Mobile endpoint security: What enterprise infosec pros must know now
A comprehensive collection of articles, videos and more, hand-picked by our editors
Mobile virtualization and virtual desktop delivery are both ways of using virtualization on smartphones and tablets, but they aren't the same thing.
Some vendors have begun working with device manufacturers to build smartphones that have hypervisors on them, which enables mobile virtualization. These devices can run multiple virtualized environments to separate work and personal data, making device management easier for IT and keeping local apps from interacting with corporate information. IT can also take advantage of virtualization by delivering virtual desktops and applications to mobile devices. The desktops and apps are hosted in the data center and delivered remotely to the endpoint, providing users with the full functionality of the enterprise on their mobile device.
Read on to learn more about the pros and cons of mobile virtualization and delivering virtual applications and desktops to mobile devices. Plus, find out what the future might hold for each.
What is mobile virtualization?
Mobile virtualization is a kind of dual-persona technology or containerization, which is when a user has a portion of his mobile device virtualized for the purpose of holding corporate data. In some cases, there are two virtualized containers, one for work data and one for personal. Mobile virtualization makes device management easier because IT only needs to manage the virtualized portion of a user's device.
VMware Horizon Mobile uses hypervisors on Android phones from Verizon to create a virtualized environment to store employees' work data. Other vendors, such as Citrix and Red Bend, also offer mobile virtualization platforms. Horizon Mobile uses a Type 2 hypervisor, whereas the Citrix and Red Bend products use Type 1 hypervisors, which tend to be faster and have less latency than Type 2 ones. This makes the user experience more natural.
But using hypervisors to virtualize part or all of a device requires that mobile virtualization vendors work with device manufacturers to build and distribute phones with hypervisors on them. Additionally, companies that currently offer mobile virtualization do so only on Android devices so far. Because Apple has such tight control over its devices, iPhones and iPads may never come with hypervisors, which some experts think means that mobile virtualization won't see widespread adoption.
What are the advantages of delivering virtual desktops and apps to mobile devices?
If you go the route of delivering virtual desktops and applications to mobile devices, you can enjoy easier updating. If you implement shared virtual desktops, making any updates to the base image means you'll see that change make its way to all your users. Plus, full-fledged virtualized desktops and applications often offer more functionality than mobile app alternatives.
Take Microsoft Outlook, for example: When you enable access to corporate email through ActiveSync, workers can't use the Active Directory or search for co-workers' availability, but with a virtualized instance of Outlook, those capabilities become available to them. Providing virtual desktop access on mobile devices also improves security because corporate data lives in the data center, not on users' devices. Plus, hackers can't push a virus through a virtualized application.
What are the downsides of using mobile desktop and application virtualization?
Running applications that normally need a mouse and keyboard on devices that have neither can make using that application tough. Additionally, those x86 applications that get virtualized and delivered down to a mobile device are made for desktops with 13-inch screens or larger, and putting that display on a mobile device with a 5-inch screen can make work difficult for users.
Storing files can be a pain because virtualized apps or apps running in a VM often lack the same storage options as physical desktops. Some companies allow users to access remote desktops that store data locally, but loading the desktop isn't as fast or easy as using a mobile app and the cloud might be. And when a VM crashes, everything on the VM is unavailable until failover occurs. Last but not least, workers need an internet connection to get to their virtualized desktops or applications, so no Wi-Fi or cellular connection means work is out of the question.
Do users really need full desktop access on their mobile devices?
This is a question you should ask yourself. In many cases, workers don't need to access their whole desktop from their smartphones and tablets. They might just need a couple of mission-critical apps. That can actually make IT's job easier, because you can cherry-pick the apps you want to virtualize and deliver them to users, rather than delivering everyone's full desktop down to their smartphones or requiring phones that have hypervisors.