Welcome!

Machine Learning Authors: Lucia Schöpfer, William Schmarzo, Jason Bloomberg, Derek Weeks, Jyoti Bansal

Related Topics: Cloud Security, Mobile IoT, Microservices Expo, Microsoft Cloud, Agile Computing, @CloudExpo

Cloud Security: Blog Feed Post

BYOD 2.0 – Moving Beyond MDM with F5 Mobile App Manager

BYOD 1.0 is the industry’s first attempt at solving problems related to personally owned devices in the workplace

BYOD has quickly transformed IT, offering a revolutionary way to support the mobile workforce. The first wave of BYOD featured MDM solutions that controlled the entire device. In the next wave, BYOD 2.0, control applies only to those apps necessary for business, enforcing corporate policy while maintaining personal privacy. The #F5 Mobile App Manager is a complete mobile application management platform built for BYOD 2.0.

As more smartphones, tablets, and other types of mobile devices make their way into employees’ hands, requests for corporate access from those devices are increasing, which represents a huge challenge for IT departments. Not only has IT lost the ability to fully control and manage these devices, but employees are now demanding that they be able to conduct company business from multiple personal devices. Initially resistant to the idea due to security concerns, IT teams are slowly adopting the concept, but hesitantly, still concerned about the inherent risks of allowing personal devices to access and store sensitive corporate information.

People have become very attached to their mobile devices. They customize them, surf the web, play games, watch movies, shop, and often simply manage life with these always-connected devices. The flipside of the convenience and flexibility of BYOD are the many concerns about the risks introduced to the corporate infrastructure when allowing unmanaged and potentially unsecured personal devices access to sensitive, proprietary information.  Organizations need dynamic policy enforcement to govern the way they now lock down data and applications. As with laptops, if an employee logs in to the corporate data center from a compromised mobile device, then that employee becomes as much of a risk as a hacker with direct access to the corporate data center.

Enter BYOD 1.0.

BYOD 1.0 is the industry’s first attempt at solving problems related to personally owned devices in the workplace. BYOD 1.0 consists of two primary components—mobile device management (MDM) and device-level, layer 3 VPNs. The primary goal of MDM is to manage and secure the endpoint device itself, including varying amounts of protection for data at rest on the device (which is typically limited to enabling native device encryption via configuration). The primary aim of the layer 3 VPN is to connect the device back into the corporate network, providing data-in-transit security for corporate traffic.

Both of these BYOD 1.0 components have a drawback—they are umbrellas that protect and manage the entire device, rather than zeroing in on just the enterprise data and applications on that device. Since these are usually dual-purpose (work/personal) devices, this device-wide approach causes issues for both workers and for IT.  Employees don’t like that BYOD 1.0 imposes enterprise controls over their personal devices, applications, and information. One of the most commonly cited examples is that of the employee who leaves a company and has his device wiped by the organization, losing photos of his family along with the enterprise data and applications. People are also concerned with the privacy of their personal data under a BYOD 1.0 scheme.

From an IT perspective, organizations agree—they don’t want to have to concern themselves with personal data or applications. As soon as they manage the entire device or simply connect that device to the corporate network via VPN, that personal traffic also becomes an IT problem. While BYOD 1.0 helps to enable the use of personally owned devices in the enterprise, the device-level approach certainly has its challenges. BYOD 2.0 seeks to solve these shortcomings. The shift from BYOD 1.0 to BYOD 2.0 builds on many of the concepts developed during BYOD 1.0, adding a new set of frameworks that enable IT organizations to wrap enterprise applications in a security layer.

Throughout BYOD 1.0, F5 has provided connectivity for mobile devices into enterprise networks with VPN functionality, most commonly through iOS and Android versions of the F5 BIG-IP Edge Client. This layer provides management capabilities as well as functionality such as authentication and authorization, data-at-rest security, and data-in-transit security, among others.

BYOD 2.0 builds on the BYOD 1.0 foundation but makes a substantial shift from a device-level focus to an application-level focus. BYOD 2.0 seeks to ensure that the enterprise footprint on a personally owned device is limited to the enterprise data and applications and nothing more. This means that mobile device management is supplanted by mobile application management (MAM), and device-level VPNs are replaced by application-specific VPNs. These application-specific VPNs include technology such as BIG-IP APM AppTunnels, a single secure, encrypted connection to a specific service such as Microsoft Exchange.

With this approach, workers are happier than with BYOD 1.0 because the enterprise manages and sees only the enterprise subset of the overall data and applications on the device, leaving the management of the device itself, and of personal data and applications, to the device’s owner. IT staff prefer the BYOD 2.0 approach for the same reasons—it allows them to concern themselves only with the enterprise data
and applications they need to secure, manage, and control.

BYOD 2.0 and the aforementioned application wrapping frameworks are changing the dynamic in the mobile space. By combining mobile management functionality and access functionality into a single offering, these wrappers give enterprises a mobile IT solution that extends from data and applications on the endpoint into the cloud and data center.

Introducing F5 Mobile App Manager

mam F5 Mobile App Manager (MAM) is a mobile application management and access solution that securely extends the enterprise to personal mobile devices. It manages applications and secures data while satisfying the needs of employees and enterprise IT departments. For IT, it limits the burden associated with securing and controlling personal data and mobile use. For employees, it safely separates personal data and use from corporate oversight. F5 MAM is a complete mobile application management platform offering security, management, and compliance for BYOD deployments. It is a true enterprise device, data, and information management solution that fits the needs of the mobile enterprise better than MDM solutions.  F5 MAM includes a suite of business productivity applications and capabilities to separate and secure enterprise mobile applications while providing end-to-end security.

F5 MAM Workspace
Organizations and employees both want the ability to segregate professional and personal information. F5 MAM Workspace is an innovative solution allowing enterprises to truly create a virtual enterprise workspace on a wide variety of mobile devices. With MAM Workspace, individuals can have separate sectors and associated policies for their personal and enterprise uses of a device. This enables IT to control how employees access key corporate information while ensuring that employees maintain the freedom to take full advantage of their mobile devices.  The secure MAM Workspace can be protected by a password or PIN that is independent of the device password. IT can also reset a user’s MAM Workspace password, lock down a user’s MAM Workspace, or wipe the Workspace in the event of a policy violation.

F5 MAM App Wrapper
Organizations can also add their own applications to the secure workspace. Organizations have the ability to add any application to the secure, IT-controlled environment. In addition, there is zero need to recompile to create a secure application. F5 MAM App Wrapper scans the existing code in third-party apps, identifies any security vulnerabilities, and injects new proprietary code. This wraps and secures the app for manageability and deployment.

F5 MAM Connect
Email is one of the most critical communication tools for organizations and employees alike. No email, no work.  F5 MAM Connect is a secure, wrapped personal information manager (PIM) client that integrates with Microsoft Exchange and delivers enterprise email, calendar, contacts, tasks, and notes to the employee. MAM Connect offers EAS synchronization, global address list integration, secure storage, and networking
and is fully managed via the MAM management console.

F5 MAM Browser
The F5 MAM Browser is a secure and managed browser delivered within MAM. It provides employees with a full-featured browser, separate from their personal browsers, with the control IT needs for secure browser access. It facilitates integrated blocked and safe lists without reliance on proxies, provides controls for enterprise proxy configuration, and allows administrators to push configuration via the web-based MAM portal.

Whether organizations are prepared or not, BYOD is here, and it is transforming enterprise IT. It can potentially provide organizations a significant cost savings and productivity boost, but it is not without risk. F5 provides strategic control points for mobile applications from the endpoint to the data center and to the cloud, enabling unparalleled security, performance, and agility. F5 Mobile App Manager helps organizations make the leap to BYOD or transition from controlling the entire device to simply managing corporate applications and data on the device, solving the work/personal dilemma.

With F5 Mobile App Manager, BYOD 2.0 is now a reality.

ps

Related:

 

Technorati Tags: f5,byod,smartphone,mobile,mobile device,risk,research,silva,security,compliance

Connect with Peter: Connect with F5:
o_linkedin[1] o_facebook[1] o_twitter[1] o_facebook[1] o_twitter[1] o_slideshare[1] o_youtube[1]


Read the original blog entry...

More Stories By Peter Silva

Peter is an F5 evangelist for security, IoT, mobile and core. His background in theatre brings the slightly theatrical and fairly technical together to cover training, writing, speaking, along with overall product evangelism for F5. He's also produced over 350 videos and recorded over 50 audio whitepapers. After working in Professional Theatre for 10 years, Peter decided to change careers. Starting out with a small VAR selling Netopia routers and the Instant Internet box, he soon became one of the first six Internet Specialists for AT&T managing customers on the original ATT WorldNet network.

Now having his Telco background he moved to Verio to focus on access, IP security along with web hosting. After losing a deal to Exodus Communications (now Savvis) for technical reasons, the customer still wanted Peter as their local SE contact so Exodus made him an offer he couldn’t refuse. As only the third person hired in the Midwest, he helped Exodus grow from an executive suite to two enormous datacenters in the Chicago land area working with such customers as Ticketmaster, Rolling Stone, uBid, Orbitz, Best Buy and others.

Writer, speaker and Video Host, he's also been in such plays as The Glass Menagerie, All’s Well That Ends Well, Cinderella and others.

@CloudExpo Stories
In the next five to ten years, millions, if not billions of things will become smarter. This smartness goes beyond connected things in our homes like the fridge, thermostat and fancy lighting, and into heavily regulated industries including aerospace, pharmaceutical/medical devices and energy. “Smartness” will embed itself within individual products that are part of our daily lives. We will engage with smart products - learning from them, informing them, and communicating with them. Smart produc...
Internet of @ThingsExpo, taking place June 6-8, 2017 at the Javits Center in New York City, New York, is co-located with the 20th International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. @ThingsExpo New York Call for Papers is now open.
SYS-CON Events announced today that Catchpoint, a leading digital experience intelligence company, has been named “Silver Sponsor” of SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Catchpoint Systems is a leading Digital Performance Analytics company that provides unparalleled insight into your customer-critical services to help you consistently deliver an amazing customer experience. Designed for digital business, C...
“DevOps is really about the business. The business is under pressure today, competitively in the marketplace to respond to the expectations of the customer. The business is driving IT and the problem is that IT isn't responding fast enough," explained Mark Levy, Senior Product Marketing Manager at Serena Software, in this SYS-CON.tv interview at DevOps Summit, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
SYS-CON Events announced today that Catchpoint Systems, Inc., a provider of innovative web and infrastructure monitoring solutions, has been named “Silver Sponsor” of SYS-CON's DevOps Summit at 18th Cloud Expo New York, which will take place June 7-9, 2016, at the Javits Center in New York City, NY. Catchpoint is a leading Digital Performance Analytics company that provides unparalleled insight into customer-critical services to help consistently deliver an amazing customer experience. Designed ...
More and more brands have jumped on the IoT bandwagon. We have an excess of wearables – activity trackers, smartwatches, smart glasses and sneakers, and more that track seemingly endless datapoints. However, most consumers have no idea what “IoT” means. Creating more wearables that track data shouldn't be the aim of brands; delivering meaningful, tangible relevance to their users should be. We're in a period in which the IoT pendulum is still swinging. Initially, it swung toward "smart for smart...
WebRTC sits at the intersection between VoIP and the Web. As such, it poses some interesting challenges for those developing services on top of it, but also for those who need to test and monitor these services. In his session at WebRTC Summit, Tsahi Levent-Levi, co-founder of testRTC, reviewed the various challenges posed by WebRTC when it comes to testing and monitoring and on ways to overcome them.
In their general session at 16th Cloud Expo, Michael Piccininni, Global Account Manager - Cloud SP at EMC Corporation, and Mike Dietze, Regional Director at Windstream Hosted Solutions, reviewed next generation cloud services, including the Windstream-EMC Tier Storage solutions, and discussed how to increase efficiencies, improve service delivery and enhance corporate cloud solution development. Michael Piccininni is Global Account Manager – Cloud SP at EMC Corporation. He has been engaged in t...
Cloud Expo, Inc. has announced today that Andi Mann returns to 'DevOps at Cloud Expo 2017' as Conference Chair The @DevOpsSummit at Cloud Expo will take place on June 6-8, 2017, at the Javits Center in New York City, NY. "DevOps is set to be one of the most profound disruptions to hit IT in decades," said Andi Mann. "It is a natural extension of cloud computing, and I have seen both firsthand and in independent research the fantastic results DevOps delivers. So I am excited to help the great t...
Every successful software product evolves from an idea to an enterprise system. Notably, the same way is passed by the product owner's company. In his session at 20th Cloud Expo, Oleg Lola, CEO of MobiDev, will provide a generalized overview of the evolution of a software product, the product owner, the needs that arise at various stages of this process, and the value brought by a software development partner to the product owner as a response to these needs.
In 2014, Amazon announced a new form of compute called Lambda. We didn't know it at the time, but this represented a fundamental shift in what we expect from cloud computing. Now, all of the major cloud computing vendors want to take part in this disruptive technology. In his session at 20th Cloud Expo, John Jelinek IV, a web developer at Linux Academy, will discuss why major players like AWS, Microsoft Azure, IBM Bluemix, and Google Cloud Platform are all trying to sidestep VMs and containers...
SYS-CON Events announced today that MobiDev, a client-oriented software development company, will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place June 6-8, 2017, at the Javits Center in New York City, NY, and the 21st International Cloud Expo®, which will take place October 31-November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. MobiDev is a software company that develops and delivers turn-key mobile apps, websites, web services, and complex softw...
SYS-CON Events announced today that Enzu will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY, and the 21st International Cloud Expo®, which will take place October 31-November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Enzu’s mission is to be the leading provider of enterprise cloud solutions worldwide. Enzu enables online businesses to use its IT infrastructure to their competitive ad...
Smart Cities are here to stay, but for their promise to be delivered, the data they produce must not be put in new siloes. In his session at @ThingsExpo, Mathias Herberts, Co-founder and CTO of Cityzen Data, discussed the best practices that will ensure a successful smart city journey.
In his session at 19th Cloud Expo, Claude Remillard, Principal Program Manager in Developer Division at Microsoft, contrasted how his team used config as code and immutable patterns for continuous delivery of microservices and apps to the cloud. He showed how the immutable patterns helps developers do away with most of the complexity of config as code-enabling scenarios such as rollback, zero downtime upgrades with far greater simplicity. He also demoed building immutable pipelines in the cloud ...
Choosing the right cloud for your workloads is a balancing act that can cost your organization time, money and aggravation - unless you get it right the first time. Economics, speed, performance, accessibility, administrative needs and security all play a vital role in dictating your approach to the cloud. Without knowing the right questions to ask, you could wind up paying for capacity you'll never need or underestimating the resources required to run your applications.
Traditional on-premises data centers have long been the domain of modern data platforms like Apache Hadoop, meaning companies who build their business on public cloud were challenged to run Big Data processing and analytics at scale. But recent advancements in Hadoop performance, security, and most importantly cloud-native integrations, are giving organizations the ability to truly gain value from all their data. In his session at 19th Cloud Expo, David Tishgart, Director of Product Marketing ...
Technology vendors and analysts are eager to paint a rosy picture of how wonderful IoT is and why your deployment will be great with the use of their products and services. While it is easy to showcase successful IoT solutions, identifying IoT systems that missed the mark or failed can often provide more in the way of key lessons learned. In his session at @ThingsExpo, Peter Vanderminden, Principal Industry Analyst for IoT & Digital Supply Chain to Flatiron Strategies, will focus on how IoT depl...
Adding public cloud resources to an existing application can be a daunting process. The tools that you currently use to manage the software and hardware outside the cloud aren’t always the best tools to efficiently grow into the cloud. All of the major configuration management tools have cloud orchestration plugins that can be leveraged, but there are also cloud-native tools that can dramatically improve the efficiency of managing your application lifecycle. In his session at 18th Cloud Expo, ...
The pace of innovation, vendor lock-in, production sustainability, cost-effectiveness, and managing risk… In his session at 18th Cloud Expo, Dan Choquette, Founder of RackN, discussed how CIOs are challenged finding the balance of finding the right tools, technology and operational model that serves the business the best. He also discussed how clouds, open source software and infrastructure solutions have benefits but also drawbacks and how workload and operational portability between vendors an...