One idea, two approaches: How do Android for work and iOS for work compare when their techniques for data separation are set side by side?
As a Berliner, seeing Android Enterprise immediately reminds me of the old song “I Still Have a Suitcase in Berlin” by Marlene Dietrich. It’s because a small blue suitcase identifies all work apps that belong to Android Enterprise’s secure business container.
With Android Enterprise, Google offers essential aspects that are the same as Apple’s iPhone device management approach. Even if it is clear that Apple’s iOS can boast longer experience, both operating systems offer the basis for meeting corporate requirements for data protection and security, without limiting the variety of apps or having to annoy the user with special, usually not very user-friendly email apps.
With Cortado MDM, we fully support these approaches. Enterprise mobility has never been so secure and so simple to implement.
One Idea, Two Approaches
So-called business containers can be created on a smartphone with iOS and Android Enterprise. Such business containers delineate a collection of business apps that can only exchange data with each other. This ensures that personal data on the smartphone is kept separate from business data.
The differences in implementation are interesting. Whereas Android Enterprise identifies apps with the suitcase icon and thus makes the Android Enterprise business container prominently visible, the iOS business container from Apple is hidden from sight.
A iOS for Work Business Container with User Enrollment
iOS for work usage is defined by its business container, which runs in the background, and established by the BYOD enrollment option called User Enrollment. The data exchange is controlled using a managed Open-In, so that this can only occur between managed apps, including the Safari browser and native email app. In addition, any app from the Apple App Store can be defined as a managed app.
Things get interesting when the user wants to use the same app for both personal and business. This works smoothly with Apple’s own email programs and the Safari browser. The distinction here is between managed domain and unmanaged domain. Emails or downloads from managed domains can only be loaded in managed apps.
But what about word processing, for example? There are two alternatives. Either you load a second word processing app on the device or you allow the exchange between the container and the personal apps. The latter is more than suboptimal from a security standpoint.
The Android Enterprise Container
Use Android for work and you’ll notice that this operating system solves this issue in a fundamentally different way. Apps that are to be used in both the personal and business areas simply run double on the device: One unmanaged for personal use and one managed. The user can see from the suitcase symbol which is which.
The song “I Still Have a Suitcase in Berlin” incidentally continues with “it stays there too and that makes sense”. The users will have to decide whether that applies to the suitcase when using Android for work too.