Skip Links

Many organizations struggle to define mobile work/play boundaries

There's a time and place for Angry Birds

By , Network World
November 21, 2013 03:56 PM ET

Network World - The K-12 private education Paideia School in Atlanta now hands out about 550 Apple iPads each year to students for classroom teaching and homework purposes. And while students love them, some parents are now pressing the IT department to restrict use of apps on the devices because they think there's too much game-playing.

angry birds

“We don’t block the apps the students are using, and a lot of students are playing ‘Angry Birds,’ something we don’t want,” says Brian Meeks, network engineer at Paideia School. Teachers there have embraced iPads as an academic tool for classroom learning, and the school’s philosophy is to encourage students to adhere to using iPads only for schoolwork. But kids will be kids, and their parents are noticing their children see the iPads as great toys as well.

Meeks says the school may well have to reluctantly make the decision to put tighter controls on the school’s iPads.
Paideia School has deployed the mobile-device management (MDM) software Sophos Mobile Control on the student iPads for purposes that include managing inventory, configuring and installing apps, and checking to make sure iPads aren’t “jailbroken.” In the future, Sophos Mobile Control may be used to restrict the apps that students use, too, says Meeks.

HP: 90% of Apple iOS mobile apps show vulnerabilities

Differentiating between apps for work and play is not just an issue for schools. Businesses and government have similar concerns about work and personal apps. Most of the MDM software can use whitelisting to restrict apps, points out Andrew Braunberg, research director at NSS Labs, which does analysis and testing of network gear.

But many organizations want to go further than just whitelisting, Braunberg notes, by creating a “secure workspace” on mobile devices, whether these are corporate-issued or the employee’s own “Bring Your Own Device” (BYOD) personal mobile device.

One challenge in doing this, says Braunberg, is that the popular mobile platforms, especially the ubiquitous Apple iOS and Google Android, are changing fast, creating both the opportunity to do new things but the struggle of keeping up with the latest bells and whistles.

The Apple iOS 7 platform, for example, “has an additional way to do containerization through what’s called ‘Managed Open In’,” says Braunberg. Apple’s ‘Managed Open In’ feature in iOS 7 lets IT managers control which apps and accounts are used to open documents and attachments. It can prevent personal documents from being opened in managed apps.

There are many other approaches to this idea of “secure workspace” and NSS Labs goes into several of them in its report out this week entitled, “Need for Data Isolation Drives Innovation” on which it reviews a number of today’s mobile application management (MAM) options.

In this report, NSS Labs examines several options for “secure workspace” technologies available from vendors AirWatch, Aruba Networks, Cellrox, Citrix, Enterproid, Fixmo, MobileSpaces, OpenPeak, Red Bend, Samsung and VMware.

Our Commenting Policies
Latest News
rssRss Feed
View more Latest News