AT&T Next, T-Mobile JUMP!,
and Verizon Edge offer consumers the option to upgrade their smartphones every year.
Even with the additional costs, smartphone
users flock to these programs. In turn, Bring Your Own Device (BYOD)
programs are going to see more employees wanting to provision their Android
I had a discussion recently with Ben Goodman, Lead
Evangelist for VMware Horizon Suite, about the role
virtualization can play in a BYOD program.
Discovering the potential of virtualization for BYOD
According to Goodman, VMware often gets called in to talk to customers and analysts
about BYOD. “There’s a lot that we don’t
know since it’s such a new concept. It runs completely counter to what corporate
IT has been doing for the last 20 years. Everything about corporate IT has
been about control through ownership. We own the desktop. We own the software
on the desktop. We own the network. We own the server. The apps on the server.
The data center.”
“Now, we’re moving into a world where the apps could be SaaS
or cloud-based running in someone else’s public cloud or in a public data
center. People could be accessing those services over 3G, 4G, public Wi-Fi, and
using a Bring Your Own Device,” says Goodman.
“Our customers are dealing with the situation of how do we
move from a world where we had control through ownership, and we owned
everything, to a world where we effectively own nothing. It’s a massive change.” Goodman continues, “VMware has been focusing our assets around
virtualization and the virtual desktop to help corporate IT regain lost
control. That’s been a real focus for our whole Horizon strategy.”
Based on client discussions and market changes, VMware began seeing virtualization providing some interesting BYOD options for the
“From a smartphone perspective, the interesting thing is
Android. Android is this new kind of animal in the zoo that’s starting to make
its way into the enterprise, but it’s permeating into enterprises at a dramatically
slower rate than it has the general population,” Goodman relates. “We are
seeing Android as high as 70% of smartphones in some analysis. Yet, when we talk
to corporate IT people, Android doesn’t have much penetration. Some
will allow it, but very few support it.”
VMware dug further into the state of Android. “So, we had a
lot of conversations with corporate IT, about why Android isn’t making it
into your organization.” Goodman continues, “We got basically two answers.
The first one was security, and it’s a valid concern. There are issues in terms
of certificates and malware that exist in Android, but they are
manageable to a certain extent.”
“The second and even greater issue when
we talk to customers was the concern around fragmentation,” says Goodman. “Of
course, customers never say fragmentation. That’s a vendor word. They say things
like ‘there are too many versions of Android’ or ‘there are too many flavors of
Android’ or ‘I don’t want to support that many copies of an operating system.’”
Goodman relates, “It’s a valid concern when you think about
it. I believe the #1 version of Android out there is Gingerbread, which is an older release. When
you add that to Honeycomb, Ice Cream Sandwich, Jelly Bean, and the LG version
vs. the HTC version vs. the Samsung version — it becomes really untenable
in terms of trying to support it all, so customers back away.”
Enter the mobile hypervisor
So, VMware thought this was a perfect example where
virtualization could potentially help the situation. In what has been pretty
much a massive development project, VMware developed a mobile hypervisor.
This provides the capability to run a fully virtualized copy of Android as a guest on
a physical host’s Android handset. What’s exciting about this is that organizations can use
an off-the-shelf handset.
Provisioning the hypervisor is made easy for end users. They
can enable their phones to have a mobile hypervisor and run a virtual copy of
Android that’s fully managed by corporate IT. They control the look of that
virtual copy, the feel, the applications that can be installed on it, and the password policies. The virtual machine is
fully encrypted with AES 256 bit encryption, and it has a VPN on the back of it. This really is a highly secure, highly managed workspace inside of a personal phone.
“We think this nails the BYOD problem right on the head,”
says Goodman. The VMware solution — a highly secure mobile hypervisor that’s
easy to provision — challenges up-and-coming solutions like Samsung KNOX and even
goes one step further by not limiting itself to just one Android ecosystem.
An employee can bring in the latest Android phone, download
an enabler from the Google Play Store, and be ready to get to work on the personal phone
with a secure corporate workspace (you can’t install malware, because you can’t install software on the device). Figure A shows an example of the VMware
Switch application, which launches VMware Horizon Suite on an Android smartphone:
VMware Switch application.
Figure B shows a VMware Horizon Suite workspace running on an
VMware Horizon Suite.
“You can’t get any data off of the device that we don’t want you to get
off of it. It’s highly secure. And the flip side is that corporate IT has
absolutely no access to the personal side of the phone,” states Goodman. “So, when corporate IT wants to wipe or lock the workspace, it does
that completely independently of your personal space.”
The mobile hypervisor solution for Android smartphones
offers the ideal segregation between personal and business on a smartphone. Exploring
virtualization options such as this can
alleviate a number of security concerns while offering your BYOD users the
option to use the latest Android smartphone of their choice, regardless of what operating
system it’s running.