By Ari Rabban, Co-Founder and CEO, Phone.com
“Bring your own device” (BYOD) isn’t a new trend, but that doesn’t mean SMBs–or large enterprises, for that matter–have worked out all of the kinks. Part of the challenge has to do with how the change in ownership affects control over apps and the device itself.Updates are one example: It’s risky to rely on employees to be diligent about checking for and installing updates, especially when an update is necessary to plug a security hole. This is a new paradigm for SMBs that are used to a PC world, where they can just push out an update instead of relying on employees to do something.
The good news is that there’s a growing selection of mobile application management (MAM) solutions to give SMBs granular control over work-related apps on employee-owned devices. This granularity is why they’re fundamentally different than mobile device management (MDM) solutions, which are designed to control the whole device and thus are a better fit for SMBs that provide their employees with smartphones or tablets.
One example of this granularity is the way that MAM solutions let SMBs require passwords for only work-related apps instead of all apps on the device. That flexibility avoids the security risks that arise when employees get annoyed about a device-wide password requirement and look for ways to circumvent it.
MAM solutions also enable SMBs to put work-related apps and other company resources in a separate “container” that’s off limits to personal apps. That’s important because according to a recent Cisco study, 46 percent of employees admitted to transferring files between work and personal computers when working from home. It’s a safe bet that many of them are using smartphones and tablets to transfer company data, such as between email and cloud storage services such as Dropbox.
SMBs can use MAM to prevent unauthorized transfers and other risks. For example, instead of a blanket rule that simply shuts off the phone’s camera with no exceptions, the MAM solution can prevent only work-related apps from using the camera. As with app-specific passwords, this flexibility avoids the problems that occur when employees balk at broad-brush, heavy-handed policies.
MAM solutions can be particularly valuable for getting deep insights into how employees are using work-related apps – and when they’re not. That information can be useful for ensuring compliance with industry-specific regulations and best practices. It also helps identify employees who are using apps that the SMB spent money to buy or develop in house. That information is key for calculating those apps’ RoI. Finally, many MAM solutions are available on a hosted basis, making them a viable option for SMBs that don’t want the upfront and ongoing costs of a premise-based product.
Besides MAM, another type of solution is emerging: smartphone and tablet processors capable of running two versions of an OS: the employee’s personal one and a corporate copy. Sometimes referred to as “virtualization,” this architecture eliminates problems such as corporate information being inadvertently or intentionally shared with personal apps.
When an employee gets a new device that has this “dual-identity” processor, the IT department would use a compatible MDM solution to send a file to the device that tells it to copy the OS to create the corporate version. The SMB also could use the MDM solution to then push out a configuration package and all of its approved-for-work apps.
BYOD continues to be an attractive way for SMBs to leverage smartphones and tablets that they otherwise couldn’t afford to buy for all of their employees. MAM and MDM solutions offer ways to mitigate the security risks and other challenges that arise when those devices have to serve two masters.
Ari Rabban is an IP communications industry veteran, with specific expertise in the start-up environment, moving companies from concept to operation. He joins Phone.com from Pulver Ventures, an incubator for new IT companies, where he served as managing director and vice president. Previously, Ari served as vice president of corporate development and marketing for VocalTec Communications, the VoIP market pioneer and developer of the first Internet phone.