The answer to the BYOD question is Virtualization.

The answer to the BYOD question is Virtualization.

Summary: Virtualization seems to be everyone's answer to every problem. For BYOD, it might just be the answer to stressed budgets and user happiness.

SHARE:

If you missed the BYOD battle royal between Heather Clancy and me or my awesome win on said debate, you can read my summary of the debate and the issue, "BYOD: The inevitable reality." But, you might ask yourself after reading the debate entries and my summary of it, "Why did Ken win the BYOD debate?" It's a legitimate question because you, the readers, voted that BYOD is a fail. Heather did a great job of pointing out some weaknesses of the whole BYOD idea. The reason that I won is simple--and it really had nothing to do with me or my arguments--BYOD is the inevitable result of a new workforce. And, the answer to the question of BYOD is virtualization.

Now, you might think that saying, "Virtualization," is a generic term, a panacea or a cop-out. Actually, it's none of the above. Virtualization, the way I'm using it, means an all-encompassing technology with which developers, managers and CXOs can begin to rethink how users interact with Enterprise resources. Virtualization isn't simply server virtualization and it's definitely not VDI--it's both.

That's right, it's both. In the future, when a user connects to resources, she won't know whether she's connecting to a server, a virtual desktop or a virtualized application. Further, she doesn't really need to know, since she's only connecting to resources: a database, a web-based application, a calendar or email. And, it won't matter which device she decides to use to make those connections.

She could be at home connecting to email with her phone and using her laptop to reprogram some code for an application gone awry during the last promotion from staging to production. Regardless of the use case, she's using her own laptop and her own phone to make the connection into the data center a mere two thousand miles away.

Virtual Desktops

I bash VDI a lot but it has its place. And, its place is the new data center-centric computing environment. For better security, businesses will seek to remove the operating system and its data from the end user's control. That's a good move. Lost or stolen devices are but one argument on the for side of the VDI question. If you lose your laptop, the entire contents of your hard disk are only two screws away from compromise. A thief doesn't have to know your login name or password. He can remove the disk and attach it to another computer for instant access to everything on the disk: data, documents, email and your password file that you have on your desktop because you can't remember all those annoying passwords that keep changing.

Once you think about that, all those anti-Cloud rants seem silly, don't they. If your operating system resides in a data center and your data in the Cloud, what's on your stolen laptop? It could be a minimal Linux system that connects you to your workspace via a VPN. No data. No documents. No password file.

Nothing to see here, move along.

Sure, you've lost a laptop but that's all you've lost. Your important documents, your company's proprietary data and the contents of your ongoing projects are all safe and sound. It's safe because it's not on your laptop. While you wait for a replacement, you can use your tablet and your phone to complete the day's tasks.

Application Virtualization

Applications are what we use to do our work. Word processing, email, web browser, SSH client, RDP client, text editor and SQL client are all examples of applications. Citrix taught us how to use applications that we didn't have installed on our computers. And, the theory is that you shouldn't have to pay for an application that you never use.

For example, every copy of Microsoft Office comes with PowerPoint. What if you don't use PowerPoint? What if only ten people out of 1,000 in your company uses PowerPoint? Count the dollars you'd save by only paying for what you use instead of what you might use because it's installed on every computer.

Application virtualization also keeps data off of the local system by having its own built-in data mappings. In other words, you can control where a user puts his documents when he saves them. If you weren't afraid of Cloud-based storage, he could save them to a safe, non-local site. Awesome? I think so.

Mobile Hypervisors

Fellow ZDNet blogger and tech dude extraordinaire Jason Perlow and I have discussed this one at some length and we agree that this is the true future of mobile computing. BYOD on mobile devices is made possible by employing mobile hypervisors. In short, a mobile hypervisor allows you to have your personal settings in one virtual tablet and your company's settings in another virtual tablet. Or, virtual phone.

If that doesn't raise your eyebrows, check your pulse. This is the real answer to BYOD in the mobile computing space. I can't tell you about some of the proprietary technology that I've seen in this area but get ready folks, it's incredible. It's game-changing and not just marketing fluff. It's crazy what one company in particular has developed and I'll be excited to see it hit the market hopefully next year.

You have the possibility of two different hypervisors for mobile devices: Type 1 and Type 2.

Type 2 is just another app that will run a virtual tablet or a virtual phone for you. Cool, but far less efficient.

The Type 1 hypervisor is really where it's at. A hypervisor on your mobile device and the possibility of multiple virtual devices that can run on it simultaneously is absolutely mind-boggling. You could switch dynamically between them at will. Imagine the possibilities.

To learn more about a real mobile hypervisor, check out Larry Dignan's article covering the deal between VMware and Verizon.

BYOD is very close to reality. Maybe it is already where you work. Talk back and let me know what your experiences are and if virtualization--especially mobile hypervisors will make you rethink what's possible.

Topics: Virtualization, CXO, Cloud, Hardware, Storage

About

Kenneth 'Ken' Hess is a full-time Windows and Linux system administrator with 20 years of experience with Mac, Linux, UNIX, and Windows systems in large multi-data center environments.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

24 comments
Log in or register to join the discussion
  • Xen FTW

    I don't think that the Xen products from Citrix get enough attention. I sincerely hope that Xen is mainlined into Android. I'd like to see a strong competitor to VMWare's mobile hypervisor. Xen is already in mainline Linux 3.x and ported to ARM. They just need to do some integration work to make it awesome.

    As for virtualization in general, if I were building a new environment (and I am) it would start with HP vPro client machines running XenClient, XenDesktop, XenApp, and AppSense Suite with whitebox server hardware running DataCore and XenServer.

    The biggest barrier is that it's very difficult to explain to the people with the purse strings what this (actually small) investment buys them. Virtualization technology is marketed using nonsensical buzz words and technobabble. Every argument against virtualization I've ever heard comes directly from a fundamental misunderstanding of what it buys you.
    cabdriverjim
    • RE: The answer to the BYOD question is Virtualization.

      @cabdriverjim The hackers just turn their attention to the data centers instead of the consumer devices. They now have only a small number of data centers to attack instead of the millions of consumer devices. I've yet to see proof that this model is more secure.
      CobraA1
      • RE: The answer to the BYOD question is Virtualization.

        @CobraA1 The data is _already_ in the data centers. That's the very definition of "data center". By this reasoning, all data theft would be focused on data centers already. There are reasons criminals target both individuals and data centers.

        The only reasonable option is to secure both sides of this equation. Client virtualization is a powerful means to securing the client side. The OS image(s) running on the client device benefit from the security isolation of the client hypervisor. Corporate IT can provide a hardened OS image for use in accessing corporate data with full security isolation from any other OS image, such as a personal installation of Windows or Android, on the same device. Further, these client images can be strongly encrypted on-disk, synchronized in near real time back to the data center, revoked, etc. The corporate client image can prevent USB drive access or access to non-approved networks or even copy-paste between images in ways that are impossible to circumvent by having access to the hardware.
        cabdriverjim
      • <a href="http://www.tran33m.net/vb/">2012</a>

        @CobraA1 Extremely interesting perspective and a convincing argument in favor of BYOD!<br>Virtualization as a concept is revolutionary in nature, and one of the major fundamental shifts it drives is in the way applications are delivered and consumed by the end-user. For organizations, virtualization projects are best looked at as transformational projects and should be treated as an opportunity to relook at the overall application delivery architecture. Choice of technology is then a derivate of importance and priority of diverse business goals like business agility, employee productivity improvement, workforce mobility, cost savings, IT support improvement, and meeting security & compliance requirements.<br>If we break-up your application delivery chain with a view to transforming each tier, and join the dots with evolving trends in virtualization and cloud technologies, exploding diversity of mobile end-compute devices and managed support models with centralized Service Desks and Remote Infrastructure Management services, we see an emerging picture of the consumerization of IT consumerization.<br>The transformed application delivery chain, when looked at in totality, is then a ready-to-serve application hub with an elastic resource pool, and BYOD just seems as like a natural progression for enterprises.
        ytaa1
    • RE: The answer to the BYOD question is Virtualization.

      @cabdriverjim I agreed at this part "I don't think that the Xen products from Citrix get enough attention."
      <a href="http://www.kecioyun.com" rel="muse" title="oyn">oyn</a>
      morduhan
  • You Won?

    Last I saw the margin was 60% percent stating otherwise.

    Regardless we already provide BYOD and yes already provide not just Citrix but VDI / VM. Reality is most users hate it. It's stunts the appeal of actually using their own device. What's so great buying a spanking new MacBook and having the using Windows XP in a VM session?

    You miss the point of concern about BYOD as well dismissing that virtual and cloud will negate any concerns with the device (regardless if it's laptop, smartphone, tablet). Unless there is a device that has zero storage area there is always the risk the user WILL find a means to put corporate data onto the device. There are now corporate regulations requiring native encryption. Do we assume users are fully aware of these compliance / security requirements? Do we stunt their device usage and force a limited computing option?

    You also belittle the infrastructure and licensing costs for these solutions. All for what? An unmeasured boost in employee productivity, happiness?

    Don't get me wrong I'm all for technology and making new means to use it but BYOD has it's place and it will be awhile before it's widely accepted both by employer and employee.
    MobileAdmin
  • RE: The answer to the BYOD question is Virtualization.

    Can I get my abacus virtualised? Until then I'll just use Windows products (apart from them being better) and stop being a headache to IT <img border="0" src="http://www.cnet.com/i/mb/emoticons/wink.gif" alt="wink">
    tonymcs@...
  • www.stpipefitting.com

    http://www.stfitting.com
    http://www.st-pipefittings.com
    http://www.topfitting.com
    http://www.bwfitting.com
    http://www.stting.com
    pipefittings
  • RE: The answer to the BYOD question is Virtualization.

    "If you lose your laptop, the entire contents of your hard disk are only two screws away from compromise."

    If you're not using something like TrueCrypt or BitLocker.

    "and your password file that you have on your desktop because you can???t remember all those annoying passwords that keep changing."

    Which is encrypted. KeePass FTW.

    "BYOD is the inevitable result of a new workforce."

    Inevitable? Since when was any tech inevitable? I want my flying car!

    Sorry, but no technology or prediction has ever proven to be inevitable.

    "If your operating system resides in a data center and your data in the Cloud, what???s on your stolen laptop?"

    A keylogger that will steal your data in the cloud anyways.

    The attacks don't go away. They just change form. The cloud break-ins just prove that. There is zero proof that cloud providers are really less susceptible to attacks than your average joe. And the result of a hacker group breaking a cloud provider is far more damage than breaking individual machines.

    Isolation and compartmentalization brings security - putting all of your eggs in one basket does not.

    "For example, every copy of Microsoft Office comes with PowerPoint. What if you don???t use PowerPoint?"

    Considering your average PC has gobs of storage space, does it matter?

    "Count the dollars you???d save by only paying for what you use instead of what you might use because it???s installed on every computer."

    Except the payment structure is the result of Microsoft's decision, not yours. Google Docs doesn't piecemeal its file formats either. Cloud providers can decide to give you everything only and not piecemeal things. This is 100% fallacy.

    "I can???t tell you about some of the proprietary technology that I???ve seen in this area but get ready folks, it???s incredible."

    No, making a phone or PC a brick when you lose your connection is not "incredible." Well, actually, it is - incredibly dumb. And the fact that it's proprietary means it's likely to cost a fortune, and is probably not all it's really cracked up to be.

    Seriously, they were showing you their tech in ideal circumstances. Unfortunately, things tend to be different when the ideals go away and you hit the real world.

    So you pay more to get your phone or PC bricked more. Fantastic, can't wait to use my next phone as a doorstop.

    "A hypervisor on your mobile device and the possibility of multiple virtual devices that can run on it simultaneously is absolutely mind-boggling. You could switch dynamically between them at will. Imagine the possibilities."

    Actually, I'm imagining customer confusion. Most people want their stuff in one place, not multiple virtual places.
    CobraA1
    • RE: The answer to the BYOD question is Virtualization.

      @CobraA1

      If you think that encrypting your disk contents prevents them from being hacked, I'm sorry to tell you that it doesn't.
      khess
      • RE: The answer to the BYOD question is Virtualization.

        @khess I was referring to a specific scenario - losing your laptop and taking the drive out (the "two screws" scenario mentioned in the article).
        CobraA1
  • RE: The answer to the BYOD question is Virtualization.

    What I have yet to see addressed is the privacy/legal implications of BYOD.
    1. Can you enforce a litigation hold on someone's personal device?
    2. As MobileAdmin noted there are ways to move data from the virtual server to someone's personal hard drive or other storage. If you do need to produce data in this employee's control, you will need to check their personal device for that data. If you need to pull data off of that person's personal device, how do you separate their personal data from their professional data?
    3. If they have left the company, what leverage do you have if you need to pull data off of their own device at some date in the future? What privacy concerns are raised if the former employee is now using that device at their new employer?
    KerrieG
    • RE: The answer to the BYOD question is Virtualization.

      @KerrieG

      Regarding litigation hold:

      Actually this is one the reasons many of our employees have stated they won't participate in our BYOD program. Unknown to them is if we ever had the recourse to issue a hold it doesn't matter if their technology was used for BYOD or not, we can still issue a request for PC, cellphone etc and hold it as long as needed for discovery.

      In Ken's arguement virtual environments will make this a moot point as you control the data but I have seen it near impossible to control your data unless you shut down all types of access points which is impractical (impossible) in the hyper connected world we live in now.
      MobileAdmin
  • The Answer to BYOD is 'USER' Virtualization

    I think one key point to also consider here is the role of User Virtualization in enabling BYOx projects. In addition to OS, Application and Desktop Virtualization the remaining layer in the desktop to be virtualized is the User.<br><br>REF: BYOx - Yes - it can be beneficial to organizations to allow their employees to work from their own device for a number of reasons, but, we have to also consider the number of both Personal and Corporate devices the person may use to access both Personal and Corporate data.<br><br>The user session must be configured in accordance to contextually aware rules and conditions to set up the desktop with the correct level of security levels, allow or prohibit access to specific areas of the network, data or application and desktop settings and controls.<br><br>Furthermore, what is the most important thing to a user; their desktop, their applications, the data? all of these?<br><br>User Virtualization is also needed as it ensures that no matter where a user goes, the device they chose to use, or whether the run a local desktop with installed applications, or a virtual desktop inside the corporate data, all of the user information and data musty follow the user across all of the devices and between the desktop deployment options.<br><br>User virtualization completely separates the user from the underlying OS and App components of the desktop, manages this separately and applies/streams it back to any new or other desktop or device on demand - enabling total control by IT while enabling freedom of choice to the user and a rich, familiar experience.<br><br>We are seeing thousands of customers first virtualize the user from all existing desktops as the initial step in any transformation project, be it Windows 7 migration, desktop & application virtualization or BYOx projects.<br><br>Keen to hear your thoughts on this.<br><br>Regards,<br>Gareth Kitson - Director of Product Marketing, AppSense.
    GarethKitson
    • RE: The answer to the BYOD question is Virtualization.

      @GarethKitson This is something you don't even realize you need until you see it in action. My complaint, as with Citrix and hardware virtualization, is that AppSense and others have been marketing user virtualization using "nonsensical buzz words and technobabble". I had looked at AppSense Suite several times last year and never could even determine what it does. "I am me and I am the center of everything" sounds like an LSD trip. So I blew off the sales call because the marketing info was incomprehensible. I finally relented when one of the sales people offered up a one on one demo. The engineer who gave the demo needs to be doing your marketing. His presentation was amazing and made it immediately obvious why I would need user virtualization.
      cabdriverjim
  • What about latency and CPU usage?

    Virtualization sounds nice but that extra layering tends to slow things down like molasses, as anyone who's run Windows on Mac can attest. Either the CPU can't keep up or the network pipe isn't fat enough. There's a place for it (high security environments?), of course, but the tradeoff is not small.
    ericylai@...
  • How many times has your laptop been stolen

    vs unable to get a connection to your data?

    Those anti-Cloud rants seem do not seem silly at all.
    Tim Cook
  • RE: The answer to the BYOD question is Virtualization.

    1
    Tim Cook
  • RE: The answer to the BYOD question is Virtualization.

    I daresay that saying the "answer" to BYOD is one particular approach is over-simplification. BYOD can be effective and we've seen it work with native apps that are "high functionality" and designed to run on employee devices using mobile application management (MAM) SDK integration. I.e., a native app that can be disabled or deleted at a granular level, without "wiping" the device or messing with personal data.

    Before we jump to the conclusion that virtualization is the only answer to BYOD, investigate some of the highly functional solutions in the MAM market today. You'll find that providing high-quality employee apps has a very high ROI, and I'd argue that the virtualization solutions today cannot touch this. (I agree they will improve).

    Some comments claim that security policies can only be enforced on company-owned devices. However, whether the device is IL or CL, the same types of risks are evident. The ability to provide a granular approach at the app and data level, which is provided by MAM solution SDKs, can provide full control without a "device wipe". This is the way to go - respect the user's right to have a single device.
    CimarronB
  • RE: The answer to the BYOD question is Virtualization.

    Extremely interesting perspective and a convincing argument in favor of BYOD!

    Virtualization as a concept is revolutionary in nature, and one of the major fundamental shifts it drives is in the way applications are delivered and consumed by the end-user. For organizations, virtualization projects are best looked at as transformational projects and should be treated as an opportunity to relook at the overall application delivery architecture. Choice of technology is then a derivate of importance and priority of diverse business goals like business agility, employee productivity improvement, workforce mobility, cost savings, IT support improvement, and meeting security & compliance requirements.

    If we break-up your application delivery chain with a view to transforming each tier, and join the dots with evolving trends in virtualization and cloud technologies, exploding diversity of mobile end-compute devices and managed support models with centralized Service Desks and Remote Infrastructure Management services, we see an emerging picture of the consumerization of IT consumerization.

    The transformed application delivery chain, when looked at in totality, is then a ready-to-serve application hub with an elastic resource pool, and BYOD just seems as like a natural progression for enterprises.
    jaydipppopat