Enterprise Mobility & the Connected Worker Blog




VMware ups Security Ante and Shows its Ready for the Post-PC Era

by Eric Klein | 06/16/2015

C-Suite representation at the company's business mobility event shows that VMware has much bigger aspirations for its EUC division.

VMware did a masterful job in drawing attention to its business mobility event earlier this week in San Francisco. While we thought that a key partnership similar to the Apple/IBM tie up last summer might be announced, the company did make several important announcements. The primary news was the launch of an entirely new identity management solution (simply named: VMware Identity Manager) which offers integrated single sign-on (SSO) functionality with AirWatch's EMM platform. The fact that 15 new ISV partners have joined the App Configuration for Enterprise (ACE) program was also notable; VMware has correctly identified an opportunity to differentiate going forward via app curation. Sanjay Poonen made it clear that he envisions the ACE program extending much further than its current roster of 21 ISVs. Considering that the program is just 3 months old, and the strong brands/footprints in the enterprise of participating ISVs, they are off to a great start. However, the market will still require some education to understand the true value proposition of ACE.

 

Plenty of vendors (startups such as Centrify, Okta, OneLogin, Ping Identity and Symflified are the most prominent) have developed important enhanced security solutions (all are centered around automating authentication) and have increasingly turned their focus toward enterprise mobility. Then of course there are heavies such as IBM, Microsoft, and Oracle who have tenured Identity Management solutions. VMware's entry here isn't about displacing these vendors — the move shows that they are aware that their customers are looking for ways to improve their competitiveness, agility, and compliance — and that their customers are going mobile. Offering an Identity-as-a-service (IDaaS) solution is a smart, as it will enable VMware to offer sophisticated security (by combining secure cloud SSO, strong authentication, and sophisticated identity lifecycle management) while preventing their customers from going elsewhere for these types of services.

What's most impressive is VMware's ability to blend enhanced security technologies that were intended for traditional client-server environments with modern mobile platforms (and infrastructure). Case in point, the merging of its NSX solution with AirWatch's EMM platform; by using what VMware calls "network micro-segmentation", they are effectively bringing very granular virtual network policy controls (at the application level) which allows users or groups to access only the specific applications within the data center to which they are authorized. This type of technology has not existed until now, although containerization solutions such as Docker seem to be moving in this direction.

use of network micro-segmentation
use of network micro-segmentation
use of network micro-segmentation

VDC sees these solutions as gaining in importance as the theft of credentials has become a persistent barrier for secure mobile enablement. Implementing more robust security mechanism typically comes with a cost; solutions typically introduce more complexity and negatively impact the user experience. From what VMware is showing, they seemed to have nailed this. However, it feels as though others will be able to replicate this seamless (and secure) method of mobile application delivery.

Keys to success for all of the participating vendors in enhance security will be to deliver solutions that are able to preserve the user experience while delivering robust mobile solutions that aren’t cumbersome and are designed to accommodate the way mobile users want to operate. New entrants must demonstrate that their approach is differentiated to compete against large and established security vendors. While mobile authentication is niche, the market is crowded, and visibility will be critical to establish the right partnerships and channel relationships. VMware seems to be coming out of the gate quickly.

* Side note: VMware also announced it will be working more closely (and presumable integrating more deeply) with Apple going forward; not coincidentally, key rival MobileIron was able to interject its partnership with Apple on its OneTouch solution into the news cycle on the same day of VMware business mobility event. I'm waiting to learn more about the details on the depth of both of these partnerships.

View the 2017 Enterprise Mobility & Connected Devices Research Outline to learn more.