Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

BLOG: The latest mobile security darlings won't work either

Galen Gruman | July 22, 2013
Users simply won't accept locked-down, limited, and clunky tools like containerization, dual personas, and virtualization

I've been skeptical for some years now of the straitjacket technologies proposed by security vendors to antsy IT organizations seeking to lock down users' mobile devices. The whole reason smartphones and iPads became the most quickly adopted technologies in history is because they support people's freedom to get stuff done the way they prefer. Yet these tools try to convert them into the limited-functionality, hard-to-use devices that people are trying to escape.

Of course they fail.

I was reminded of this basic foolishness in a recent CITEworld story warning how the current darling of security vendors — containerization — risked IT delivering separate business environments on modern devices like iPhones and Androids that would be as bad as IT-managed BlackBerrys and Windows Mobile devices that users quickly threw overboard in 2009 through 2011. Sure, a container might be more secure, but it would also be less useful and harder to work with — which means it won't get used, and once again employees will maneuver around it.

Remember that old saying: Complexity kills. Anyone who's seen the stream of promises since the mid-2000s about using similar technologies to secure the PC knows they've all failed because they're too hard to deploy, too hard to manage, and too hard to use. Yet somehow these same technologies will magically work on mobile devices, where usability is actually important?

I don't know why this reality is so hard for many organizations to accept. Many don't, so they waste lots of time, money, and productivity trying to to fight reality and human nature, rather than leveraging them for business benefit.

The CITEworld story was particularly instructive because a few months earlier its author hadpraised Samsung's Knox containerization approach (which BlackBerry 10 also offers via its Balance technology) as the way for the Android world to beat Apple in its business stronghold, precisely by satisfying IT's wants.

It takes some time to work through the real-world implications, and it's easy to get excited by the latest and greatest, especially in the hypercompetitive technology sphere. I've seen that same "feast to famine" dynamic occur in many publications' stories. (I cite the one from CITEworld mainly because it's published by InfoWorld's parent company, so I can't be accused of being mean to competitors.)

Containerization is the latest proposed silver bullet for safeguarding businesses from their employees. A few years ago, EMC VMware was all over the notion of using virtualization to create some sort of separation. No one bit, and VMware was distracted by other issues, though it returned to the virtualization-based dual-persona game this year. Citrix Systems has more consistently carried the virtualization torch, though with little to show for it as yet. So does General Dynamics, which is working on a variant of the technology in hopes of selling dual-persona devices to the military. Never mind that the U.S. military later decided that single-persona iPhones meet its security needs just as well.

 

1  2  Next Page 

Sign up for CIO Asia eNewsletters.