Apple released version 7 of its iOS mobile operating system on Sept. 18, and while the first conversations in this case are naturally about how this affects the company’s global consumer market, for the first time Apple now has an OS that adapts much better into an enterprise environment.
And who better to inquire about enterprise software management than VMware, whose products and services are said to be present in about 90 percent of all enterprise IT systems in the world.
“If you look at enterprises, pretty much every table I sit around, 95 percent of the people have iPhones,” Erik Frieberg, vice president of product marketing and end-user computing at VMware, told eWEEK. “It’s clearly walking through the door into enterprises.
“The question is about iPhones and even iPads: How much of that is now being adopted by IT? What is IT doing to embrace these devices and provide corporate access to information?”
New Income Stream for VMware?
VMware, a development partner of Apple for several years, has been anticipating iOS 7 for a long while and is ready for it. This will comprise a whole new income stream for the virtualization king over time as it puts together specific solutions for developers writing apps for iPhones and iPads used in enterprises. Previously, it was rare to hear VMware and Apple mentioned in the same sentence.
“The new device management capabilities in iOS 7 will enable third-party vendors such as VMware to provide users the applications and data they need to be productive, while enabling IT to provide the policy, security and control of corporate content so IT administrators can securely manage the devices and offer BYOD,” Frieberg said.
The most important news for developers about iOS 7 is that Apple updated its mobile-device management application programming interfaces (APIs) to also manage software. So in addition to controlling the firmware in devices, IT also can now control applications.
Here’s a quick review of relevant features now in iOS 7 that will affect enterprise IT developers, which VMware Senior Director for Mobile Solutions Srinivas Krishnamurti described in a July 31 blog post:
—Control of Open In: With iOS 7, Apple will introduce a new API that lets IT administrators control which applications (called managed apps) they will allow users to use to open attachments. Prior to iOS 7, users could open an attachment within an email using any document application (i.e., native viewers, Dropbox, Evernote, QuickOffice, etc.), which was a security hole since it increased the risk of data leakage, especially through consumer cloud services.
—Per-application virtual private network (VPN): Prior to iOS 7, VPN connections were implemented at the device level, which meant that once you enabled VPN on a device, every application on the device would have access to the intranet. With iOS 7, Apple allowed a set of managed applications to use a VPN tunnel using any of the supported VPN vendors (such as Cisco, Juniper and F5), which offers greater control and security for IT.
—Single sign-on (SSO): In iOS 7, Apple implemented Kerberos SSO at an application level. So if your in-house native iOS application uses Kerberos-style authentication, you could use SSO to authenticate users to the application.
—Configure application settings: In addition to pushing and deleting applications on the device, iOS 7 will allow IT administrators to configure application settings, as well.
“Typically, email and calendar are the first steps [in such a BYOD integration project], then they start to get into files. Eventually, some companies will move to applications—even full-on Windows desktops for these [iOS] devices,” Frieberg told eWEEK.
In iOS 6 and earlier, for IT to secure an iPhone or iPad, a third-party or homegrown workaround for each enterprise application had to be developed and configured in order to satisfy security requirements. This is called app-wrapping.
In the enterprise, app wrapping allows an administrator to take an application, associate extra security and management features with it and re-deploy it as a single containerized program in an enterprise app store.
“In iOS 7, they’ve built in all the plumbing for doing things like security and app-wrapping. Now you can take any email client and configure it through iOS 7 to be a secure email—and control cutting and pasting, access to various security levels, and so on. Now any application in app catalog is available as a secure version,” Frieberg said.
Not all applications, at this point, will be immediately configurable for iOS 7, Frieberg said. “What they’ve done is taken 90 percent of what people want to do and enable that in the base OS, so there’s no real reason to buy third-party app-wrappers or secure versions of applications,” he said.
Now that the stage is set for easier and more effective use of enterprise apps on iPhones and iPads, VMware has placed itself in the position of being a go-to vendor for developer tools for this purpose.
The situation with Android is a lot more complicated. Android is fragmented in several different versions, with different vendors adding their own input, thus there is no one single approach that fits all, Frieberg said. For example, Samsung has KNOX, an app store that’s like a secure container, he said.
VMware is basically “embracing what Apple has done, because we think it’s the right way to do device management,” Frieberg said.
“The other thing is that Apple has built an incredible foundation for us to build on top of. You now don’t have to hack the OS to build in app-wrapping and security in a non-standard way.”