214 997-3385

As mobile devices quickly become the primary computing platform, bring your own device (BYOD) solutions attempt to enable employees to use their single personal mobile device for all aspects of life consumer as well as business. Below is a quick look at the different mobile strategy approaches for BYOD and the strengths of each method. As you will see, the evolution of the mobile user environment involves increasing complexity because of the nature of mobile engagement and therefore businesses of all sizes need to consider not just costs but a variety of factors in choosing the most optimal integration.  This part of BYOD will continue to evolve.

Mobile Device Management (MDM) requires managing the entire device and protecting valuable company information assets. Typically MDM vendor systems have an easy to download client and a reporting backend that can either be hosted in-house or available through a vendor-sponsored cloud service. A key benefit in MDM environments allows unrestricted application choice meaning users can easily jump between multiple applications and solutions and they typically scale across entire product families. However, all applications must operate in the same execution environment and personal applications are considered a potential security threat to both business information assets and the applications that support them. Personal mobile apps can get “blacklisted” meaning the MDM system will block their use altogether.  To solve this a “dual persona” solution companies can complement MDM by offering an environment where personal applications are allowed to be downloaded, accessed and used without IT oversight or corporate liability as it relates to the nature of the content.

Encapsulation. Many companies use encapsulation or containment.  This requires mobile applications to be modified to operate inside a secure shell where all input/output (I/O) is encrypted and immediately routed off so that the device is linked to an Internet accessible secure server. Simple right? This approach typically ensures that business applications and their I/O are secure from personal application attacks which of course is not always the case.  SDKs, tools, and peer experts are typically provided to assist a company’s in-house software development team as they build, test, and deploy the wrapped mobile applications needed for business. Once encapsulated, the overhead to installing business applications on the device is very low and management and reporting are typically done on either an in-house server or a vendor-supported, cloud-based service. Encapsulation-based approaches enable all applications, both business and personal, to operate in the same mobile environment without the overhead of a monitoring system. By isolating each business application with a protective shell and I/O encryption, the ability to work in concert with a number of business applications is restricted, thereby reducing application agility.


Hypervisor. Another approach to implementing dual persona is through machine-based virtualization. While this approach is highly successful on servers and desktops, virtualization requires the integration of a hypervisor into the mobile OS by either the wireless carrier or device manufacturer. To support dual persona, the hypervisor must emulate two independent physical devices in software as virtual machines (VMs) each supporting their own operating system and application stack. This allows for two completely independent virtual devices, one for business and one for personal, to coexist in a single physical device. However hypervisors are not native to any mobile operating system and must be integrated to specific OS releases and devices by either the device manufacturer or wireless carrier. Obviously this is very problematic because this added step can significantly fragment BYOD scalability by limiting availability to vendors that make the engineering and support investment for a specific virtualization product. While virtualization is a great solution for many use cases, its limited scalability and increased performance and power requirements reduce its value as a BYOD solution.