81 posts categorized "Mobile Application Software and Middleware"

07/16/2015

Recap: Qatalyst Global’s Managing BYOX & End User Mobility conference

Managing BYOX Event Recap

At Qatalyst Global’s Managing BYOX & End User Mobility conference, organizations such as PG&E, Fairfield University, and Aetna shared their experiences integrating mobile initiatives, while vendors including Apperian, Bluebox Security, Dilligent, IBM, and WorkSpot, explained how their mobile services could increase company productivity and efficiency. We had the opportunity to speak with several of the end users in attendance about their BYOx approaches — not surprisingly, most were still challenged by the complexities of implementing BYOx policies and proving the ROI of these initiatives. The Fairfield University’s CIO, Paige Francis gave a great presentation that illustrated how heavily mobile technology was relied on by her student body and how important it will be going forward to understand the expectations of future generations of workers and customers. Francis spoke at length about the difficulties of meeting student and employee technology needs in a campus environment and how Service Oriented Architecture concepts now applied to mobility (she described this as “Mobile Oriented Architecture”). We agree, as mobile devices and services will need to seamlessly interact with one another independently. 

Qatalyst_byox_event_July_2015

End Users Know They Need to Deliver a Positive User Experience

Companies at the conference were at all different stages of their mobile journey exemplifying the differing pace of adoption. Some companies stood out, PG&E for example has developed and deployed a number of mobile applications to enhance field service operations as well as meet customer needs. Interestingly, the utilities industry, which had remained fairly stagnant in regards to technology over the past few years now stands positioned to develop rapidly as mobile and IoT technologies are incorporated to enhance business processes. Other industries such as health care have been keen to embrace mobile technologies, but issues surrounding contractual and regulatory obligations complicate initiatives. However, a major take away from the conference has to be that keeping it simple in both development and deployment is essential. Focusing on the end user — how the end user will use and experience the technology — can guide the process fairly completely, while financial constraints remain important considerations. As Steve Damadeo — the IT Ops Manager for Festo — explained, BYOD and mobile applications provide ample cost-saving opportunities as well as productivity gains if implemented with a focus on cost containment and user experience.

Privacy Considerations Important Going Forward

Providing a unique and outside perspective on the legal obstacles facing multinational corporations’ mobile plans was VDC Research’s own Eric Klein. His presentation touched on one of the many impediments to crafting an effective technology policy that incorporates mobile; from security and privacy concerns to regulatory and user experience issues. Achieving compliance with laws and regulations that are often archaic in relation to modern technology can be cumbersome. Case law as explained by my colleague Eric Klein has failed to keep up with technological development – particularly with regards to mobile technology. Baker & McKenzie’s data privacy and security expert Harry Valetk was in agreement, and spoke at length about this topic and echoed many of these sentiments. While it will take time, the case law will catch up, Valetk predicted that “regulators and courts will apply the laws as they are today regardless of if they more accurately regulate the technology of 20 years ago”.  

Note: This was a recap of the first day (7/15) of the 2-day event. 

 

05/19/2015

Event Recap – Citrix Synergy

Citrix succeeded in demonstrating it can innovate on application delivery and customer service

Synergy_2015
I had the pleasure of attending Citrix's Synergy customer event this past week in Orlando Florida. The event was well attended (about 7.5K on-prem, and roughly 5K remote attendees) and featured a nice mix of vendors on the show floor that ranged from small startups to heavies such as Cisco, IBM, Intel and Microsoft. After narrowly missing its Q1 numbers a few weeks ago, Citrix needed to demonstrate that its recent restructuring and organizational changes were positives; and that they were helping to transition the business to its next phase of growth. The company's GM and CSO for Workspace Services Geir Ramleth summed it up nicely when he said: "This is a new Citrix we're moving in a more cohesive way." Citrix was successful in this vein, Synergy provided a big opportunity to showcase a robust innovation pipeline in front of the company's most important customers.

The Suite Always Wins (right?)

If you've been tracking the evolution of mobile enablement in the enterprise, you know that many vendors are vying to deliver "holistic" or "end-to-end" mobility solutions (suites). The goal is certainly a noble one, but it is not very realistic. Most large firms are working with several EMM and complementary security vendors, as well as with a variety of application development platform and tool vendors; while this is not ideal, it is a fact of life (today at least). However, as Apple, Google, Samsung and Microsoft continue to refine their mobility solutions, vendors like Citrix will need to focus on helping businesses simplify application delivery and provide them with tools that can help with implementing best practices and with  mobile architecture and security policies. Bottom line, differentiating is going to get tougher. From what I heard at Synergy, Citrix gets it, and is working hard on developing new products and services that will enable businesses to move beyond thinking about which devices to provision and support by offering device and network agnostic solutions that can manage modern mobile applications while enabling them to move legacy applications to a cloud environment via a single control plane.

The "suite approach" isn't going away (IBM, Oracle and SAP have proved that), but it is changing. Opening up platforms is critical moving forward; customers don't want to be "locked in", and need the flexibility to run the applications of their choosing. While Citrix maintains a broad portfolio of products: XenApp, XenDesktop and XenServer to secure data via virtualization, NetScaler and CloudBridge to secure the network, and XenMobile, WorxApps and ShareFile (and now Workspace Cloud) to provide a containerized environment for productivity applications, to share content and provision applications, it is a stretch to call these a "suite". However, the range of these solutions shows how many elements are needed in a modern enterprise. Not to mention important partners that vendors like Citrix must integrate with that can help deliver capabilities for streamlining app development, enhanced security, secure messaging, and user experience reporting/monitoring. Bottom line, suites sound good to customers, but require complementary solutions. While the vision and approach that Citrix is pursuing to enable their customers to seamlessly manage and provision modern mobile applications while helping them move to the cloud is the right one; others have moved in this direction too.

Feud Continues — Enzo and Beyond the Horizon

The fact the VMware unveiled its project "Enzo" the day before Citrix's Synergy event wasn't surprising (after all, Citirix announced key enhancements to XenApp and Xen Desktop the day before VMworld kicked off last summer). Regardless, both Enzo and Citrix's Workspace Cloud share a similar goal and  make use of a control plane to enable customers to deliver a comprehensive mobile workspace to their end users; with the aim of better orchestration between apps, physical resources and the cloud. I plan on digging deeper to learn more about the technical differences between these competing solutions; suffice it to say that these are complex and have the potential to disrupt how end user computing services are delivered. Both Citrix and VMware have robust solutions; however they both are challenged by the strong interdependencies that exist between their various solution components  not to mention limited backwards compatibility as they update their platforms.

One Final Thing ...

One_final_thing

The big reveal at Synergy was Dynamic Containerization (DC) which appears to bypass the need to access and modify an app's source code (a cumbersome and very limiting process). DC brings the ability to containerize any publicly available app from the Apple App Store or Google Play Store. I had the opportunity to speak with several key stakeholders that were involved in developing DC; there is no question that Citrix has proved they can deliver this capability (I've saw a demo), however, I'm skeptical as to whether the method/IP is in violation of the TOS of both Apple and Google. End users would love this capability and have been asking for it; however this will be a wait and see as the product matures.

The #UNCEO

Templeton_on_the_show_floor
Mark Templeton has been with Citrix from the beginning, he's plain-spoken, down-to-earth and is the epitome of the #UNCEO. CEO's like John Legere and Marc Benioff may be the most prominent #UNCEO's, but Templeton should be right there with them (credit to my friend @bobeagan for mentioning this at the event). Not only does he pull off this vest, but Templeton made it a priority to visit with many of his company's partners on the show floor (even the smallest vendors).


Ping Mark and encourage him to be more active on Twitter - it's not too late. After all, Obama just joined this week!

Wrap

This blog didn't cover several of the important initiatives that were revealed at Synergy; namely: WorkspaceHub (a dongle which incorporates both BLE and WiFi and features with VGA and HDMI inputs) that leverages Octoblu (a Citrix cloud platform) to manage M2M interaction between devices by using sensors and wireless connectivity. The demo of this tech wowed the audience as it showed how a workspace could be seamlessly "moved" from one device to another. The integration with Amazon's Echo was the most impressive element as it enabled voice-control in the workplace. Concierge: which enables real-time customer service and support directly from within a mobile application (great use of #WebRTC). Citrix also showed off CubeFree: a modern version of the WiFi finder mobile app but for finding reliable workspaces (cool concept).

Upon leaving the event, it was clear that the company's key executives and product owner/managers had been busy working on the technology that was showcased. Citrix's vision is a good one, but it will definitely take time for companies to make a meaningful move in the direction that the company is moving in. There are a variety of factors that have placed CIOs in a holding pattern when it comes to extending mobile applications to their workforce. These range from the acknowledgment of not being properly equipped to support mobile platforms (from an IT and resource perspective) to being unable to successfully articulate the value proposition and ROI from mobile enablement to corporate leaders. But from what I'm seeing in the market, it will only be a matter of time ...

 

04/23/2015

Mobility is Driving Enterprise Collaboration Innovation

Long a bandied-about buzzword, collaboration has gotten an enterprise makeover in recent years in integrating chat and content sharing. The market has emerged from its roots in consumer-grade social networks like Facebook and Twitter to incorporate established enterprise players like IBM, Oracle and SAP, especially after Microsoft’s acquisition of Yammer in 2012. Since then, enterprise-specific social networking products have transformed from more consumer styled chat tools to fully fledged business collaboration platforms that have the potential to replace not only intranets, but knowledge management systems and corporate portals as their features and functionalities continue to expand. The main driving force behind this explosion in innovation has been mobility, both on the consumer and the enterprise front, as the impact of mobile-native millennials entering the workforce grows.

Differentiation in a crowded market

Companies are increasingly coming to understand the value of employee collaboration and of enterprise social networks (ESN), particularly as social media becomes a more integrated part of professional and personal daily life. However, the low barrier to entry has meant that there is an abundance of options available, ranging from consumer-grade chat options to Tier-1 solutions and everything in between. The result is a crowded market with considerable overlap, making it difficult for vendors to differentiate themselves. Although many companies faced with a plethora of options turn to existing solutions providers like IBM, Oracle and Salesforce, there has been room for innovators to disrupt the marketplace. These include companies like Atlassian, Slack and Zimbra, who offer a streamlined, mobile-first approach to collaboration. The sheer number of market players and the stratospheric levels of funding mean that the playing field is wide open with no apparent winners, which in turn is putting pressure on big name vendors to bring powerful collaboration tools to the table.

Appealing to a workforce that spans multiple generations

While the millennial generation has proved to be a significant driving force behind the adoption of more consumer-like collaboration tools in the enterprise, there is a challenge in getting older employees to adapt their work habits to embrace a more fluid approach to work and collaboration. For companies like Tangoe, considering the requirements of an inter-generational workforce has been central to the design and development of their product. In order to overcome resistance to new work processes and collaboration tools, vendors have the ability to introduce adaptive elements that can learn from end-users’ habits, although this presents privacy and security issues that would need to be addressed by the vendor.

Seamless integration is key

There is definite value in areas like user-defined contact preference, one-on-one and group chats, and content sharing, particularly when combined with a mobile-first, device-agnostic approach. This is increasingly becoming the norm across enterprise productivity applications and products. However, to be truly powerful, these solutions must be able to provide a user experience that meets the high expectations of a user base accustomed to consumer products and seamless integration. In an era where many longstanding productivity applications like email are undergoing significant revamps, a lack of integration could lead to a glut of programs and unnecessary app-switching, which is inefficient and cumbersome. Any shortcomings in either category can result in a lack of employee buy-in, or worse, employees resorting to workarounds using consumer-grade programs that lack the necessary security features and risk data leakage. Major players like Microsoft, Salesforce and SAP have done well in integrating their collaboration tools into their portfolio, but the bar has been set high to meet expectations. Given the growing market for enterprise collaboration, however, it is a challenge that a growing number of vendors are willing to accept.

with Kathryn Nassberg, Analyst

03/17/2015

Does the New SecuTABLET Foreshadow BlackBerry's Transition to Software?

Following a turbulent year which saw sizable contractions and the launch of two new devices, the BlackBerry Passport and the Classic, the company once again made headlines this week with the announcement of its first foray in years into the tablet market after the failure of the ill-fated PlayBook with the unveiling of the SecuTABLET, a high-security tablet based on the Samsung Galaxy Tab S 10.5. Presented in collaboration with IBM at CeBIT 2015, the device is squarely focused on security, with the public sector and security-minded enterprises as its target market. Aiming for the highest levels of security, the device, which has been designed with European governments in mind, is currently undergoing certification for a German VS-NfD (classified – for official use only) rating, making it one of the most secure tablets to enter the market in an era where concerns around data leakage and breaches continue to grow. The tablet marks a notable departure for BlackBerry, as this represents the first device from the company that does not feature proprietary hardware or OS. 

A powerful enterprise partnership

As noted in BlackBerry’s press release, a study from IBM’s Institute for Business Value (IBV) found that 63% of public authorities want mobile access to mission critical apps, but the level of security required through legally mandated restrictions towards data privacy present a considerable obstacle. As a result, there is a dearth of solutions that fit a “government-grade” level of security demanded by the public sector. To address the gap, BlackBerry has worked to form a partnership with some of the best-in-class solutions providers to create a turn-key, secure tablet solution that meets stringent security requirements. The device features recent acquisition SecuSmart’s security architecture and secure SD card and driver, in addition to the trusted execution environment protections from Samsung’s KNOX platform, and is complemented by Apperian’s secure app store and app-wrapping capabilities. The latter’s app management, which has proven itself to be best-in-class and speaks to the firm’s strength in the MAM category. Meanwhile, IBM brings considerable industry-specific expertise to the table, as well as the ability to bring mobile solutions to a wide array of both regional and vertical environments.

Embracing the niche

Despite a high price point of €2,250 (US$2,380), the move represents a smart and positive development for BlackBerry, which has struggled to maintain enterprise relevance in the face of steep declines in market share against Android and iOS devices. By teaming with Samsung, not only can BlackBerry offload the hardware requirements in bringing the SecuTABLET to market, it also can take advantage of a considerably larger user and application base than would be available to its own proprietary OS, whose market share has dwindled to single digits in recent years. If anything, this strategy holds significantly more potential as it allows BlackBerry to pivot away from its hardware roots While it is still too early to tell, preliminary guidance reveal tepid adoption rates of its smartphones that mean any attempts to regain general market share will be an uphill struggle at best. By focusing on the niche that is government and high-security enterprise, BlackBerry can leverage its differentiation through high-level security to its advantage, especially with its acquisition of Secusmart. However, while there have been competing solutions from the likes of Motorola’s AME 2000 and Apple, through its collaborations with KoolSpan and its own Root of Trust to provide similar hardware-based solutions, BlackBerry’s traditional strength in the public sector and the sophistication of the SecuTABLET solution will offer a meaningful point of differentiation to help it withstand the competition.

With Eric Klein, Managing Director

03/10/2015

The EMM Pivot is Upon us #MWC15 EMM Recap

Mobile first EMM vendors know they must evolve — and they are ...

As one might expect, the high profile handset refreshes from Samsung (Galaxy S6), HTC (M9) and LG (G Flex 2) and the notable (and well timed) acquisition announcements (NXP acquiring Freescale, HP acquiring Aruba Networks, and Mitel's acquisition of Mavenir) garnered the lion share of the post MWC media coverage. However, there was something different at MWC this year. There was a "new partner" sitting in on several of the briefings we had at MWC.

Google sent several senior executives to Barcelona (Sundar Pichai, Rajen Sheth, and Andrew Toy were the most visible)  either Rajen or Andrew was present (and actively participating) at several of the meetings we attended at MWC the exception? Our meeting with Good Technology. Why? Read on.

Android for Work is Legit and KNOX is Not Dead (yet)

Every prominent enterprise mobility vendor has moved quickly to completely integrate with the Android for Work platform.

Android_for_work

Good is negotiating with Google and is likely to join the other prominent vendors listed above who were quick to announce their integration with the Android for Work Platform however, it appears as though Good (and SOTI) have forged strong(er) partnerships with Samsung. Both seem to have gone further than their peers in integrating with the company's KNOX platform (which is not just a container). While all of the vendors listed above have been working with Samsung's KNOX platform; after speaking with several Samsung executives, the level of integration with KNOX is varied. Good and SOTI have seen traction from their partnership with Samsung and have figured out creative ways to go to market (one sure fire method is to give away the device  while not sustainable, it appears as though Samsung is willing to do so). Here's what my colleague David Krebs wrote in his MWC Event Recap post:

KNOX
In summary, we see both Good and SOTI benefiting by working with both Google and Samsung. Both vendors have a sizable footprint in both government and financial service industries. We expect that Good will formalize its partnership with Google soon.

ACE to the Rescue

The launch of App Configuration for Enterprise (or ACE) was timed for MWC. Five prominent enterprise mobility vendors (AirWatch by VMware, Box, Cisco, Workday and Xamarin) have collaborated on the standard which aims to simplify and scale the deployment of apps in the enterprise. The benefits are clear and straightforward (see below).

Ace_benefits

There is no question that enterprises are challenged by app provisioning and distribution. Considering that multiple versions of the same app (built with different SDKs) is now normal, the standards-based platform agnostic approach (thanks to the ability to seamlessly invoke both the latest iOS and Android   APIs) will be welcome. However, the consortia needs to get other important vendors on board (Citrix, IBM, Microsoft, Oracle and SAP come to mind). 

EMM Evolution

My next report (scheduled for May) will focus on the evolution of EMM. I'm seeing some interesting (and consistent) thinking from prominent EMM vendors on how they intend to evolve and differentiate their platforms moving forward. Key initiatives that are in development and on most road maps include:

  • Split billing
  • Unified Endpoint Management
  • Enhanced email clients
  • Architecture enhancements
  • UX / Console optimization

I'm actively scheduling briefings to discuss the evolution of EMM and the pivot that I anticipate. If we didn't meet at MWC, I'd welcome to opportunity to discuss this topic with you in the next few weeks.

Kudos to GSMA for hosting another top-notch event. See you at MWC 2016!

 

12/08/2014

VC $'s Flowing into Mobile Development Startups

More than $200M has been invested in notable vendors that are participating in mobile development platform and tools market in just the past ~12 months.

Significant venture capital investments continue to pour into the mobile development platform and tools space. More than $200M has been invested in notable vendors that are participating in this market in just the past 12 months (see below). VC's who are banking on successful exits have reason to optimistic in our view.

Mdp_funding

On the M&A front, there have been two notable (and recent) acquisitions. mBaaS vendor FeedHenry was acquired by Red Hat in September 2014 for $82M, and testing and UI framework specialist Telerik was acquired by Progress Software in October 2014 for $262.5M. These are large transactions when compared to prior acquisitions in this space, which were on the smaller end of the spectrum (RhoMobile by Motorola, Nitobi by Adobe, and Worklight by IBM).

VDC believes that M&A in the space will be on the rise in terms of the size and number of acquisitions; this is natural in a rapidly evolving space. Core engineering will play a big part in vetting the valuation of future transactions with open technology, scalability, security, and resilience leading the charge. VDC sees valuations rising, based not only on revenue and progress with customer acquisition but on innovation and the ability to tie into broader ecosystems and emerging markets.

There are several logical buckets for potential consolidators in this space. Large enterprise software/middleware (such as IBM, Microsoft, Oracle, and SAP); Cloud vendors in the PaaS space who are looking to augment their mobile capabilities (e.g., Amazon, Citrix, Salesforce, VMware etc.); application lifecycle vendors (such as Adobe, Opentext, and Progress Software); mobile solutions providers (such as Intel and Synchronous); and potentially IT professional service providers looking to integrate and assemble their own solution to service their customers. We also believe there will be consolidation among the distribution, discovery, and analytics players. In summary, we believe the mobile applications space has reached an inflection point and thus will gain increased interest on both the funding and M&A front.

For more insights into our coverage of the mobile development platforms and tools market you can download the executive brief to the recent Report that we published on this topic.

10/02/2014

LANDESK consolidates mobile productivity position with Naurtech acquisition

Yesterday, Systems user-oriented IT solutions provider LANDESK announced its acquisition of Naurtech, a firm that develops connectivity solutions to provide mobile access to enterprise data and applications for devices running Windows CE. The move represents the firm’s third mobility acquisition in three years and consolidates LANDESK’s terminal emulation capabilities, which, while somewhat niche, remain central for industry segments like warehousing and manufacturing. Despite being a somewhat older technology when compared to other branches of enterprise mobility products and solutions, the ability to integrate from the backend is critical. While Naurtech has remained a relatively quiet brand to date, it nevertheless has a longstanding history that compliments the capabilities of Wavelink, an enterprise mobility firm that provides terminal emulation, voice-enabled productivity software and device management solutions acquired by LANDESK in 2012. As Vice President of mobile productivity business Steve Bemis notes, “Naurtech brings complementary expertise that will strengthen support for our mobile operating systems and provide support for additional ruggedized devices.”

In addition to providing access to certain segments of the market – like aviation and retail – to which LANDESK previously did not have, the acquisition of Naurtech fills an important gap by providing one of the only SAP-ready solutions to the market. The existing relationship gives the firm a distinct advantage for organizations looking to improve line-of-business worker productivity within a SAP framework. The acquisition also serves as an investment in engineering as Wavelink takes over to modernize and advance mobile platforms for LOB solutions moving forward.

Although not a market moving deal, the transaction does fortify Wavelink’s leadership position in TE for mobile line of business applications. In addition to plugging a key gap in its solution and partner portfolio, Wavelink has the opportunity to leverage Naurtech’s engineering and development resources to lead much needed mobile application modernization within its target markets.  

With David Krebs, Executive Vice President

08/20/2014

Apperian Goes Big on User Acceptance Testing

The rise of the custom B2C and B2E app

With an increasingly mobile workforce relying on a combination of enterprise-issued and BYOD devices, the need of custom-made applications to support line of business workflows has grown significantly in recent years.  Data from VDC shows that there is a clear trend towards custom applications that are internally developed, as the year-on-year change for internally developed apps was positive across all industry verticals surveyed. Field mobility in particular saw a marked increase from 30% to 45% of apps being custom developed in-house.  While an increasing portion of resources are being allocated to development, quality assurance (QA) and user acceptance testing (UAT) are often complex and long processes that require specific skills and can be difficult to scale. Frequently, the testing pool is limited, and often relegated to a small number of employees, or even the developers themselves, which can adversely affect the user experience of the app. Apperian, a mobile-first ISV, is looking to address this shortcoming with the industry’s first large-scale solution for user-acceptance testing for mobile applications.

Engaging the community

Looking to overcome the traditional constraints of app testing, Apperian seeks to cast a broader net to both improve the stability and quality of the app, and to significantly cut down on time-to-market. According to CTO Carlos Montero-Luque,  Apperian has “reimagined what mobile app testing should be by empowering hundreds and even thousands of employees and/or contractors to be part of a user acceptance test process,” which they cite has already had a significant impact for early customers. In addition to saving money and time, engaging employees and the broader community provides a platform in which stakeholders have an opportunity to voice their opinions and know that their needs and concerns are being heard.

Security remains an issue

With the number of apps being developed in-house on the rise, security still remains a critical issue. Recent data from a VDC survey on software development reveals that only 8% of respondents have an application security program in place that is specific to mobile applications. When looking at in-house development, that number drops even lower, with a scant 4% of respondents having the means to test applications in-house.  Although most protection revolves around secure coding techniques, other measures, including binary protection countermeasures, are necessary to prevent hackers from pirating or compromising the confidentiality and integrity of applications. Failure to do so can result in applications that are easily reverse-engineered and modified. 

Security Practices Implemented During Mobile Application Development

Apperian blog

VDC data shows that while basic security needs are being met, there are still considerable gaps that remain and need to be addressed, as we have highlighted in previous blogs. This is a pain point for many enterprises and an opportunity for companies like Apperian, especially as development costs continue to rise. Adopting and utilizing tools to help ensure that mobile Software Development Life Cycle (SDLC) best practices are being used will be critical for organizations as they pursue broader mobile enablement initiatives. Moving forward, sophisticated QA techniques, along with strategic usage UAT processes can help to ensure that apps have been adequately protected from hackers will be required, as the cost of security breaches can be enormous, not only in dollars but also in lost time, productivity, and an overall feeling of organizational well-being.

 (With Eric Klein, Senior Analyst)

06/27/2014

Google’s Android Evolution – Knox and Divide? The End of Fragmentation?

With “Android for Work” Initiative, Google’s Next OS Will Feature Samsung Knox Integration

Google made several important enterprise mobility-oriented announcements at its annual developer conference (Google I/O) earlier this week. The company provided details of its “Android for Work” initiative, which aims to help business users separate personal and corporate data. The effort is being supported by prominent handset OEMs (Samsung, Sony, Lenovo, Huawei and HTC), as well as PC OEMs, including Dell and HP. While these OEMs are eager to work with Google, it is likely that the company had to offer assurances (such as guaranteed timely access software updates and key security enhancements) to ensure a solid roster of vendors for the fall release of its next OS “Android L”. Google’s SVP of Android, Chrome and Apps Sundar Pichai shared key details of the next OS (and announced its beta release to developers), and demonstrated several new enterprise features for enhanced security and privacy. The OS will offer a “kill-switch” function (remote factory reset protection), new lockscreen enhancements, and alternative security features such as context and proximity that open up new opportunities for two-factor authentication scenarios (via a companion device such as a smartwatch etc.). The company also announced a new version of its popular consumer file storage, sync and share solution (Google Drive). Dubbed Drive for Work, the service combines the familiar experience of Google Drive with new admin controls, advanced file audit reporting, and eDiscovery services; key features that will allow the service to compete with established vendors such as Box and Dropbox. Google also announced several notable updates to its productivity software ― the company’s popular presentation software, Slides, is now available on mobile platforms. Google has also integrated QuickOffice with its app suite, and has brought the ability to work with Microsoft Office applications natively (no conversion required). However, the big announcement at I/O was the planned integration of Samsung’s Knox security service into the Android OS. While it is not definitive that Knox will serve as the foundational security element for the Android for Work initiative, VDC sees it as likely (Google has provided scant details relating to the integration in Android L’s documentation). Just last month, Google acquired Divide, a firm that developed a rich platform utilizing a similar containerization approach to separate personal and corporate data. While Divide created a superb UX and delivered core productivity apps (a PIM suite of email, contacts and calendar apps), the company’s security features pale in comparison to Samsung’s Knox. Here’s why:

Knox builds on the Security-Enhanced Linux (SE Linux) changes to the Linux kernel developed by the US National Security Agency (NSA) and debuted on the Galaxy S4 in 2013. Knox 2.0 was released earlier this year at Mobile World Congress and builds on the original Knox security feature set through upgraded certificate management, IPSec VPN capabilities and enhanced container security powers. Samsung’s latest Smartphone (the Galaxy S5) ships with Knox 2.0. Key Knox features include:

  • TrustZone-protected certificate management and On Device Encryption (ODE) (via a Trusted Execution Environment (TEE) through a partnership with Trustronic
  • A key store for managing encryption keys
  • Real-time protection for system integrity
  • Two-factor biometric authentication
  • Per-app VPN functions for SSL VPN solutions (with tighter integration with Juniper planned)

The integration of these features has enabled the Knox solution to achieve “Common Criteria Certification”. Knox was evaluated under the internationally recognized Common Criteria Evaluation and Certification Scheme (CCEVS) with an Evaluation Assurance Level (EAL) and Protection Profile (PP) that qualify it as a "trusted" operating system. While this validates the cryptographic foundation of the solutions security features and deems it viable for accessing enterprise networks and high-value information assets, Samsung has only achieved EAL level 1 (there are seven levels in EAL classifications and competitors such as Good Technology have been certified at level 4). While uptake in enterprise settings for Android have been slow, VDC sees the enterprise features that continue to be implemented by Google, along with the upcoming integration of Knox giving CIOs and IT leaders fewer reason to not support the OS.

Where Does Divide Fit?

Divides solution offers FIPS 140-2 validated 256 bit encryption, the ability to encrypt email messages (using S/MIME), as well as basic MDM features. Google announced that it planned to release an application (no carrier involvement required) for Android 4.0 releases (Ice Cream Sandwich) through 4.3 (Jelly Bean) claiming that it will bring backwards compatibility to the aforementioned security enhancements that will be embedded in Android “L”. While this will help significantly with fragmentation, it still leaves the ~20% of Android devices that run OSes < v. 4.0 in the cold. This is very likely where and how Divide will fit into the company’s plans to quash fragmentation. We will be watching for updates relating to this initiative closely.

So What Really Happened?!

"We want to thank Samsung for its amazing work with Knox. It's so good we're going to integrate it directly into our platform,"

Google’s SVP of Android, Chrome and Apps Sundar Pichai, 6/25/14

Sammy_blog

The announcement that Knox would be “contributed” to Android (see above) was not only unexpected, but had many industry watchers (and Google competitors) guessing and prognosticating. The reality is that we won’t know for certain how the two companies arrived at this arrangement. There has been speculation of a rift between Google and Samsung. Samsung continues to experiment with a competing OS (Tizen) and has clearly been moving forward with its own interpretation/implementation of Android. One thing is certain, though: Samsung is definitely not abandoning its Knox development (the company has > 2,000 engineers working on Knox) and will continue to evolve the platform and target the enterprise with its solutions. VDC views Google’s partnership with Samsung as significant due to its potential impact on the broader Android ecosystem. With businesses embracing BYOD policies, and turning to enterprise-grade solutions that cater to these deployment environments the rapid upgrade cycles for modern mobile platforms has OEMs eager to crack the business market. That is what is most fascinating about the partnership – it will give handset OEMs who have been unsuccessful in targeting the enterprise thus far (such as HTC and Lenovo) a means to compete with Samsung using its own technology. Apple, BlackBerry, and Microsoft have all sharpened their security messaging and are vying for enterprise mindshare.

VDC will be releasing an in-depth mobile security Report in early July.

04/11/2014

IBM Steps up Competition with MobileFirst Initiative

This week, IBM announced the expansion of its MobileFirst Consulting Services, its mobile solution portfolio launched in 2013 to streamline and accelerate enterprise mobile adoption. The announcement highlighted eight services designed to solidify mobile infrastructure consulting, mobile application management, and mobile device procurement and management services.  With this, IBM is further expanding its reach within a market that has matured and consolidated considerably within the past year.

IBM paves the way to go big with mobile solutions

IBM has made significant strides to increase the scope of its services, increasingly eschewing hardware in favor of applications and services and bolstering its already strong presence in the cloud. The firm’s acquisition of Fiberlink in November of last year came as no surprise and will provide the opportunity for IBM to be a significant player in their mobile infrastructure consulting services space. As early as 2012, VDC blogged that the roster of vendors offering EMM solutions would likely broaden to include a spectrum of technology-oriented vendors including hardware OEMs. Fiberlink, a mobile-first MDM vendor, was a smart and necessary acquisition if IBM wants to become a leader of MDM consulting services. In light of the tech giant’s recent activity, we believe that IBM is in a position to put programs in place to enable partners to sell its MobileFirst platform both as a managed service and on an a la carte basis. Given IBM’s resources and brand recognition, VDC feels it’s only a matter of time before IBM launches a large-scale marketing campaign to fully leverage its position and kick the competition into high gear.

Let the mobile hunger games begin

Recent activity in the mobile solutions market underscores how the sector is more competitive than ever. Wave after wave of acquisition have mostly cleared the way for larger companies, who are increasingly feeling the pressure to perform either on price or innovation. Following IBM’s acquisition of Fiberlink, VMware’s January acquisition of AirWatch and the much-anticipated entrance of Microsoft with its EMM solution offering announced at its Build event last week shows that the stakes are higher than ever. While these acquisitions provide the means to offer a broad portfolio of solutions, integrating these vendors quickly and efficiently is still critical.  

Those who have survived the acquisitions are digging in their heels for the long run: just last week, MobileIron filed its S1 in anticipation of going public and Good Technology isn’t far behind as it moves towards its own S1. The filings show a proven business model and investor confidence, but competition will still be high as IBM expands its reach and other large firms like Oracle and Dell enter the space. The market has matured at a lightning pace, with smaller and larger firms alike experiencing compressed timeframes as ever-larger companies enter the ring. 

(Reserach and contributions by Eric Klein and Katelyn Moroney)