I cringe every time I connect my new Android devices to a corporate network, and have to accept the horrifying Terms of Service. Enterprise activation, required by most corporations exchange servers for using the built-in email application, allows an employer to wipe my device remotely, among many other scary things. This dual mode Android ability seems like the logical evolution of the new smart phone reality, that my phone is for business and pleasure… and I don’t trust my employer touching my personal data. Read on for the scoop from technologyreview.com.
One Smart Phone, Two Personalities
Thursday, October 13, 2011
By Tom Simonite
AT&T, the second largest wireless carrier in the U.S., and Qualcomm, which dominates the market for smart-phone processors, want to give your phone a split identity. The companies are separately adopting technology that can make a smart phone secure enough to keep IT bosses happy, but open enough to allow its owner to install apps or surf the Web.
AT&T will release its version of the technology, called Toggle, for Android phones this year. Someone using a device with Toggle installed taps the home button twice to flip between personal and work modes. The personal mode behaves like a regular phone and is fully under the user’s control. The work mode looks like a separate phone with its own desktop and suite of apps and is secured by a password. Its functionality is constrained by a company’s IT policy; all data stored or created under the work mode, whether e-mail, contacts, or Web downloads, is encrypted and can be remotely wiped if a phone is lost or stolen.
“People want to use their own smart phones and tablets for work, but that practice can create major headaches for businesses’ IT departments,” says Chris Hill, part of AT&T’s Advanced Mobility Solutions group. “Toggle helps resolve the issue in a simple, affordable manner.”
The smart phone boom triggered by Apple’s iPhone has caused a sharp increase in the number of people using personal mobile gadgets at work, a phenomenon sometimes referred to as Bring Your Own Device, or BYOD. Newer devices made the standard-issue corporate BlackBerry look clunky, and come with apps that can aid productivity.
AT&T’s Toggle is a rebranding of technology developed by Enterproid, a startup based in New York, which launched the technology in a closed beta trial earlier this year. Enterproid is also continuing to develop its own product, says cofounder Alexander Trewby. Android users can sign up to use Enterproid, which is currently free, here.
Trewby and colleagues are also working with chipmaker Qualcomm, which has made changes to forthcoming phone and tablet processor designs to better support Enterproid’s approach. “We will be integrated with their Snapdragon line of processors so we can store the encryption keys that secure our data in the silicon,” explains Trewby. That addresses a vulnerability where data could be stolen from a phone in work mode if an attacker gained root access to a phone and extracted Enterproid or Toggle encryption keys that are currently stored in the phone’s memory. Storing those keys in a device’s processor instead makes such an attack much more difficult, says Trewby, who notes it is even enough to satisfy military organizations.
Activating work mode on a device running Toggle or Enterproid allows access to a suite of basic apps for e-mail, Web browsing, and content management. Enterproid plans to launch its own app store to allow IT managers to remotely install apps on employees’ phones. Trewby and colleagues also hope to encourage developers to contribute apps. “We’re providing the platform for third-party developers, and they will be able to inherit our encryption and security into their own app.”
The fact that two companies as influential as AT&T and Qualcomm are backing Enterproid’s technology makes it possible that such a feature will become common for many smart phones and tablets. However, the approach will not work for the iPhone or iPad, which do not allow one app to run inside another. Apple also has tight guidelines for apps that rule out replicating Apple’s default interface.
Trewby says Enterproid has a good relationship with Apple, and he hopes that in the future, the company will allow a dual-persona system. But for the moment, Enterproid is working on a more basic iPhone app that keeps a work contact list secure.
“We’re seeing demand for a dual mode on iPhone, though, and our existing users on Android really like this approach,” says Trewby, adding that an application for hacked iPads, called iUser, implemented such a system and “got great response.”
Mike Sapien of the analyst firm Ovum says the Bring Your Own Device problem is serious enough to attract Apple’s attention. His company’s research suggests that 35 percent of people currently use a personal device for work data. Sapien says the number is likely higher because many people do so against company policy.
“I think it’s a big enough trend that Apple will find its own solution for this, probably with some key partners,” says Sapien, who notes that Enterproid could give Android phones a competitive advantage over Apple devices in the eyes of some consumers and company IT managers.