As devices continue to gain traction in the enterprise, organizations are seeking the best way to manage BYOD. Many companies and MDM providers are turning to containerization, which separates corporate functions from personal functions on mobile devices.
By switching modes, the user begins running on an entirely different operating system. It appears to the user as if he or she is working from a completely different device, with different apps, contacts, etc. from the personal mode’s counterpart.
While this has its value for IT, end users aren’t always as enthusiastic about containerization, as it can interrupt the native experience. What should organziations consider before adopting containerization?
Pros & Cons
Containerization enables enhanced security because it is policy-enabled. It can completely cut off access to the corporate mode of the device if there is a security breach, without restricting the user’s access to personal files, apps and contacts. This approach lets IT maintain control, without violating personal information or use.
Protecting sensitive data and maintaining control are two elements that are closely related, but still slightly different. Containerization allows IT admin to feel more like they are “playing on their turf," hence why they feel as if they are more in control.
Control does not always mean risk-averse, however, and that is where containerization can become complicated. If IT becomes too comfortable with the level of control within the corporate container, they may not be giving proper concern to applications outside of the container that could still pose an enterprise threat.
In additions, one of the main concerns with containerization, as with many MDM solutions, is that it ruins the end-user experience. Users do not want to think about shifting personas every time they perform a simple mobile task, such as launching an app or sending a text.
Containerization is a nice idea in theory, but it is an IT-centric approach to solving a problem that’s caused by the users. By forcing employees to use something they don’t like, data is leaking out of the organization in more ways than anyone can count.
With containerization, IT is still diverting users away from how they want to work — even if it’s just a matter of the color scheme and design in the corporate persona. One reason you buy an Android, for example, is because you like the email client and native apps.
By enforcing a corporate persona on a personal device, the user is not content with their working device. In the work-anywhere business environment, users will always find ways to defeat corporate mode and be more productive by working how they prefer.
Protect the Data
For IT and end users to both be content with BYOD, access to files needs to be protected, irrespective of where they exist. In fact, even Apple’s iOS is starting to allow a data-oriented approach to containerization – not a physical container, but the idea of only letting corporate applications connect with other corporate applications.
With this solution, the native experience isn’t hindered, but IT controls the backend for corporate apps and data. This helps solve a problem that’s enterprise-oriented, but with a method that is also conducive to a better end-user experience and productivity.
If you’re going to choose containerization as an approach to solving BYOD, you need to play as natively as possible. Whatever app or file a user is accessing, it needs to feel as if it belongs there, regardless of who made the application.
Enterprise IT needs to enable corporate applications that behave how the end user expects them to — much like their consumer applications. This approach involves containerization of apps, data and users — not just the device and operating system.
If corporate apps only communicate with other corporate apps, and files are restricted to being opened in approved apps and by approved users, then the dream of balancing security and productivity in a mobile world may just become a reality.