Slashdot Mirror
Dual Interface Mobile Devices To Address BYOD Issue
Lucas123 writes "Next year, smart phones will begin shipping with the ability to have dual identities: one for private use and the other for corporate. Hypervisor developers, such as VMware and Red Bend, are working with system manufacturers to embed their virtualization software in the phones, while IC makers, such as Intel, are developing more powerful and secure mobile device processors. The combination will enable mobile platforms that afford end users their own user interface, secure from IT's prying eyes, while in turn allowing a company to secure its data using mobile device management software. One of the biggest benefits dual-identity phones will offer is enabling admins to wipe corporate data from phones without erasing end users profiles and personal information."
The only major concern I have is battery life. You don't see any figures from the manufacturers or the hypervisor companies (aka. VMware) as to what this will do to the already short battery life of a smart phone that is heavily used. Additionally, what incentive does a customer have to buy a device that supports this? Granted a company could prefer one or the other, but the days of "You own X device or Y device only (ie. Blackberry - no iPhone)" are over and it defeats the purpose of BYOD.
I can only please one person a day. Today is not your day, and tomorrow does not look good either.
Jolla's Sailfish OS/hardware (not sure what exactly at this early date) can run the Mer as well as Android OS. So Jolla does more than multiple user accounts on a single phone.
You can't be ahead of the curve, if you're stuck in a loop.
It's already available.
"A person is smart. People are dumb, panicky dangerous animals and you know it." - K
we heard you like to compute while you talk, so we put your boss's computer in your phone so you can slave away 24/7!
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
Seriously, what is so difficult about having a multi-user phone OS when Linux or Darwin is running the underpinnings?
Finally someone realizes not all users are the same. Now if they would release an interface for power users without time-wasting transitions, silly skewmorphics, lame swipes and minus the overall nursery-age feel, mobile devices will take the next big step forward.
Sent from my ENIAC
I don't understand who this would be attractive to, outside control-freak American corporations.
As a private citizen, why the hell would I want my personal phone to be designed in a way that allows the company I work for to take control of it and access my personal data (separate partitions be damned - when they take the device out of your view for "updates," what guarantee do you have they aren't hacking or imaging it? None)?
As a business owner, why the hell would I want sensitive company data to be stored locally on the personal device of an employee? What guarantee do I have that said employee won't try to access the information without permission, or better yet, take the phone and try to sell it to one of my competitors?
Now, say I was one of those aforementioned control-freak corporations - I would find this a wonderful idea! Not only would it give me an excuse and method to constantly track employees during their off time (oh, see, we're only monitoring the business partition of your phone, so it's totally legit!), it would also be one more frond on the proverbial cat-O-nine that I use to subjugate and mentally manipulate the people who work for me into docile compliance!
Perhaps I'm being excessively cynical, but I fail to see any positive value to such a system.
An enigma, wrapped in a riddle, shrouded in bacon and cheese
Until they can have dual SIM cards and run on two networks at the same time, it will be useless. If the company wants me to have a cellphone, they can pay for one. I prefer to keep both lines separate so I can completely ignore work the second I leave the office.
Do not look at laser with remaining good eye.
This is the wrong solution to a very real problem - how can a machine get used for personal as well as private access? The answer is, if I have to boot (or even switch to) a separate account to do my personal activities, either they will get done on the work account (compiling - might as well check ./.) or they won't get done at all. I see no use in the "personal" device usage - if I need that, I'm going to use a tablet or my home device.
The solution is to provide proper incentive, security and usage guidance, and a strong security stance so your employees use the work devices for appropriate personal activity.
Now, get back to work, DIY - I want to see your TPS reports on my desk by tomorrow morning!
Make sure everyone's vote counts: Verified Voting
Many companies currently pay for personal phone plans if they use them for business, or at least give them some credit; flat fee or usage based. With these dual identity phones, will you need two phone plans? For many people that may make their own personal phone plan more expensive, especially if they were paying $0 before.
I can do the last part with our MDM software from a leading vendor®. Partial wipes work very well on Android and iOS devices.
Devil's advocate here. Having a low level hypervisor on the phone is something I've wanted for a long time. There are reasons that having two OS stacks that don't "see" each other on a level 1 hypervisor system would be , and it is less to deal with technical than legal reasons.
Reason 1: I can fire off a "kill" command from Exchange, and the business part gets zonked. The phone still is trackable and locatable. I can do this with a text message and TouchDown, but this way, all data related to work (or even perhaps a client) is gone, and assuming everything is encrypted with a key, I can be sure that the data is rendered unrecoverable, not just deleted or "wiped" (overwriting three times does not work with flash media due to wear levelling unless the low level controller is told to zap the individual cells themselves.)
Reason 2: Separation. I can sign off on the fact that there is absolutely -zero- mingling of personal and work/client data other than being on the same physical hardware (the same way a mainframe can separate LPARs). Confidential stuff never touches the same filesystem as personal data, so a rogue app that gets root would not be able to rummage inside the latest TPS reports.
With how contacts get slurped up by apps, someone storing work related contacts on their phone is likely going to have them vacuumed up by an app, which will aid greatly for spamming, as well as directed attacks (from a contact list with titles, org structures can be deduced, etc.) So, keeping business contacts completely away from personal ones, or contacts addressible by Facebook [1].
Having stuff completely separate minimizes the chance of "leakage". I can sort of do this with Android, but on the iPhone, there is no app like RoadSync or Touchdown to keep the Exchange stuff separate.
Reason 3: Legal/tax reasons. Having stuff separate also makes the legal eagles happy.
Of course, hypervisors are not perfect, but what they provide is separation that is useful in a legal sense (separate filesystems, separate CPU usage, separate RAM images.) It is easier to explain complete separation/isolation to a jury who hates your guts than to explain how unlikely it would be for a root exploit that would allow user "a" in a multi-user system to access user "b"'s stuff, from happening.
So, even though keeping work stuff in a single app is a working solution, the best from both a technical and legal viewpoint would be a level 1 hypervisor.
[1]: If I remember right, there was a bug in the FB app that might alter contacts about a year ago, and that would not be good with work stuff.