LetMobile released its Secure Mobile Email version 1.5 yesterday and its worth taking note. Email security is at the core of all initial enterprise mobility and bring your own device (BYOD) roll-outs. While there is always talk and occasionally even action related to other corporate applications, the desire for corporate email on personally owned mobile devices is the catalyst behind the BYOD revolution. The issue of how to secure corporate data contained in those emails helped spur adoption of an entirely new category of software: mobile device management (MDM).
Email Containers Everywhere
Most MDM providers realized that they could not replicate the BlackBerry Enterprise Server (BES) model that secured email on a dedicated server through advanced encryption and hundreds of policies. As an alternative, MDM software has marched down the path of on-device data encryption and containerization. These secure containers attempt to segment corporate data residing in the email client from other applications and data that may reside on a personal mobile device. The challenge of this for data security is that the data does physically rest on the mobile device. If the device is lost or stolen, the data may become accessible for unauthorized access.
Email Accessibility without Data on the Device
LetMobile is taking a different approach. LetMobile’s view: the best way to prevent data leakage is to keep it off of the mobile device altogether. If a device is lost, there is no corporate data in the actual emails only the headers. Users read the email through a connection to the host server. The data never leaves the security of the corporate network. LetMobile Chairman Ron Rymon puts it this way:
With LetMobile it’s not a function of how well the data [on the device] is protected, it’s just not there.
What about Offline Access?
Offline access to email when on a plane or out of range of WiFi and cellular is an obvious question. Connectivity may be ever-present at some future point, but today that is not the case. LetMobile provides a feature that allows the administrators to set who can pull down email for local access and how long it can be resident. For example, employees that travel frequently may have the privilege of pulling down email so they can work while on a flight. When they reconnect to the server upon landing, synchronization includes pulling all of the downloaded email off of the device and back onto the server, time limiting the potential for external data exposure. This seems like a reasonable approach that balances security with productivity imperatives.
More like Email VDI than MDM
There is a lot of discussion about whether Virtual Desktop Infrastructure (VDI) is a good security solution for enterprise mobility. VDI keeps all of the computing and data on secure servers while the mobile device simply views the applications through a browser or other light-weight client. Since no data persists on the device, there is no risk to data security on the device. The challenge with VDI today is that it requires additional overhead to set-up, has no off-line features and most enterprise applications are not designed for mobile use. LetMobile’s strategy to is to stake out middle-ground between VDI and on-device containerization.
Insight for Enterprise BYOD
Many enterprise IT shops are looking at BYOD through the “device control and secure” lens they are familiar with for the laptop and BlackBerry. LetMobile looks at BYOD as a completely new paradigm for the enterprise. Mr. Rymon comments:
People buy phones because they are fashionable, not because of the quality of the computing device. Connecting to the enterprise is about fourth on the priority list. MDMs were designed as management solutions – security was a byproduct, not part of the original design…and people don’t want MDM on their [personal] devices.
The addition of LetMobile to the MDM and mobile email competitive space is good news for the enterprise. It provides an alternative allowing enterprises to choose not to manage personal employee devices, but still allow secure access company email without data persisting on the device. This approach will surely come as a relief to many IT shops that don’t want the burden and cost of managing a wide variety of personal devices. It also is certain to be popular with many employees who don’t want an MDM agent and corporate policies such as IBM’s restricting their use of a personal device. These employees can also utilize native email clients that LetMobile enables to integrate personal and corporate messages into one account. No more switching back and forth between Gmail and corporate email to see the latest message. Ease of adoption, a user preference orientation and a simple approach to secure mobility should help LetMobile grow from its thousands of users today to 10’s of thousands of users very quickly.
What do you think about the LetMobile approach as opposed to email containerization? Is this a sound solution strategy for secure mobile email? Comment below.