Dealing with BYOD: Containerization vs. MDM

November 13, 2013
By Moka5

Sure your business textbooks may have defined it as a method of transporting freight by placing it in large containers, but containerization in today’s business environment is just as likely to deal with virtual containers, as physical.

When it comes to technology containerization refers to a solution that creates separate encrypted data stores or ‘containers’ on a device. There are a number of reasons an enterprise might chose to implement a container solution, but some of the most popular stem from BYOD and their associate policies and security concerns.

Containerization, as Ellen Messmer explains in a recent article for NetworkWorld, creates “a clear division as to what is subject to corporate security policies such as wiping.” This clear division provides IT managers with the control necessary to keep corporate data secure, while still allowing employees freedom to use one device for both work and personal purposes. However, some may still wonder: How does containerization differ from other mobile device management solutions?

 

Containerization Vs. Mobile Device Management

As Will Kelly explains in an article for Tech Republic, “Mobile devices management (MDM) solutions for Bring Your Own Device (BYOD) programs have always been sensitive territory, because this is where personal and corporate technology intersects.” However, the right containerization solution actually allows users to maintain control over their own data, “while corporate data, network access, and apps sit securely in an encrypted container.”

Although containerization offers a logical alternative to traditional MDM solutions, its strict separation of corporate and personal data has received criticism from some who feel that this solution disables most of the advantages that BYOD offers. In an article for CITEworld addressing containerization and BYOD, Ryan Faas suggests that containerization hinders an employee’s ability to “make their own workflows, select the best apps for their job functions, and capitalize on the potential for increased productivity and satisfaction. In such situations, there are just two outcomes - user productivity is stifled or users will find ways to work around the restrictions that IT has imposed on them.”

Although Faas’ article brings up valid points about productivity and clever employee work-arounds, it also assumes that IT allows no flexibility within the containers on employee devices, which is not necessarily the case. Moka5’s LivePCs for instance, are automatically split into three layers. This allows IT managers to deploy a single golden image to all users and departments. From there, users and departments can customize image in the user application layer.

Others assume that MDM is the only way to ensure that personally owned BYO devices are not compromised while inside a corporate network. What these corporate data-focused individuals often fail to consider is the personal privacy that is lost with MDM solutions. MDM compromises employee’s privacy by giving IT visibility into all the data on their personally owned device. How would you feel if your IT department knew each time you took a photo on your device; each time a text was sent and received, along with all the content of those texts; or all personal email? Chances are your answer is some variation of “not happy.” And who would blame you? Why would anyone with a choice want their personally owned device to be controlled or managed by IT? Containerization—like what’s provided with Moka5—doesn’t require IT to manage your device, just the secure container within your device. As a result, personal data on your personal device can stay personal.

 

What do you think is the biggest drawback of traditional MDM solutions? Leave a comment below and let us know.

Comments are closed.