nothing when the device's cryptographic module has not been approved.

SabrinaS-e160e
SabrinaS-e160e

Good to know about it, but presently i am suing comodo antivirus for my android phone, i am safe with it!

DividebyEnterproid
DividebyEnterproid

Hi Michael, Divide is different than other solutions because we have tackled the problem is a different way. Our main advantage is that we are device agnostic concerning all Android and iOS devices. With many hypervisor solutions, users will be limited to specific models. Divide also does not rely on the device's security. We are a fully functioning workspace within the device that provides government grade security. It doesn't matter what your users do on their personal side since the data is completely split. -Divide Team

DividebyEnterproid
DividebyEnterproid

Hi Mountjl, Divide has a cloud based manager where a system admin can create groups and enforce policies. We also work with system admins to ensure that they can lock down their exchange protocols to only communicate with the Divide Container so that their employees can't use other third party apps to connect. I hope that helps. If you have any questions please keep them coming!

DividebyEnterproid
DividebyEnterproid

Hi Securitycrush, Great questions. I'll try and answer as best I can to provide some clarification. FIPS validation Our unique approach ensures enterprise security and control without compromising personal freedom and privacy for the employee. So no matter what is being done on the personal side does not effect the Divide container in anyway. The Divide container uses the OpenSSL v2.0.1 FIPS 140-2 Level 1 validated encryption algorithm to provide a secure container for enterprise data. You can find the certificate number for this module is 1747 with the details here: http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/1401val2012.htm?#1747 Let me know if that alleviates your concerns. -Divide Team