Mobile Device Management Vendors Tackling BYOD Challenges With Beefed-Up Security

While MDM platforms can address some fundamental security issues by helping IT control mobile device features and configurations, secure mobile workspace products go even further from a security standpoint.

Secure mobile workspaces separate the personal and corporate sides of a mobile device and add enterprise-grade authentication, encryption and VPN features to the latter, Andrew Braunberg, a research director at NSS Labs, an information security research and advisory firm, said in an interview.

[Related: BYOD And MDM: 10 Vendors That Get It ]

The MDM market is in a state of constant change as companies attempt to address mobile security and establish bring your own device policies, Braunberg said.

In addition to adding secure mobile workspaces, MDM vendors are embracing mobile application management to address BYOD challenges, he said.

"Corporate data is increasingly co-mingled with personal devices," Braunberg told CRN. "This idea that end points are becoming increasingly un-trustable is being driven by mobile device use, and the next phase in this evolution is to focus on the applications and the data, not necessarily the device itself."

But with the MDM market in considerable flux, businesses should move cautiously when evaluating potential secure workspace technologies, Braunberg said.

Peter Hesse, president of Chantilly, Va.-based Gemini Security Solutions told CRN that businesses are increasingly turning to mobile application management to keep track of employee owned smartphones and tablets.

Businesses need a way to manage the work data on the device, and to limit configuration changes that impact the user's personal data, Hesse said. "There's never going to be a complete comfort with BYOD, especially in the enterprise," he said. "Using an application or hardware capability with a split workspace is very appealing."

Verizon and AT&T are among the first carriers to work with secure mobile workspace vendors as part of their go-to-market strategy.

One startup that has been flying under the radar is Enterproid, now known as Divide, which received $12 million in Series B funding in October led by Google Ventures. Its secure container technology includes cloud-based management.

Another startup, OpenPeak sells its ADAM secure mobile workspace platform as a cloud-based service, and also white-labels its technology through AT&T and other carriers.

Tel-Aviv-based vendor Cellrox takes a different approach. It developed a version of Android that is designed to support a hypervisor -- which it calls "ThinVisor" -- on top of the custom Android Kernel, which can be shared to host multiple environments.

Red Bend Software, Waltham, Mass., sells MDM software for a variety of products, including those used in the automotive industry. The company supports mobile virtualization and touts its ability to update firmware over cellular networks. It sells software to mobile device manufacturers and service providers, and partners with Samsung via its Knox program.

MDM vendors with secure mobile workspaces include AirWatch, Citrix and Fixmo, all three of which have partner programs. Braunberg said MobileIron, GoodTechnology, and Fiberlink, now part of IBM, are also strong in this area.

Traditional network access control vendors are also stepping into the market. Braunberg said Aruba Networks sells a secure workspace as part of its network access control and mobile security platform.

"The pure plays are much more interested in sticking to their knitting and collaborating broadly with the mobile ecosystem, while Aruba is saying they can do a lot of this themselves," Braunberg said. "There are other players that are thinking of going down this route."