Due to the valuable and often sensitive nature of the content residing on mobile devices, and the inherent insecurity of modern mobile computing platforms, CIOs and IT personnel know that they must make protecting their mobile end points from the vulnerabilities and threats that they are regularly exposed to a top priority. Handset OEMs and mobile ISVs are in tune with these trends and are beginning to augment and enhance the security mechanisms to protect both corporate liable and BYOD devices. The goal is in hiding the complexity associated with the enterprise-grade security they are adding from consumers who are the ultimate buyers of the devices.
Hardening the OS w/o Affecting the UX
In just the past 8 weeks, all four of the major mobile computing platform vendors held their own developer / ecosystem oriented events (BlackBerry Live and Google IO (May), and Apple's WWDC and Microsoft's Build (June). While each respective company's mobile initiatives (save BlackBerry) weren't necessarily front and center, the enterprise mobility strategies of each were thoughtfully "rolled out" and messaged. The mobile elements of these events received plenty of attention from the media and analyst community.
Handset OEMs are very well aware of the enterprise opportunity ahead of them – while Apple's Senior Manager of device management Todd Fernandez poked fun at his company for furthering its enterprise strategy "lookout I just used the 'e' word", Apple did announce several notable security enhancements to its latest version of iOS, and did proceed to updated its 'Apple for Business' web site.
The Platform Battle is on
While BlackBerry’s mobile solutions have historically been synonymous with large mobile deployments in enterprise settings, the iconic handset manufacturer’s slow move to touchscreens has significantly impacted its market share and given competing platforms such as Apple’s iOS and Google’s Android an opportunity to take over in the enterprise. As depicted above, this has BlackBerry (and Microsoft) on the outside looking in on the enterprise market.
The security enhancements that Apple teased at WWDC were indeed notable, IT-friendly improvements included: auto-updates for apps, better app multitasking, per-application VPN, enterprise SSO capabilities, streamlined device-management enrollment, better app license management. However, competitors focused on Google's Android platform (e.g., Samsung, HTC, Huawei et al – along with mobile ISVs) are taking advantage of the platforms' openness and innovating on a broad range of enhanced security features on Android devices. Not to mention that these vendors are able to innovate, harden, and develop their own security enhanced (SE) features by leveraging the good work that originated in NSA to better protect the integrity of apps and data on the Android platform.
Microsoft seems to have blown an opportunity at the recently concluded Build conference – Mr. Ballmer spent all of 3 minutes on Windows Phone 8. While Microsoft did disclose that Sprint would be carrying a new device, many of us expected to hear more. It seems clear that the vendor has been slow on delivering its 'General Distribution Release 2' (GDR2) update for Windows Phone 8 – although it is rumored that at least 2 GDR updates are forthcoming and will be delivered prior to the upcoming 'Blue' release. Regardless of any potential enhancements that are planned, what I see mattering is where mobile ISVs are focused.
So what does an enterprise Smartphone/Tablet look like? For now, iDevices, and Android devices (with mobile ISVs focused on both, and the Android inclined handset OEMs who have formailzed enterprise strategies focusing on the latter).