Jonathan Foulkes, Kaseya

BYOD mobility is rapidly becoming an enterprise fact of life. Thanks to the introduction of new technologies that make it practical, workable, and secure, the BYOD dilemma – balancing the needs of the enterprise with the demands of its users – has been greatly diminished.

Unlike MDM solutions, which manage the mobile device and all of its contents, containerisation is uniquely suited to BYOD because it segregates enterprise and personal assets in the device.

It establishes and manages encrypted, policy-enforced ‘containers’ within each personal device that give controlled access to e-mail, documents, and applications. Enterprise data is encrypted at rest and in flight, and if a device is lost or stolen, it can wipe the containers. To further protect the enterprise, communications with containers can be conducted over a private communications channel that encrypts and authenticates each connection, eliminating the need for VPNs or other inbound TCP/IP connections to the enterprise network. This approach shields the network from probes, attacks, malware, and compromised devices, as only the secure containers connect to the enterprise network.

Containerisation may not solve each enterprise need for every mobile user, and containers and MDM needn’t be viewed as mutually exclusive. In many deployments, the two methodologies may be mixed and matched according to mobility roles.

For employees who need routine access to email, shared documents, Intranet sites, and HTML or hybrid apps, containerisation is typically sufficient to enable productive mobility that is both secure and convenient. Eliminating MDM and enterprise-owned devices for these employees can also significantly reduce enterprise costs while giving users the satisfaction of flexibility. Containerisation further extends meaningful, controlled access to partners and customers for whom MDM is simply not viable.

Other roles may warrant MDM. That’s especially the case when the job function is completely mobile or requires information access beyond e-mail/PIM, documents, and intranet apps. In such cases, it may be simpler to supply enterprise-owned devices completely managed by IT. Even then, the use of containers within the enterprise-owned device can add an additional layer of security and application management.

About the author: Jonathan Foulkes, VP of Mobile Product Management at Kaseya