Fundamentals: 3 Ways to Virtualize Mobile Devices
3 Ways to Virtualize Mobile Devices
The key to a COPE (corporate-owned, personally enabled) strategy for smartphones, tablets or even PCs is the ability to compartmentalize hardware into business and personal partitions and then centrally manage configuration, security, and data and application policies on the business side of the divide. If that sounds like a good idea, first decide if you need a total split personality or simply IT control of a few select apps and settings.
The cleanest, most secure but technically most challenging (at least on mobile devices) strategy is client-side virtualization, where a mobile hypervisor creates two independent virtual machines. While this is now trivially simple on PCs, it’s vexingly difficult, although not impossible, on most mobile devices.
If you don’t need a virtual moat, you can securely partition and control work-related activities, and associated apps and data, using quasi-/thin hypervisors, multiapplication sandboxes, single app containers, encrypted local storage containers and remote app execution. We’ll survey the options, outline the pros and cons of each, and conclude with an action plan. (S6830413)