Introducing the Next-Generation Container for the Enterprise Consumer

October 6, 2014
By Naveed Makhani
By Naveed Makhani, VP Product Management

For years, Moka5 has enabled organizations to address the needs of the enterprise consumer through simple and secure management of enterprise containers on laptops, desktops, smartphones, and tablets.

Over the last year or so, we’ve noticed an interesting pattern emerging in our customer base – many of them are struggling to secure use of web- and cloud-based services. This made us realize that there was a need for a new type of container. We tested the idea by including an item named “lightweight container” in the “Future” column of our roadmap, which inspired some great discussion. The response was clear – customers need a next-generation container for the web- and cloud-driven world.

What Our Customers Have Been Asking For

Customers want to adopt web- and cloud-based applications to become more device- and platform-independent, but struggle to secure these apps without impacting user experience

Many enterprises like the idea of moving to Microsoft Office 365 or Google Apps for their productivity suite needs, or Salesforce.com for their CRM needs, but the very ubiquity of access that makes these applications so appealing is also what makes securing enterprise data accessed from these applications so challenging.

While our customers use the Moka5 PC container to ensure that data accessed via these web-based services does not leave the container, there is no great way to secure usage of these services when accessed from outside the container, on unmanaged systems.

Customers want to securely enable access to internal web apps (such as Outlook Web Access) and document repositories (such as SharePoint or network file shares) from unmanaged devices

Consider a scenario where a user may need to get access to an email attachment on their home PC, edit the document, and send it back out for review. Many organizations disable this scenario by restricting use of Outlook Web Access (OWA) because of their concern that a sensitive attachment could be downloaded and left unencrypted on an unmanaged host. This is unfortunate for the enterprise consumer who just wants to get their work done.

One approach to addressing this use case is to ask the user to deploy the Moka5 PC container (LivePC) to their home PC, after which they could access the standard Outlook client via their Windows environment. While that works, requiring the user to download and install a multi-gigabyte Windows container seems overkill to enable this simple use case on a secondary PC.

Customers like the mobile container access model where secure enterprise connectivity is transparent to the enterprise consumer, and they want to apply this same model to the PC

Many customers said their users love the mobile container access model where they launch the app and get direct access to enterprise resources, without having to separately launch a VPN client and initiate a connection multiple times per day. Customers want to provide a similar experience on the PC, where their users could access internal resources (intranet, SharePoint files, network file shares, etc.) without having to worry about managing the connectivity back to the enterprise.

And thus was born Moka5’s next-generation container…

The above are difficult scenarios to secure and enable, so how can IT give enterprise consumers ubiquitous access to web-based services and the device- and platform-independence they desire, while preserving control over enterprise data?

Moka5 is building a next-generation container to do just that. You can think of it as taking our mobile container, combined with our mobile gateway, and applying that concept to the PC – native, lightweight, and completely independent of Windows. By basing the concept of this new container on our mobile container paradigm, we will be able to leverage this new container across both PC and mobile platforms.

Included in this next-generation container will be a secure web browser to access both company-hosted and 3rd-party SaaS services such as Salesforce.com, Office 365, Workday, and any such web-based enterprise service. It will also contain a secure document browser with an integrated offline-capable viewer and editor to view, annotate, and edit documents in on- and off-premises repositories such as SharePoint, network file shares, Box, Google Drive, etc.

This next-generation, lightweight container will be encrypted and fully manageable by the enterprise. Admins will be able to restrict data leakage via a variety of controls, including copy/paste, drag-and-drop, printing, among others. And, as with our existing PC container, the next-generation container will have advanced host assessment capabilities so that enterprises can easily assess the host’s security posture against a broad set of security controls before granting the user access to the enterprise container.

Additionally, by integrating with our mobile gateway, all container traffic can be routed through the enterprise (or a cloud-based intermediary) for visibility and policy control, and access to all 3rd-party web-based services (Salesforce, Office 365, etc) from unmanaged devices can be restricted to just the lightweight container. Lastly, support for single sign-on (SSO) will enable seamless access to web apps, and support for RADIUS will enable multi-factor authentication to the container.

So how can enterprises make use of this next-generation, lightweight container?

  • As a lightweight PC container for employees and contractors that do not require a full Windows environment
  • For lightweight access to enterprise services on unmanaged secondary devices (home PC, spouse’s PC, etc)
  • On company-owned, traditionally-managed Windows and Mac systems as a DLP measure to gain visibility into usage of cloud-based enterprise services when users are off the corporate network
  • As a means to deliver an improved user experience, as container-level secure enterprise connectivity would be transparent to the user

And when will this amazing next-generation container be available?

It’s kind of you to ask…we’re currently heads-down on development, working collaboratively with some customers on the design, with a private preview targeted for Q1.

If all this talk of a next-generation container has you excited to share interesting use cases you may have in mind, or you’d like to debate its merits, or simply just learn more, feel free to contact me via email at [email protected] or via Twitter (@naveedmakhani).

 

To get a more in-depth description on our next-generation container plans, please download our Project SkyNet Whitepaper.

 

 

Comments are closed.