Apperian Goes Big on User Acceptance Testing

The rise of the custom B2C and B2E app

With an increasingly mobile workforce relying on a combination of enterprise-issued and BYOD devices, the need of custom-made applications to support line of business workflows has grown significantly in recent years.  Data from VDC shows that there is a clear trend towards custom applications that are internally developed, as the year-on-year change for internally developed apps was positive across all industry verticals surveyed. Field mobility in particular saw a marked increase from 30% to 45% of apps being custom developed in-house.  While an increasing portion of resources are being allocated to development, quality assurance (QA) and user acceptance testing (UAT) are often complex and long processes that require specific skills and can be difficult to scale. Frequently, the testing pool is limited, and often relegated to a small number of employees, or even the developers themselves, which can adversely affect the user experience of the app. Apperian, a mobile-first ISV, is looking to address this shortcoming with the industry’s first large-scale solution for user-acceptance testing for mobile applications.

Engaging the community

Looking to overcome the traditional constraints of app testing, Apperian seeks to cast a broader net to both improve the stability and quality of the app, and to significantly cut down on time-to-market. According to CTO Carlos Montero-Luque,  Apperian has “reimagined what mobile app testing should be by empowering hundreds and even thousands of employees and/or contractors to be part of a user acceptance test process,” which they cite has already had a significant impact for early customers. In addition to saving money and time, engaging employees and the broader community provides a platform in which stakeholders have an opportunity to voice their opinions and know that their needs and concerns are being heard.

Security remains an issue

With the number of apps being developed in-house on the rise, security still remains a critical issue. Recent data from a VDC survey on software development reveals that only 8% of respondents have an application security program in place that is specific to mobile applications. When looking at in-house development, that number drops even lower, with a scant 4% of respondents having the means to test applications in-house.  Although most protection revolves around secure coding techniques, other measures, including binary protection countermeasures, are necessary to prevent hackers from pirating or compromising the confidentiality and integrity of applications. Failure to do so can result in applications that are easily reverse-engineered and modified. 

Security Practices Implemented During Mobile Application Development

Apperian blog

VDC data shows that while basic security needs are being met, there are still considerable gaps that remain and need to be addressed, as we have highlighted in previous blogs. This is a pain point for many enterprises and an opportunity for companies like Apperian, especially as development costs continue to rise. Adopting and utilizing tools to help ensure that mobile Software Development Life Cycle (SDLC) best practices are being used will be critical for organizations as they pursue broader mobile enablement initiatives. Moving forward, sophisticated QA techniques, along with strategic usage UAT processes can help to ensure that apps have been adequately protected from hackers will be required, as the cost of security breaches can be enormous, not only in dollars but also in lost time, productivity, and an overall feeling of organizational well-being.

 (With Eric Klein, Senior Analyst)


EMM Vendors not Doing Enough to Satisfy Mobile Security Requirements

Securing mobile deployments in a fragmented security landscape

VDC will be releasing its annual mobile security report next week, which takes an in-depth look at how enterprise mobility management (EMM) vendors have enhanced their mobile security capabilities and how ownership models like that of BYOD impact mobile security investments, as the line between personal computers and mobile devices is increasingly blurred. While the mobile hardware race is in full swing, so too is the battle among mobile ISVs, who are all vying to be the primary provider for an increasingly broad range of mobile solutions for today’s enterprise. An ever-growing mobile workforce carries with it an increasing amount of potentially vulnerable data ranging from emails and attachments, voicemail and private corporate data.  Vulnerabilities such as malware, direct attacks, data interception, exploitation, and social engineering all have transitioned into the mobile space as fluidly as the operating systems themselves. In addition to having a significant financial impact, such breaches can cost organizations in terms of lost time and productivity. As a result, infrastructure investments for mobile management and security are rapidly become a top priority for CIOs, CISOs and IT leaders.

There is no silver bullet

Traditional MDM vendors have expanded their functional range to include integrated end-to-end enterprise mobility management platforms, which incorporate key app, content and network management capabilities; although organizations are recognizing that more is needed to ensure that their devices are secure in a constantly evolving threat landscape. Given the nature of how work styles have changed, and increasing desire of employees to want/need to work at any time, from any location, with data that’s accessible from the company network, the Web, or the cloud, IT is faced with a moving target and requires a broad range of protective measures depending on their organization’s security posture. Given the multilayered security dynamics of mobile platforms, security cannot be assured by finding an ideal hardware configuration or relying on a single type of communications network to catch all threats. In a dynamic market, operating systems, applications, devices, and networks all have a significant impact on security.

Mobile-first ISVs with a strong security orientation that have entered the market are taking a decidedly different path. These vendors are using a combination of technologies and have taken differentiated approaches to securing mobile platforms. One clear difference is their focus on not limiting users to specific applications (what some call an “appnostic” approach) by providing the means to apply security policies to any application. This vendor class is also keen on promoting their vision of what containerization means. To these vendors, moving into a work persona is a form of containerization, or any app that is “badged” may also be considered as being containerized. Another key area of differentiation is the focus on data and applications rather than on devices themselves.

Enterprises are looking to boost EMM investments

Enterprises are looking to mitigate the risk of data breaches, but the solutions aren’t entirely satisfying enterprise requirements. According to a recent VDC survey, nearly 50% of the respondents to a survey recently fielded by VDC indicate that they were not completely satisfied with the level of security they were being provided by their mobile device management vendor partner.


VDC expects that continued investment in device management solutions will drive adoption of mobile security-related products, as enterprises deploy advanced solutions to track, monitor and authorize corporate data access, as an increasing number of their employees bring their devices into the workplace. For this reason, we believe that mobile security vendors can expect to see continued investments in their solutions due to their ability to secure heterogeneous mobile deployment environments and help to prevent against data loss from lost, stolen, compromised, or decommissioned devices.

(with Eric Klein, Senior Analyst)


Will Good Technology's IPO Be Better than Good?

Both the tech and finance world are awaiting the announcement of Good Technology’s IPO, which is hotly anticipated. The EMM firm filed its S-1 with the SEC in May of this year, following the successful IPO of rival MobileIron in April. Good’s IPO would mark the third public offering of a pure-play enterprise mobility firm since the IPO of Tangoe in 2011. While MobileIron’s IPO raised $100 million, selling 11 million shares and setting a strong precedent for Good Technology, there are nevertheless strong headwinds that face Good as it prepares to go public.

Less than good numbers in a competitive market

Among the chief concerns are Good’s earnings: the S-1 filing notes net losses of $41 million, $90.4 million and $118.4 million in 2011, 2012, and 2013 respectively, while billings dropped 2% year on year in Q1 to $47.4 million and 1% to $194.3 million in 2013. In a sector that is becoming fiercely competitive as more companies are looking to add advanced mobility services, this could present a considerable risk factor for Good.

While the number of pure-play EMM providers in the market is winnowing, there is nevertheless strong competition from companies like BlackBerry, MobileIron, and SOTI as well as from management and virtualization vendors like Citrix, Symantec, and VMware/AirWatch. Within its S-1, Good also lists competition from IBM, Microsoft and SAP, who have increasingly broadened their portfolios to offer advanced mobility solutions and have the ability to layer enhanced security capabilities through partners. As a result, it is becoming increasingly difficult to differentiate a distinct competitive advantage, particularly when considering that many firms limit their device management to password enforcement and remote wipes. A recent (April 2014) VDC survey confirms this trend.

  Good Tech BlogHowever, VDC anticipates that more sophisticated application and data management solutions will be required as mobile enablement initiatives continue to expand in enterprise deployment environments.


A cautiously optimistic market awaits Good’s IPO

Good is well positioned to capitalize on these market trends from its ability to evolve its enterprise mobility solutions through the integration of very strategic technologies it has gained through acquisitions. We see these capabilities augmenting the company’s position in the EMM ecosystem. Copiun, AppCentral, BoxTone and Fixmo each filled notable holes in the company’s solution portfolio. While minor acquisitions, they all have provided Good with strong capabilities that complement its mobility solutions. While the company appears to be a long way off from profitability, MobileIron has proved that the market is amenable, given its confidence in the firm’s technology, roadmap, and pace of customer acquisition. As a result of this, as well as current market dynamics, VDC anticipates a successful IPO from Good in the coming weeks.

(with contributions from Eric Klein, Senior Analyst)


Oracle augments its cloud services with TOA acquisition

Oracle announced its plans on Thursday to acquire TOA Technologies, a Cleveland-based firm that specializes in cloud-based field service solutions. These SaaS solutions seek to optimize what Oracle refers to as the “last mile of customer service for enterprises” by coordinating and managing dispatchers, mobile employees and customers to improve service, empower service agents and allow for a more in-depth and long-term customer development. Although the terms of the acquisition remain undisclosed, TOA is considered global leader, as it manages services for major brands like Home Depot, Virgin Media, and Vodafone across more than 20 countries. By fitting into Oracle’s cloud services segment, the deal provides considerable synergies, especially within the realm of field mobility with TOA’s ETAdirect field service management system. 


Looking for smarter, better engagements

Oracle’s acquisition reflects the greater trend within field mobility in looking increasingly beyond reducing operational costs to measure success and to gauge solutions. A recent VDC end user survey revealed that the top two metrics used to measure field mobility solutions were improved worker productivity (45%) and better field worker communication/collaboration (33%). 

Oracle exhibit

Here too, the importance of increased customer service and loyalty mesh with Oracle’s emphasis on a modern approach to field service operations that include long-term brand and customer development through better customer engagements.

Taking the cloud to the field

Since its acquisition of RightNow in 2011, Oracle has made other key strategic (and recent) acquisitions which include BigMachines (October ‘13), Responsys (December ‘13), and BlueKai (February ‘14) to enhance its Cloud Service Platform. The acquisition of TOA further complements Oracle’s cloud services value play with a proven solution that enhances predictive scheduling and brings the ability to streamline service workflows for its customers. Oracle currently possesses scheduling solutions that compete with TOA's ETAdirect platform; however, VDC expects that Oracle will make it easy and attractive for existing customers to migrate to TOA's solutions once they enter an upgrade cycle.

Oracle’s actions make it clear that the company sees smaller and more focused/specialized firms such as Astea International, ClickSoftware, and ServiceMax as becoming increasingly competitive. ClickSoftware continues to sharpen its workforce management solutions and recently (February ‘14) acquired mobile specialist Xora. VDC sees field service solutions are a critical area for enterprise software vendors such as Oracle, particularly when considering workforce mobilization trends. VDC data shows that companies anticipate increasing enterprise mobility budgets by an average of 10.6% for 2014 year-on-year, and for field mobility applications, that figure rises to 11.1%. With smaller firms being acquired, the field is becoming increasingly competitive for the larger players, and VDC anticipates fierce competition ahead to capitalize on rising mobility budgets. 


(with contributions from Eric Klein, Senior Analyst)


BlackBerry Looks to Voice Encryption to Retain Customers

BlackBerry's acquisition of Secusmart, a secure communications specialist, gives BlackBerry a fighting chance to hold onto its government customers.

Earlier this week, BlackBerry announced that its acquisition of privately held German firm Secusmart as part of its drive to become the handset OEM of choice for security-conscious clients in federal markets and in enterprise. While Secusmart's technology has powered BlackBerry's encrypted emails and texts, secure browsing and encrypted file system since 2009, BlackBerry will now integrate going forward through this acquisition Secusmart's Security Card technology. The solution is dependent on the usage of a micro-SD card which features a crypto-controller with a PKI coprocessor for authentication. An additional high-speed coprocessor encrypts voice and data communication using 128 bit AES. Considering BlackBerry’s shrinking device sales, the company must continue to innovate specifically on its platforms embedded security in order to remain relevant as a handset OEM.

Although BlackBerry's footprint in federal markets and in regulated environments is significant, when compared to the overall enterprise market opportunity, they are a niche market. However, what works in BlackBerry’s favor is the fact that companies in these market segments are as reliable as a vendor can hope for in terms of repeat business and year-over-year growth potential due to their reliance on mobile technologies. Indeed, BlackBerry's CEO John Chen sees "these markets as equating to half of IT spending in mobile technologies"; while this is a bit of an overstatement in our view, the opportunity is significant. Under Chen, the company has been very clear in its aim to reinforce BlackBerry as the best platform for secure communications in enterprise settings, and particularly in regulated industries. However, as has been well documented, BlackBerry continues to lose customers to EMM vendors like AirWatch, Good and MobileIron, who have all initiated marketing campaigns focused on painless switching to their respective platforms. While these campaigns in aggregate have had varying success, there is no question that there has been attrition. Although BlackBerry has “opened up” its platform and now allows competing EMM vendor to manage its devices, VDC saw this move as signaling that the company recognizes its position as the incumbent has waned and needed to move with the mobile ecosystem.

The acquisition of Secusmart does bring new high profile reference customer for BlackBerry to tout (in addition to President Barack Obama) with German Chancellor Angela Merkel who found herself the victim of a major security breach (click here, and here) when her iPhone was hacked this past November.

Encrypted Voice is a Super Competitive Market

Moving forward, BlackBerry’s Security will remain as the company’s key differentiator, and is why the company’s best shot for a turnaround rests on its ability to retain and grow its market share in the enterprise.  However, the market that the Secusmart acquisition signals that the company plans to participate in is a crowded one. Organizations such as Motorola Solutions whose bread and butter is in government and regulated markets have had competing products on the market for some time. Motorola Solutions AME2000 product provides end-to-end encrypted voice and data communications on public and private data networks. The solution targets public safety and federal markets which are core target markets for the company. AME200 also features sophisticated hardware-based encryption and key management via a proprietary microSD component of the solution (called CRYPTR micro), to support Federal Information Processing Standard (FIPS) 140-2 Level 3 and Full NSA Suite B Cipher Suites. Motorola isn’t the only vendor either: Silent Circle emerged earlier this year (whose “surveillance proof” Blackphone, started shipping just last month) which can encrypt voice calls, Boeing’s Black phone features an embedded “self destruct” security feature along with the ability to communicate via satellite transceivers for secure voice communications, and FreedomPop’s privacy phone (which runs on Samsung hardware) key feature is voice encryption, and it can even be purchased via Bitcoin for “anonymity”. Suffice it to say that the secure voice and messaging market has quickly become crowded. Not to mention that vendors such as Open Whisper Systems and Silent Circle offer apps (no hardware required) to bring encrypted voice capabilities to the Android and iOS platforms.

A Niche but Valuable Market

While the confidentiality of private telephone calls has come under attack, the need for voice encryption for enterprises and private individuals is not apparent. There is no question that our privacy is being threatened by increasingly sophisticated adversaries and that certain executives and government personnel that routinely engaging in the exchange of private information or who conduct sensitive business transactions from abroad may be targeted. Large global organization do face the challenge of securing a global network of branch offices, subsidiaries, partners and project teams around the world and having the confidence that sensitive information and trade secrets remain confidential is important but the overall market is limited in scope and remains firmly as a niche. Nevertheless, as BlackBerry’s enterprise presence is becoming increasingly relegated to federal and regulated environments, embracing its niche position is, in VDC’s view, the firm’s best option for long-term viability. Acquiring Secusmart could give BlackBerry the security boost it needs to retain its current customer base and provide meaningful differentiation.


Apple Welcomes IBM. Seriously.

Tuesday saw the landmark announcement of an exclusive partnership between Apple and IBM in which IBM will bring its MobileFirst solutions to iOS and allow the former rival to sell iPhones and iPads with industry-specific solutions. With the impending release of the more enterprise-friendly iOS8 later this month, the announcement represents the culmination of Apple’s transition from consumer trendsetter to enterprise powerhouse.  

A decisive break from the Jobs Era

The move firmly cements Tim Cook’s vision for Apple as a clear departure from the Jobs era, which saw much of the company’s history defined as a direct rivalry between the two firms, in which Jobs saw IBM as the Goliath to be defeated by his underdog David of a company. At its peak in the 1980s, the rivalry indeed took on near-biblical proportions in the form of full-page taunts to IBM in the Wall Street Journal and the now-legendary Super Bowl ad. Now, Apple has become the hardware giant and IBM has transitioned towards the cloud, big data and enterprise mobility, having moved away from the personal computing hardware in the last decade and making key acquisitions in analytics, security cloud computing infrastructure to position itself accordingly.

Welcome ibm

Apple’s shot across the bow to Android

The announcement comes on the heels of Google’s I/O conference, where it revealed not only the upcoming Android L, but a closer partnership with Samsung to integrate KNOX into the next version of Android. Dubbed Android for Work, the collaboration aims to place Google and Samsung at the forefront of enterprise mobility and overcome the shortcomings Android faces by the variety of handsets and versions of the OS on the market that all vie to compete against Apple’s iOS products. By teaming up with IBM, with its enterprise IT credibility, Apple has its presence in enterprise even more daunting. Although much of the company’s success in the past has hinged on its massive consumer popularity, but this was hindered by a lack of professional services, support and distribution channels geared towards enterprise. In addition to the engineering of native, industry-specific applications for iOS Apple seeks to overcome this with the combination of AppleCare for enterprise that is supplemented with on-site technical support and service that will hold considerable appeal for CIOs worldwide. By offering support service capabilities ranging from break/fix support and onboarding to asset and application management and security services, Apple has laid down the gauntlet and, at the very least, stolen much of Google’s recent enterprise thunder.

Crunch time for the competition

News of Apple and IBM’s new partnership will have a profound effect on other OEMs, particularly Samsung and Microsoft. For the former, this will likely mean forging and even closer relationship with Google, where the company has hesitated in the past. Despite their collaboration to integrate KNOX on Android, Samsung has shown a certain level of ambiguity in its relationship to Google, namely in the release of the Samsung Z in Russia and India featuring the manufacturer’s proprietary Tizen OS. At the heart of it, VDC sees two non-enterprise focused companies that have made decided enterprise overtures. While Google has made inroads to diminish Apple’s lead, this relationship could propel Apple back towards a considerable lead.

Meanwhile, Microsoft is in the midst of its own re-positioning as it is poised to announce the largest round of layoffs in the company’s history. Microsoft has struggled in bringing its devices into the era of mobility, and only made its Office suite available for the iPad in March of this year. Apple’s announcement could very well move the company further from hardware and increasingly into the cloud. As recently as last week, new CEO Satya Nadella published a company-wide memo outlining Microsoft’s intention to redefine what the company views as its core in a world that he defines as “mobile-first and cloud-first.” With Apple and IBM’s exclusive new partnership, Microsoft will have its work cut out for it in preparation for next week’s MGX and beyond.   


Microsoft Shifts Focus Back to the Enterprise

Satya Natella’s recent company-wide email, while lacking specifics, shed some interesting light on the direction Microsoft will take under his guidance. Steve Ballmer’s “Devices and Services” strategy is being evolved into “Mobile-first and cloud-first” with an emphasis on productivity and collaboration. One clear message from the email was a renewed focus on the enterprise customer, while not completely ignoring the consumer, especially in ackowledging the dual-use personas increasingly prevalent in the way we adopt mobile technology. Again, a meaningful pivot from Ballmer’s recent direction. In reading the email one could not help think that the key messages were formulated with Google in mind more so than Apple.

From an enterprise mobility perspective, this is important. Much like other enterprise-first vendors who attempted to emulate Apple’s influence over consumers, Microsoft fell into a trap that often left them exposed. While it is hard to ignore the consumer’s influence in enterprise technology today – especially in all things mobility – creating consumer cache much the same way Apple does is a losing proposition. Yes, Microsoft needs to directly develop or influence the development of devices than inspire and us consumers can get excited about (and the Surface Pro 3 is such a device). However, Microsoft needs to do so while focusing on the enterprise customer, its primary source of revenue and profitability. Focusing on developing solutions that support containerization or dual-use scenarios addressed by Natella is one way of bridging the gap or blurring the lines between enterprise and consumer use.

Some of the key takeaways from our enterprise mobility perspective include:

Productivity for all. Productivity was mentioned by Natella 20 times in his email. This was clearly not a coincidence. Some of Microsoft’s core assets – from Office to Skype, from Sharepoint to Cortana – are designed with that purpose in mind. From an enterprise mobility perspective, workforce productivity enhancement remains the number one investment driver and priority. Microsoft clearly is in a sweet spot here and making these assets available across multiple (non Windows) platforms (iOS, Android) are necessary and solidify Microsoft’s already strong position in this category. Microsoft can lead and innovate here, just not under the traditional models.


Renewed and Cohesive Commercial/Enterprise Emphasis. It is perhaps unfair to call these efforts renewed as the commercial unit – representing approximately 50% of revenues – has been performing well of late. With a boost from the Windows XP migration (90% of enterprise desktops are now on Windows 7 or 8 according to Microsoft), Server and Office revenues up 6-10% and Sharepoint, Lync and Exchange revenues up double digits and most importantly cloud services revenues up substantially, business performance has been strong. However, what is notable is the under Balmer, there is sufficient anecdotal evidence to suggest that enterprise customers seemed to receive second class service from Microsoft. From our experience (and this is understandably under the narrower enterprise mobility scope) we have had numerous conversations with F250 enterprise accounts over the past three to four months with many expressing frustration with the lack of clarity (especially around platform/OS direction) coming from Redmond. All have substantial investments in Microsoft products and services and remain committed to Microsoft. However, similarly, many expressed that Microsoft has been extraordinarily to recently conduct business. Many should welcome Natella’s with open arms.

Windows takes a back seat. While Windows remains a core OS/platform, especially in the enterprise, today’s reality is a multi-platform one. Microsoft cannot continue to act arrogantly as it did when it was the only game in town. Natella’s announcement of Office on iOS and opening up Azure for Android development (notice the brand shift from Windows Azure to Microsoft Azure) in addition to Microsoft’s change in OS licensing policies for small display devices all point to a more open Microsoft. Windows 8 has not been a success (69% of enterprise respondents to a recent survey indicated that over the next 18-24 months Windows 8 would not represent an investment priority) and, while growing, Windows Phone 8 still represents less than 10% of the smartphone market. While no one expects Microsoft to abandon Windows by any stretch, their flexibility to support alternative platforms will benefit them long term.

A clearer industry or vertical strategy and message. Although not implicit in Nadella’s message, we are seeing greater emphasis around vertical solutions from Microsoft, including frontline mobility solutions. To take this initiative to the next level, Microsoft needs to start realizing the potential vertical solutions through its “mobile-first, cloud-first” approach. As said by Nadella, “there will soon be more than 3 billion people with Internet-connected devices – from a farmer in a remote part of the world with a smartphone, to a professional power user with multiple devices powered by cloud service-based apps…”.  From education specific solutions – such as the collaboration with Intel and Panasonic to deliver a purpose built two in one for the K-12 segment – to mobile endpoint solutions in hazardous oil & gas environments to delivering business critical logistics solutions for last mile parcel delivery, Microsoft’s vertical reach is impressive and offers plenty of room to grow and become a power-player.

Coauthored by Research Associate Natalie Buckner



Still a Long Way to go for FirstNet

With broadband networks playing such a critical role in the future of public safety, especially regarding the enablement of mobile solutions, the public safety market is moving towards establishing a nationwide, interoperable, voice, video, and data-run network: the First Responder Network Authority (FirstNet). Through the National Association of State Chief Information Officers (NASCIO), the goal of this revolutionized public safety communications system is to give first responders access to the modern-day tools necessary to help save lives, solve crimes, and keep our communities safe. Though broadly a nationwide effort, Ed Parkinson (FirstNet director of government affairs) said, “This network – it’s not going to be a one size fits all. It’s really going to be focused on local problems and local solutions”. This represents a sizeable national infrastructure project to undertake, and with many steps yet to come, the implementation of FirstNet remains in the initial development stage.

Through NASCIO’s ongoing research, sustainable business and financial plans for FirstNet are currently under discussion. The 2014 NASCIO report, The States and FirstNet: An Early Look from the State CIOs, was recently released for the purpose of polling the state and territorial CIOs on their states’ efforts in order to evaluate exactly where each state is in the development process. As displayed by NASCIO’s “FirstNet maturity scale”, over 70% of respondents categorized their states as either “developing a governance model” or “organizing its activities with other key stakeholders in the state”, and around 16% have even gone a step further and have “collected baseline data on operations, assets, and user baselines”. Some of these state-driven initiatives are quite far along in this process, showing signs of a regional collaboration. The initial development processes are underway, as is the documentation of each state’s existing Land Mobile Radio System (LMRS) and the focus on other imperative assets. The concentration on these areas as well as the partnering with key vendors including Alcatel-Lucent, Motorola, and Harris Corporation is setting the stage for the ongoing networking, connectivity, and funding necessary to continue this project.

For FirstNet and various other public safety technology modernization initiatives to succeed, participation and innovation from the broader IT community is required. Relying on traditional or legacy public safety solution providers – and their vested interest in maintaining the status quo – is a losing proposition. Promotions such as the White House “create-your-own” public safety apps were created with the intent of drawing in as much collaboration and creativity as possible. Not only does this initiative have the potential to foster an entrepreneurial spirit towards the growth of this network, it also empowers the people to be proactive and fully involved in this effort. We believe that in order to have a successful implementation of a nationwide network, a nationwide effort is necessary, and we will be tracking these initiatives as time progresses.

FirstNet represents a massive opportunity to provide much needed modernization and innovation to public safety communications and to revolutionize how public safety and first responders operate in the United States. That said, today’s LMR-based networks will continue to represent the lifeline for mission critical voice communications among first responders for the foreseeable future, certainly the next ten, if not twenty, years. There is no near term viable alternative that can provide the same level of reliability, redundancy, coverage and immediacy available today.  Moreover, FirstNet, at least initially, will bridge the need for a ubiquitous broadband data network while the need for interoperable, mission critical voice will remain. Only over time will voice be integrated with FirstNet with key technical and functional hurdles of supporting direct mode push to talk (PTT) voice and off-network direct communications for both voice and data needing to be addressed.

Beyond the technical issues, FirstNet faces substantial business model challenges including calculating the feasibility of developing a nationwide network for what amounts to a couple of million users. While FirstNet has $7 billion of federal funding to leverage, this represents but a drop in the bucket when compared to what commercial carriers invest today in building and maintaining their networks. Creative collaboration with national and local commercial carriers, to evaluating options to expand the user community (transportation and utilities, for example) and leasing agreements for excess capacity are all scenarios FirstNet will need to explore moving forward.  VDC will be closely monitoring and analyzing this initiative and these issues in a forthcoming report on the North American market for public safety broadband communications.

Written by Research Associate Natalie Buckner


Google I/O kicks wearable device talk into high gear

June has been a big month for consumer wearable devices – it has seen the Salesforce announce the launch of Salesforce Wear to help build up a wearable-specific ecosystem geared primarily towards smartwatches and augmented vision devices. This month also saw Samsung’s announcement of the Samsung Z – the first smartphone to run on its proprietary Tizen OS, establishing a single platform for its growing family of Gear smartwatches, including the Gear 2, the Neo and the Gear Fit. However, the biggest buzz has come from this week’s announcements at Google’s I/O developer conference. Google had announced its wearable specific OS, Android Wear, in March, but gave more insight this week as to its capabilities and scope. 

Google sees the world moving from your fingertips to your wrist

Contextual data proved a central theme at the presentation for Android Wear. Sundar Pichai, SVP for Android, Chrome and Apps noted that “people check their phones more than 150 times a day,” noting that these interactions often centered on simple pieces of information that require numerous steps, such as unlocking and entering passwords, to access. Google’s answer is to provide this information “quickly, at a glance,” and to supplement the process with voice-activated queries and commands using the familiar, “OK, Google” prompt. Improvements in contextual voice-based software from Apple, Google, and Microsoft for smartphones will be a major component of the new generation of smartwatches on the horizon, given the limited display size and interaction options. The trick, however, will be in balancing voice-activated and touch-based interactions that function seamlessly together and quickly; most interactions for the form factor take place within a 15-20 second timeframe.

As with smartphones, applications are key

For smartwatches and other wearable form factors to move beyond fitness-based fads, OEMs will need to support application development by providing APIs releasing SDKs to developers to support tighter and deeper integration. In the same way that desktop applications could not simply be shrunk down to work on a smartphone, mobile applications will need to be tailored to work with specific wearable form factors in a way that pairs well with other devices, such as smartphones and tablets. Having a robust selection of apps will help wearables to enter a broader slice of daily life and work to overcome the current social discomfort surrounding the devices (cue the numerous references to Dick Tracy or the Borg with Google Glass, or other augmented reality heads up displays). VDC looks in depth at this trend and the implications for enterprise wearables in this month’s VDC View.


Google’s Android Evolution – Knox and Divide? The End of Fragmentation?

With “Android for Work” Initiative, Google’s Next OS Will Feature Samsung Knox Integration

Google made several important enterprise mobility-oriented announcements at its annual developer conference (Google I/O) earlier this week. The company provided details of its “Android for Work” initiative, which aims to help business users separate personal and corporate data. The effort is being supported by prominent handset OEMs (Samsung, Sony, Lenovo, Huawei and HTC), as well as PC OEMs, including Dell and HP. While these OEMs are eager to work with Google, it is likely that the company had to offer assurances (such as guaranteed timely access software updates and key security enhancements) to ensure a solid roster of vendors for the fall release of its next OS “Android L”. Google’s SVP of Android, Chrome and Apps Sundar Pichai shared key details of the next OS (and announced its beta release to developers), and demonstrated several new enterprise features for enhanced security and privacy. The OS will offer a “kill-switch” function (remote factory reset protection), new lockscreen enhancements, and alternative security features such as context and proximity that open up new opportunities for two-factor authentication scenarios (via a companion device such as a smartwatch etc.). The company also announced a new version of its popular consumer file storage, sync and share solution (Google Drive). Dubbed Drive for Work, the service combines the familiar experience of Google Drive with new admin controls, advanced file audit reporting, and eDiscovery services; key features that will allow the service to compete with established vendors such as Box and Dropbox. Google also announced several notable updates to its productivity software ― the company’s popular presentation software, Slides, is now available on mobile platforms. Google has also integrated QuickOffice with its app suite, and has brought the ability to work with Microsoft Office applications natively (no conversion required). However, the big announcement at I/O was the planned integration of Samsung’s Knox security service into the Android OS. While it is not definitive that Knox will serve as the foundational security element for the Android for Work initiative, VDC sees it as likely (Google has provided scant details relating to the integration in Android L’s documentation). Just last month, Google acquired Divide, a firm that developed a rich platform utilizing a similar containerization approach to separate personal and corporate data. While Divide created a superb UX and delivered core productivity apps (a PIM suite of email, contacts and calendar apps), the company’s security features pale in comparison to Samsung’s Knox. Here’s why:

Knox builds on the Security-Enhanced Linux (SE Linux) changes to the Linux kernel developed by the US National Security Agency (NSA) and debuted on the Galaxy S4 in 2013. Knox 2.0 was released earlier this year at Mobile World Congress and builds on the original Knox security feature set through upgraded certificate management, IPSec VPN capabilities and enhanced container security powers. Samsung’s latest Smartphone (the Galaxy S5) ships with Knox 2.0. Key Knox features include:

  • TrustZone-protected certificate management and On Device Encryption (ODE) (via a Trusted Execution Environment (TEE) through a partnership with Trustronic
  • A key store for managing encryption keys
  • Real-time protection for system integrity
  • Two-factor biometric authentication
  • Per-app VPN functions for SSL VPN solutions (with tighter integration with Juniper planned)

The integration of these features has enabled the Knox solution to achieve “Common Criteria Certification”. Knox was evaluated under the internationally recognized Common Criteria Evaluation and Certification Scheme (CCEVS) with an Evaluation Assurance Level (EAL) and Protection Profile (PP) that qualify it as a "trusted" operating system. While this validates the cryptographic foundation of the solutions security features and deems it viable for accessing enterprise networks and high-value information assets, Samsung has only achieved EAL level 1 (there are seven levels in EAL classifications and competitors such as Good Technology have been certified at level 4). While uptake in enterprise settings for Android have been slow, VDC sees the enterprise features that continue to be implemented by Google, along with the upcoming integration of Knox giving CIOs and IT leaders fewer reason to not support the OS.

Where Does Divide Fit?

Divides solution offers FIPS 140-2 validated 256 bit encryption, the ability to encrypt email messages (using S/MIME), as well as basic MDM features. Google announced that it planned to release an application (no carrier involvement required) for Android 4.0 releases (Ice Cream Sandwich) through 4.3 (Jelly Bean) claiming that it will bring backwards compatibility to the aforementioned security enhancements that will be embedded in Android “L”. While this will help significantly with fragmentation, it still leaves the ~20% of Android devices that run OSes < v. 4.0 in the cold. This is very likely where and how Divide will fit into the company’s plans to quash fragmentation. We will be watching for updates relating to this initiative closely.

So What Really Happened?!

"We want to thank Samsung for its amazing work with Knox. It's so good we're going to integrate it directly into our platform,"

Google’s SVP of Android, Chrome and Apps Sundar Pichai, 6/25/14


The announcement that Knox would be “contributed” to Android (see above) was not only unexpected, but had many industry watchers (and Google competitors) guessing and prognosticating. The reality is that we won’t know for certain how the two companies arrived at this arrangement. There has been speculation of a rift between Google and Samsung. Samsung continues to experiment with a competing OS (Tizen) and has clearly been moving forward with its own interpretation/implementation of Android. One thing is certain, though: Samsung is definitely not abandoning its Knox development (the company has > 2,000 engineers working on Knox) and will continue to evolve the platform and target the enterprise with its solutions. VDC views Google’s partnership with Samsung as significant due to its potential impact on the broader Android ecosystem. With businesses embracing BYOD policies, and turning to enterprise-grade solutions that cater to these deployment environments the rapid upgrade cycles for modern mobile platforms has OEMs eager to crack the business market. That is what is most fascinating about the partnership – it will give handset OEMs who have been unsuccessful in targeting the enterprise thus far (such as HTC and Lenovo) a means to compete with Samsung using its own technology. Apple, BlackBerry, and Microsoft have all sharpened their security messaging and are vying for enterprise mindshare.

VDC will be releasing an in-depth mobile security Report in early July.


Recent Posts

Apperian Goes Big on User Acceptance Testing

EMM Vendors not Doing Enough to Satisfy Mobile Security Requirements

Will Good Technology's IPO Be Better than Good?

Oracle augments its cloud services with TOA acquisition

BlackBerry Looks to Voice Encryption to Retain Customers

Apple Welcomes IBM. Seriously.

Microsoft Shifts Focus Back to the Enterprise

Still a Long Way to go for FirstNet

Google I/O kicks wearable device talk into high gear

Google’s Android Evolution – Knox and Divide? The End of Fragmentation?

Related Posts Plugin for WordPress, Blogger...