Click here to close now.




















Welcome!

Cloud Security Authors: Pat Romanski, Ian Khan, Dennis Griffin, Liz McMillan, Mark Carrizosa

Related Topics: Cloud Security, Mobile IoT, Microservices Expo, Microsoft Cloud, Agile Computing, @CloudExpo

Cloud Security: Blog Feed Post

BYOD 2.0 – Moving Beyond MDM with F5 Mobile App Manager

BYOD 1.0 is the industry’s first attempt at solving problems related to personally owned devices in the workplace

BYOD has quickly transformed IT, offering a revolutionary way to support the mobile workforce. The first wave of BYOD featured MDM solutions that controlled the entire device. In the next wave, BYOD 2.0, control applies only to those apps necessary for business, enforcing corporate policy while maintaining personal privacy. The #F5 Mobile App Manager is a complete mobile application management platform built for BYOD 2.0.

As more smartphones, tablets, and other types of mobile devices make their way into employees’ hands, requests for corporate access from those devices are increasing, which represents a huge challenge for IT departments. Not only has IT lost the ability to fully control and manage these devices, but employees are now demanding that they be able to conduct company business from multiple personal devices. Initially resistant to the idea due to security concerns, IT teams are slowly adopting the concept, but hesitantly, still concerned about the inherent risks of allowing personal devices to access and store sensitive corporate information.

People have become very attached to their mobile devices. They customize them, surf the web, play games, watch movies, shop, and often simply manage life with these always-connected devices. The flipside of the convenience and flexibility of BYOD are the many concerns about the risks introduced to the corporate infrastructure when allowing unmanaged and potentially unsecured personal devices access to sensitive, proprietary information.  Organizations need dynamic policy enforcement to govern the way they now lock down data and applications. As with laptops, if an employee logs in to the corporate data center from a compromised mobile device, then that employee becomes as much of a risk as a hacker with direct access to the corporate data center.

Enter BYOD 1.0.

BYOD 1.0 is the industry’s first attempt at solving problems related to personally owned devices in the workplace. BYOD 1.0 consists of two primary components—mobile device management (MDM) and device-level, layer 3 VPNs. The primary goal of MDM is to manage and secure the endpoint device itself, including varying amounts of protection for data at rest on the device (which is typically limited to enabling native device encryption via configuration). The primary aim of the layer 3 VPN is to connect the device back into the corporate network, providing data-in-transit security for corporate traffic.

Both of these BYOD 1.0 components have a drawback—they are umbrellas that protect and manage the entire device, rather than zeroing in on just the enterprise data and applications on that device. Since these are usually dual-purpose (work/personal) devices, this device-wide approach causes issues for both workers and for IT.  Employees don’t like that BYOD 1.0 imposes enterprise controls over their personal devices, applications, and information. One of the most commonly cited examples is that of the employee who leaves a company and has his device wiped by the organization, losing photos of his family along with the enterprise data and applications. People are also concerned with the privacy of their personal data under a BYOD 1.0 scheme.

From an IT perspective, organizations agree—they don’t want to have to concern themselves with personal data or applications. As soon as they manage the entire device or simply connect that device to the corporate network via VPN, that personal traffic also becomes an IT problem. While BYOD 1.0 helps to enable the use of personally owned devices in the enterprise, the device-level approach certainly has its challenges. BYOD 2.0 seeks to solve these shortcomings. The shift from BYOD 1.0 to BYOD 2.0 builds on many of the concepts developed during BYOD 1.0, adding a new set of frameworks that enable IT organizations to wrap enterprise applications in a security layer.

Throughout BYOD 1.0, F5 has provided connectivity for mobile devices into enterprise networks with VPN functionality, most commonly through iOS and Android versions of the F5 BIG-IP Edge Client. This layer provides management capabilities as well as functionality such as authentication and authorization, data-at-rest security, and data-in-transit security, among others.

BYOD 2.0 builds on the BYOD 1.0 foundation but makes a substantial shift from a device-level focus to an application-level focus. BYOD 2.0 seeks to ensure that the enterprise footprint on a personally owned device is limited to the enterprise data and applications and nothing more. This means that mobile device management is supplanted by mobile application management (MAM), and device-level VPNs are replaced by application-specific VPNs. These application-specific VPNs include technology such as BIG-IP APM AppTunnels, a single secure, encrypted connection to a specific service such as Microsoft Exchange.

With this approach, workers are happier than with BYOD 1.0 because the enterprise manages and sees only the enterprise subset of the overall data and applications on the device, leaving the management of the device itself, and of personal data and applications, to the device’s owner. IT staff prefer the BYOD 2.0 approach for the same reasons—it allows them to concern themselves only with the enterprise data
and applications they need to secure, manage, and control.

BYOD 2.0 and the aforementioned application wrapping frameworks are changing the dynamic in the mobile space. By combining mobile management functionality and access functionality into a single offering, these wrappers give enterprises a mobile IT solution that extends from data and applications on the endpoint into the cloud and data center.

Introducing F5 Mobile App Manager

mam F5 Mobile App Manager (MAM) is a mobile application management and access solution that securely extends the enterprise to personal mobile devices. It manages applications and secures data while satisfying the needs of employees and enterprise IT departments. For IT, it limits the burden associated with securing and controlling personal data and mobile use. For employees, it safely separates personal data and use from corporate oversight. F5 MAM is a complete mobile application management platform offering security, management, and compliance for BYOD deployments. It is a true enterprise device, data, and information management solution that fits the needs of the mobile enterprise better than MDM solutions.  F5 MAM includes a suite of business productivity applications and capabilities to separate and secure enterprise mobile applications while providing end-to-end security.

F5 MAM Workspace
Organizations and employees both want the ability to segregate professional and personal information. F5 MAM Workspace is an innovative solution allowing enterprises to truly create a virtual enterprise workspace on a wide variety of mobile devices. With MAM Workspace, individuals can have separate sectors and associated policies for their personal and enterprise uses of a device. This enables IT to control how employees access key corporate information while ensuring that employees maintain the freedom to take full advantage of their mobile devices.  The secure MAM Workspace can be protected by a password or PIN that is independent of the device password. IT can also reset a user’s MAM Workspace password, lock down a user’s MAM Workspace, or wipe the Workspace in the event of a policy violation.

F5 MAM App Wrapper
Organizations can also add their own applications to the secure workspace. Organizations have the ability to add any application to the secure, IT-controlled environment. In addition, there is zero need to recompile to create a secure application. F5 MAM App Wrapper scans the existing code in third-party apps, identifies any security vulnerabilities, and injects new proprietary code. This wraps and secures the app for manageability and deployment.

F5 MAM Connect
Email is one of the most critical communication tools for organizations and employees alike. No email, no work.  F5 MAM Connect is a secure, wrapped personal information manager (PIM) client that integrates with Microsoft Exchange and delivers enterprise email, calendar, contacts, tasks, and notes to the employee. MAM Connect offers EAS synchronization, global address list integration, secure storage, and networking
and is fully managed via the MAM management console.

F5 MAM Browser
The F5 MAM Browser is a secure and managed browser delivered within MAM. It provides employees with a full-featured browser, separate from their personal browsers, with the control IT needs for secure browser access. It facilitates integrated blocked and safe lists without reliance on proxies, provides controls for enterprise proxy configuration, and allows administrators to push configuration via the web-based MAM portal.

Whether organizations are prepared or not, BYOD is here, and it is transforming enterprise IT. It can potentially provide organizations a significant cost savings and productivity boost, but it is not without risk. F5 provides strategic control points for mobile applications from the endpoint to the data center and to the cloud, enabling unparalleled security, performance, and agility. F5 Mobile App Manager helps organizations make the leap to BYOD or transition from controlling the entire device to simply managing corporate applications and data on the device, solving the work/personal dilemma.

With F5 Mobile App Manager, BYOD 2.0 is now a reality.

ps

Related:

 

Technorati Tags: f5,byod,smartphone,mobile,mobile device,risk,research,silva,security,compliance

Connect with Peter: Connect with F5:
o_linkedin[1] o_facebook[1] o_twitter[1] o_facebook[1] o_twitter[1] o_slideshare[1] o_youtube[1]


Read the original blog entry...

More Stories By Peter Silva

Peter Silva covers security for F5’s Technical Marketing Team. After working in Professional Theatre for 10 years, Peter decided to change careers. Starting out with a small VAR selling Netopia routers and the Instant Internet box, he soon became one of the first six Internet Specialists for AT&T managing customers on the original ATT WorldNet network.

Now having his Telco background he moved to Verio to focus on access, IP security along with web hosting. After losing a deal to Exodus Communications (now Savvis) for technical reasons, the customer still wanted Peter as their local SE contact so Exodus made him an offer he couldn’t refuse. As only the third person hired in the Midwest, he helped Exodus grow from an executive suite to two enormous datacenters in the Chicago land area working with such customers as Ticketmaster, Rolling Stone, uBid, Orbitz, Best Buy and others.

Bringing the slightly theatrical and fairly technical together, he covers training, writing, speaking, along with overall product evangelism for F5’s security line. He's also produced over 200 F5 videos and recorded over 50 audio whitepapers. Prior to joining F5, he was the Business Development Manager with Pacific Wireless Communications. He’s also been in such plays as The Glass Menagerie, All’s Well That Ends Well, Cinderella and others. He earned his B.S. from Marquette University, and is a certified instructor in the Wisconsin System of Vocational, Technical & Adult Education.

@ThingsExpo Stories
Through WebRTC, audio and video communications are being embedded more easily than ever into applications, helping carriers, enterprises and independent software vendors deliver greater functionality to their end users. With today’s business world increasingly focused on outcomes, users’ growing calls for ease of use, and businesses craving smarter, tighter integration, what’s the next step in delivering a richer, more immersive experience? That richer, more fully integrated experience comes about through a Communications Platform as a Service which allows for messaging, screen sharing, video...
Too often with compelling new technologies market participants become overly enamored with that attractiveness of the technology and neglect underlying business drivers. This tendency, what some call the “newest shiny object syndrome,” is understandable given that virtually all of us are heavily engaged in technology. But it is also mistaken. Without concrete business cases driving its deployment, IoT, like many other technologies before it, will fade into obscurity.
SYS-CON Events announced today that IceWarp will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. IceWarp, the leader of cloud and on-premise messaging, delivers secured email, chat, documents, conferencing and collaboration to today's mobile workforce, all in one unified interface
In his session at @ThingsExpo, Lee Williams, a producer of the first smartphones and tablets, will talk about how he is now applying his experience in mobile technology to the design and development of the next generation of Environmental and Sustainability Services at ETwater. He will explain how M2M controllers work through wirelessly connected remote controls; and specifically delve into a retrofit option that reverse-engineers control codes of existing conventional controller systems so they don't have to be replaced and are instantly converted to become smart, connected devices.
The Internet of Things is in the early stages of mainstream deployment but it promises to unlock value and rapidly transform how organizations manage, operationalize, and monetize their assets. IoT is a complex structure of hardware, sensors, applications, analytics and devices that need to be able to communicate geographically and across all functions. Once the data is collected from numerous endpoints, the challenge then becomes converting it into actionable insight.
With the proliferation of connected devices underpinning new Internet of Things systems, Brandon Schulz, Director of Luxoft IoT – Retail, will be looking at the transformation of the retail customer experience in brick and mortar stores in his session at @ThingsExpo. Questions he will address include: Will beacons drop to the wayside like QR codes, or be a proximity-based profit driver? How will the customer experience change in stores of all types when everything can be instrumented and analyzed? As an area of investment, how might a retail company move towards an innovation methodolo...
SYS-CON Events announced today that HPM Networks will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. For 20 years, HPM Networks has been integrating technology solutions that solve complex business challenges. HPM Networks has designed solutions for both SMB and enterprise customers throughout the San Francisco Bay Area.
Consumer IoT applications provide data about the user that just doesn’t exist in traditional PC or mobile web applications. This rich data, or “context,” enables the highly personalized consumer experiences that characterize many consumer IoT apps. This same data is also providing brands with unprecedented insight into how their connected products are being used, while, at the same time, powering highly targeted engagement and marketing opportunities. In his session at @ThingsExpo, Nathan Treloar, President and COO of Bebaio, will explore examples of brands transforming their businesses by t...
SYS-CON Events announced today that Pythian, a global IT services company specializing in helping companies leverage disruptive technologies to optimize revenue-generating systems, has been named “Bronze Sponsor” of SYS-CON's 17th Cloud Expo, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Founded in 1997, Pythian is a global IT services company that helps companies compete by adopting disruptive technologies such as cloud, Big Data, advanced analytics, and DevOps to advance innovation and increase agility. Specializing in designing, imple...
As more and more data is generated from a variety of connected devices, the need to get insights from this data and predict future behavior and trends is increasingly essential for businesses. Real-time stream processing is needed in a variety of different industries such as Manufacturing, Oil and Gas, Automobile, Finance, Online Retail, Smart Grids, and Healthcare. Azure Stream Analytics is a fully managed distributed stream computation service that provides low latency, scalable processing of streaming data in the cloud with an enterprise grade SLA. It features built-in integration with Azur...
SYS-CON Events announced today that Micron Technology, Inc., a global leader in advanced semiconductor systems, will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Micron’s broad portfolio of high-performance memory technologies – including DRAM, NAND and NOR Flash – is the basis for solid state drives, modules, multichip packages and other system solutions. Backed by more than 35 years of technology leadership, Micron's memory solutions enable the world's most innovative computing, consumer,...
Contrary to mainstream media attention, the multiple possibilities of how consumer IoT will transform our everyday lives aren’t the only angle of this headline-gaining trend. There’s a huge opportunity for “industrial IoT” and “Smart Cities” to impact the world in the same capacity – especially during critical situations. For example, a community water dam that needs to release water can leverage embedded critical communications logic to alert the appropriate individuals, on the right device, as soon as they are needed to take action.
As more intelligent IoT applications shift into gear, they’re merging into the ever-increasing traffic flow of the Internet. It won’t be long before we experience bottlenecks, as IoT traffic peaks during rush hours. Organizations that are unprepared will find themselves by the side of the road unable to cross back into the fast lane. As billions of new devices begin to communicate and exchange data – will your infrastructure be scalable enough to handle this new interconnected world?
While many app developers are comfortable building apps for the smartphone, there is a whole new world out there. In his session at @ThingsExpo, Narayan Sainaney, Co-founder and CTO of Mojio, will discuss how the business case for connected car apps is growing and, with open platform companies having already done the heavy lifting, there really is no barrier to entry.
With the Apple Watch making its way onto wrists all over the world, it’s only a matter of time before it becomes a staple in the workplace. In fact, Forrester reported that 68 percent of technology and business decision-makers characterize wearables as a top priority for 2015. Recognizing their business value early on, FinancialForce.com was the first to bring ERP to wearables, helping streamline communication across front and back office functions. In his session at @ThingsExpo, Kevin Roberts, GM of Platform at FinancialForce.com, will discuss the value of business applications on wearable ...
WebRTC has had a real tough three or four years, and so have those working with it. Only a few short years ago, the development world were excited about WebRTC and proclaiming how awesome it was. You might have played with the technology a couple of years ago, only to find the extra infrastructure requirements were painful to implement and poorly documented. This probably left a bitter taste in your mouth, especially when things went wrong.
The Internet of Things (IoT) is about the digitization of physical assets including sensors, devices, machines, gateways, and the network. It creates possibilities for significant value creation and new revenue generating business models via data democratization and ubiquitous analytics across IoT networks. The explosion of data in all forms in IoT requires a more robust and broader lens in order to enable smarter timely actions and better outcomes. Business operations become the key driver of IoT applications and projects. Business operations, IT, and data scientists need advanced analytics t...
Akana has announced the availability of the new Akana Healthcare Solution. The API-driven solution helps healthcare organizations accelerate their transition to being secure, digitally interoperable businesses. It leverages the Health Level Seven International Fast Healthcare Interoperability Resources (HL7 FHIR) standard to enable broader business use of medical data. Akana developed the Healthcare Solution in response to healthcare businesses that want to increase electronic, multi-device access to health records while reducing operating costs and complying with government regulations.
For IoT to grow as quickly as analyst firms’ project, a lot is going to fall on developers to quickly bring applications to market. But the lack of a standard development platform threatens to slow growth and make application development more time consuming and costly, much like we’ve seen in the mobile space. In his session at @ThingsExpo, Mike Weiner, Product Manager of the Omega DevCloud with KORE Telematics Inc., discussed the evolving requirements for developers as IoT matures and conducted a live demonstration of how quickly application development can happen when the need to comply wit...
The Internet of Everything (IoE) brings together people, process, data and things to make networked connections more relevant and valuable than ever before – transforming information into knowledge and knowledge into wisdom. IoE creates new capabilities, richer experiences, and unprecedented opportunities to improve business and government operations, decision making and mission support capabilities.