VMworld Europe 2013
Andrew Hawthorn, VMware
Stig Andersson, UBS
Herve Hulin, VMware
Learn more about VMworld and register at http://www.vmworld.com/index.jspa?src=socmed-vmworld-slideshare
VMworld 2013: Android in the enterprise: Understand the challenges and how to solve them
1. Android in the enterprise: Understand the challenges and
how to solve them
Andrew Hawthorn, VMware
Stig Andersson, UBS
Herve Hulin, VMware
EUC3498
#EUC3498
2. 2 Confidential
Disclaimers
All information conveyed during this presentation is to be treated as confidential.
While every effort has been made to portray actual end functionality and display
information accurately, all items demonstrated within this presentation are subject to
change without notice.
While all efforts have been made to ensure working functionality, this presentation is being
conducted on a test environment which is subject to change and modification without prior
notice, which in turn may impact on the availability, performance and functionality of the
demonstration.
As per the NDA agreement, all information displayed is proprietary to VMware and should
not be copied or recorded in any way during or after this session.
This presentation contains product features that are currently under development.
This presentation of new technology represents no commitment from VMware to deliver
these features in any generally available product.
Features are subject to change, and must not be included in contracts, purchase orders,
or sales agreements of any kind.
Technical feasibility and market demand will affect final delivery.
Pricing and packaging for any new technologies or features discussed or presented have
not been determined.
3. 3 Confidential
Forward-Looking Statements
Statements made in this presentation which are not statements of
historical fact are forward-looking statements based upon current
expectations. Actual results could differ materially from those projected in
the forward-looking statements. Information regarding risk factors that
could cause actual results to materially differ are contained in documents
filed by VMware with the Securities and Exchange Commission, including
report that VMware may file with the SEC from time to time on periodic
reports on Form 10-Q and Form 10-K and current reports on Form 8-K.
VMware disclaims any obligation to update any such forward-looking
statements after the date of this presentation.
4. 4 Confidential
The Changing Device Mix
Source: IDC's Worldwide Smart Connected Device Tracker Forecast Data, February 28, 2013
Connected Device Market by Product Category,
Shipments, 2012-2017 in Millions
5. 5 Confidential
2013 Smartphones Global Trends
OS
In million
of units
Android 178
iOS 32
Microsoft 7
BlackBerry 6
All Others 2
TOTAL 225
Smartphones worldwide
shipment Q2 2013
Source: Gartner 2013
Market share Q2 2013
6. 6 Confidential
Smartphones Trends in Key Markets
North America
Population:354M
Nb of Smartphones:210M
Shipment 2012
Android 71M
iOS 49M
Blackberry 5M
Windows 3M
Western Europe
Population:406M
Nb of Smartphones:260M
Shipment 2012
Android 69M
iOS 26M
Blackberry 9M
Symbian 4M
Windows 5M
Mature Asia/Pacific
Population:82M
Nb of Smartphones:60M
Shipment 2012
Android 28M
iOS 14M
Blackberry 1M
Symbian 3M
Others 3M
Greater China
Population:1540M
Nb of Smartphones:283M
Shipment 2012
Android 79M
iOS 31M
Windows 2M
Bada 1M
Symbian 0.5M
7. 7 Confidential
Android Landscape
Security
• Perception is that
Android is not secure
• Google Play is ‘wild
wild west’
• Enterprise features
(e.g. MDM) weak
Fragmentation Lack of control
• No two devices are the
same in terms of
capabilities or UI
• Hard for IT to support
diverse environment
• OS upgrades are
controlled by
carrier/OEM
• Security patches not
pushed out in a timely
manner
Not much traction in enterprise segment
Widely popular in developing countries
• Lots of choice: screen size, price, capabilities, etc.
8. 8 Confidential
Android in the Enterprise
Android team at Google doesn’t care about enterprise opp
• MDM APIs 3 years behind Apple’s MDM APIs
• 3LM founded by Android team members frustrated with Google
• Motorola bought 3LM
• Google bought Motorola and got 3LM on a platter
• Google kills 3LM and lays off the team
OEMs starting to add enterprise capabilities
• Samsung added SAFE MDM APIs
• LG has its own MDM APIs
Can you say, “Fragmentation”?
11. 11 Confidential
More Apps, More Devices, More Users…. No Help
What has been the impact of mobile devices on your IT helpdesk
over the last two years?
Did not add Helpdesk
staff in response to
increased workload
No increased
workload
Source: Gartner N=392
Added Helpdesk staff
Not sure
12. 12 Confidential
Common Responses Only Mask Problem
Buy a Point Solution Does not scale, increases cost
Creates a management mess
Lock It Down
Unhappy workforce
IT is viewed the “bad guy”
Ignore It Poor IT Control
Security and compliance risk
13. 13 Confidential
IT’s Objective for End User Computing Infrastructure
Deliver the right business apps and data to
user devices in a way that is efficient and
secure for IT and productive for the end user
14. 14 Confidential
VMware Horizon is the Platform for Workforce Mobility
Transform: Simplify
desktops, diverse apps
and data into
centralized services
Deliver: Empower your
workforce with flexible
access across devices,
locations and connectivity
Broker: Manage & Secure
centrally and broker services
to your workforce by policy
16. 17
Mobile Enterprise Business Case
Risks
• Regulatory
Compliance
Breaches
• Financial Loss
• Loss of Reputation
Rewards
• Gain New and
Protect Existing
Revenue Streams
• Reduce Cost
Structures
18. 19
Mobile Enterprise Rewards
Gain New Revenue Streams
• Attract new customers that expect mobile services e.g. video access
to advisor.
• Improve sales stickiness by using digital signatures off iPad during
client visits.
Protect Existing Revenue Streams
• Some customers will switch service providers unless they support
mobile services.
Reduce Cost Structures
• Road warriors without adequate mobile capabilities are less
productive.
• People find it a burden to carry and work across separate corporate
and personal devices, so take longer to complete tasks.
• People are more eager to work for a company that is perceived to be
more innovative, so recruitment and retention costs are lower.
19. 20
Mobile Enterprise Risks
Regulatory Compliance Breaches
• Data Jurisdiction
• Client Data Confidentiality
• Data Loss
• Information Barriers
Financial Loss
• Regulatory Fines
• Revenue Loss from Leaked Product IP
Loss of Reputation
• Data Leakage
• Security Breaches
22. 23
718,000 Malicious High Risk Android Apps in Q2 2013
According to Trend Micro's Q2 2013 Security Roundup Report, the number of malicious and
high-risk Android apps surged from 509,000 in the first quarter of 2013 to 718,000 in the second
quarter. This volume is expected to exceed one million by the end of 2013.
Almost 99 pc of Android devices were deemed vulnerable to android master key vulnerability.
The vulnerability allows installed apps to be modified without users' consent. It further raised
concerns about mostly relying on scanning apps for protection, along with the fragmentation
that exists in the Android ecosystem. OBAD (ANDROIDOS_OBAD.A) also exploited an Android
vulnerability. Once installed, OBAD requests root and device administrator privileges, which
allow it to take full control of an infected device. This routine rings similar to PC backdoors and
rootkits.
The FAKEBANK malware spotted this quarter, meanwhile, spoofs legitimate apps. It contains
specific Android application package files (APKs), which it copies to a device's Secure Digital
(SD) card.
25. 26
Mobile Management Evolution
Mobile Device
Management
Mobile
Application
Management
Mobile Virtual
Machine
Management
Document
Digital Rights
Management
Master Data and
Digital Rights
Management
Personal
Corporate
Corporate
26. 27 Confidential
Mobile Management Is Evolving
USER OWNED
UNMANAGED
IT OWNED
MANAGED
Unrestricted
Personal Device
Corporate-Owned
Devices
Bring Your Own
Devices (BYOD)
Corporate-Owned
Personally Enabled (COPE)
of workers believe
their smartphones
should be enabled for
work and personal
92%Manage
Corporate
Workspace
Only
Device
Apps & Data
Corporate
Apps &
Data
27. 28 Confidential
Secure Mobile Workspace Management
IT Admin
Android
(Available)
iOS
(We are working on it)
Challenge
Users want to use a single mobile device
Keep personal data private
IT doesn’t want to be liable for personal content
Protect sensitive corporate data and take control
of mobile apps and updates
Solution
A mobile workspace that is completely enterprise-
owned and controlled
Ability to provision, manage, and remove corporate
data and applications on employees’ devices
Benefit
Complete separation of personal and corporate
data—IT is not liable for personal content
Support for corporate security, compliance and
privacy policies
Corporate data is encrypted and isolated
Solves Android fragmentation problem
28. 29
Virtualization on Android (Mobile Virtualization Platform)
Personal Corporate
Corporate Workspace
Enterprise Catalog
Mail/Calendar App
Custom Apps
3rd Party Apps
Own your full version of Android OS
Consistent native mobile experience
Deploy applications without modifying them
Solve Android fragmentation
Strict corporate assets isolation
Corporate data encryption
VPN policy for corporate traffic
Prevent data leakage
Exchange email, calendar, secure browser,
file browser and contacts
Your Line Of Business application
Provide productivity features
29. 31 Confidential
Android Workspace Enhancements
New OS and broadening device support
Overview
JellyBean 4.2 as workspace OS
OpenGL graphic acceleration
Enhanced Horizon Mail app
Support for Android tablets
More VMware-ready devices
Benefits
Support for popular OS release
Enhanced application performance
Broader set of devices, form factors
31. 33 Confidential
Sony is supporting Vmware Ready devices as standard feature
Coming soon: Xperia Z1
and Xperia Ultra Z will be
VMware Ready for
World Wide coverage.
32. 34 Confidential
How do Employees Obtain VMware Horizon Workspace/Mobile?
Employees’ Device
VMware Switch
Confidential
33. 35 Confidential
Project Lithium
Lightweight Android Workspace for ANY Android device
• Secure Email/PIM for Exchange, Secure Files and SaaS apps launcher
• Centrally managed in the Administrative Console
• Protect corporate data while preserving private
Built-in data protection:
• Rootkit detection
• At-Rest encryption
Configurable policies:
• Passcode strength enforcement
Remote control:
• Remote lock
• Remote wipe
34. 36 Confidential
Horizon Workspace makes Android Enterprise-Ready
Feature
name
Availability
Supported
devices
Managed
applications
Container
type
Suggested
deployment
Project
Lithium
Soon All Android
devices
Email/PIM
File
SaaS
Application-
level
container
BYOD
Horizon
Mobile for
Android
Now VMware
Ready
Android
devices
Email/PIM
File
SaaS
3rd party apps
LOB apps
VM-based
container
COPE