Home RSA 2012: VMware CTO Proposes Virtual Business Phones to Secure Real Ones

RSA 2012: VMware CTO Proposes Virtual Business Phones to Secure Real Ones

In a simultaneous announcement at the RSA security conference in San Francisco and Mobile World Congress in Barcelona Monday afternoon, VMware Chief Technology Officer Dr. Stephen Herrod made two extraordinary revelations. One is that his company is working on a technology that would give businesses with “BYOD” policies for their employees a way to deploy virtual phones on virtual devices. This would maintain business assets on devices that employees purchase for themselves and use as their work phones.

“The idea is actually pretty simple,” explained Dr. Herrod to attendees of the Cloud Security Alliance Summit at RSA. “You have your phone that you go out and buy, and you go to an app store and download a level 2 hypervisor that’s going to be in place there. Then when you show up at work, what you’re able to do is, rather than get a work-issued phone, you’re going to get a work-issued virtual phone.”

VMware is currently developing the concept for Android phones, but did not show a working model Monday. The virtual phone may contain company-approved apps, which would still be downloaded to the device over the air, though they would then reside on the virtual envelope.

“Basically, think of it as having two personalities on that phone, separated by a hardware virtualization layer. What’s important is that, the corporate phone is owned by my company, not by me. I’m in charge of everything that’s on the personal phone, but when I start up that application, it’s all encrypted, it’s all communicating over automatic VPN… and only those applications approved by the corporation can actually fit on that corporate phone.”

A virtual corporate phone could revolutionize the way mobile devices are secured and administered by companies, and it could also have an impact on purchasing choices. Apple’s tight control over the apps distribution process makes it an unlikely candidate for following up on Android’s head start toward this feature.

But it also would give incentive for administrators to deploy some kind of corporate device virtualization portal, which sounds more like VMware’s bread-and-butter. Herrod didn’t specifically mention such a product, though he did allude to its existence with respect to another open experiment the company revealed today, one which would absolutely require such a tool for its existence.

It’s part of VMware’s multi-faceted “Project Octopus,” the existence of which was first revealed at VMworld last September. Think of Octopus as providing (among many other things) an alternative for DropBox, for all those enterprises that have come to realize their employees are storing corporate assets in public clouds through their private devices. Octopus, whatever it ends up being called, would give employees a cloud they could use instead, while staying within the policy boundaries of their employers.

“DropBox is an incredible app, a great way to get access to your files wherever you happen to be. It’s very convenient,” acknowledged VMware’s Herrod. “And enterprises don’t have an alternative for that right now.” Octopus would offer corporations the same file sync and share service as DropBox, while maintaining the data behind their own firewalls, and enabling richer policies. For example, admins would have the ability to revoke access to specific files within a set number of days. Or, if an employee leaves the company, the admin could make certain that person cannot use the company’s apps or access corporate data.

“I think you’ll see a lot of solutions like these that become different ways of containing the applications and the data, ultimately fitting into this broker concept that has to be third-party aware, but also with unique aspects that each company might need,” added Herrod. Obviously there will be more arms to the proverbial Octopus than just the two.

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.