Mobile DID and Why InfoSec Loves It

A smartphones is supposed to be a very personal gadget, and it is said to reflect the personality of the owner. But all of us know that humans wear different masks at different times. The easiest change to observe is to see a person at work, and out of it. So can your smartphone imitate this human behavior?

The answer is YES. The smartphones can be give the Dissociative Identity Disorder (DID), or split personality. In fact, security teams really like the devices that suffer with this ailment (or feature).

Actually, having a device that can behave as two is the best way to have a user use it as both a personal style statement and a professional tool. Being able to separate personal and professional identities on a device is the holy grail of mobile security. It provides the security and control benefits that are essential for enterprise mobility without the associated complexities. Blackberry’s new balance feature is a shot in the same direction. It provides a simple way of tagging the application as work or personal, and the user can switch between the 2 profiles.

Benefits

The value of splitting personalities on a smartphone is two-fold. Firstly, it helps ensure the safety of corporate apps and data. It also makes BYOD easier for the organization. If a smartphone carrying valuable data goes missing, an organization is going to wipe it – even if it contains family photos. Discrete personalities can resolve this situation. Only the professional profile can be erased, leaving the personal data intact.

Three Approaches

There are 3 ways in which your smart device can generate an alter ego – Containerization, App wrapping, and Virtualization.

1. Containerization – This is literally, like creating a container within your device. All the corporate apps and data are put into a separate repository, which is encrypted. This repository can be remotely deleted if required. If your gadget is like a building, then a container is like a room in it.

Pros and cons

Containerization provides full control over the capabilities of the app, like encryption, separation of corporate and personal data, copy & paste protection etc. Also, selective Wipe is very easy here. However, The user experience is not particularly good with the container app, both in terms of the performance of the heavy app, and the fact that the user needs to login again. Further, this approach does not protect data in other apps, and comes with a number of restrictions.

2. App Wrapping – this approach focuses on encasing the corporate app with a wrapper that provides additional functionality like automatic setting of VPN or encryption. This does not necessarily segregate the app and data, but adds functionality to the pre-existing corporate apps. App wrapping is like deploying a corporate app in its own container.

Pros and cons

The benefit of wrapping is that it provides easier management of corporate apps, while leaving the other apps and data alone. The downside is that the apps become heavier thus impacting performance, and the data is not really secure.

3. Virtualization – Quite simply, mobile device virtualization is the process of running more than one (generally no more than 2) operating systems on a mobile device independent of each other. The OSes can either be instances of the same mobile OS (like android) or one mobile and the other a traditional one like Windows or Linux.

Pros and cons

MDV provides better security, higher productivity through remote access, and segregation of personal and professional apps and data. It also provides remote wipe facility for the work instance. However, the second instance is taxing for the system resources, and deteriorates performance. Also, iOSFree Web Content, the OS of the most popular phone in the world is not included in the supported platform list of most MDV solutions.

This was a guest article from Jennifer Lewis.

The author holds a content writer position with one of the top mobile application companies in Delhi Ncr. The enterprise app development companies has team of highly experienced mobile app developer Dallas to meet the mobility consulting demands of clients.

Leave a Reply