In response to the growing threat of mobile malware, one intriguing concept has emerged as a potential solution to help enterprises secure mobile devices: dual-identity devices.
The idea is actually fairly simple. On the phone there will be two distinct profiles: one for personal usage, another for work usage. The apps and data of each profile would be kept distinct from each other. The “personal” profile would be managed by the user, and the “work” profile would be kept locked down (the way most IT people would prefer it). In theory, everybody is happy: the user gets to use their phone as they see fit, the user’s company has their data safe and sound. It’s a win-win situation, right?
The concept is appealing enough that both Blackberry and Samsung have announced that they are both using this very concept in their newest products. However, the devil is in the details – and that is where we discover there are a few problems.
Firstly, there isn’t a standard for how to do this sort of security. What it means is that if enterprises really want to use a feature like this, they might find that only a small percentage of devices are as secure as they ought to be because many employee devicest ha aren’t on the right platform. Alternately, they mighve to limit their users to a very specific device or platform – which goes against the grain of the entire Bring-Your-Own-Device trend.
Secondly, there’s the issue of usability. How will the user “see” the secured, encrypted portion? Blackberry’s implementation treats home/work as a setting, which can be easily changed from the phone’s home screen. Samsung’s implementation is more analogous to an app that has to be used.
Security features that are inconvenient to use won’t be used. Consider passwords: in theory, they work well enough, but because users find it inconvenient to memorize secure ones, they use weak ones which are trivial to break. If these features are difficult to use, then they will likely be ignored or bypassed.
It’s quite likely that we’ll see similar security solutions become more common in mobile platforms either this year or next. The idea itself has plenty of merit; the problem is how it will be implemented. If it turns into a fragmented mess with each vendor, each OEM, each carrier having their own “solution” then this idea will go nowhere.
On the other hand, if a reasonably multi-platform solution that’s easy to use for both IT administrators and users is found and sees widespread adoption, it would be a huge step forward in making BYOD easier for enterprises to swallow as part of a comprehensive and well-thought out consumerization plan.