One phone to rule them all - robust data isolation for two personas on a single mobile device
By Ernesto Burden
We have entered an age where two trends are running smack into each other in increasingly painful ways - the blending of personal and professional lives on our devices, and an era of highly public hacking. In the age of WikiLeaks, an age when government leaders' (and high profile political candidates') private communications and official correspondences have been hacked and exposed on front pages of Web sites, data security on mobile devices is increasingly crucial. At the same time, we've come to expect our mobile devices to be all things, professional and personal.
Do you carry more than one mobile device - phones, tablets, etc.? When we travel for business, many of us do. This may be partly for convenience, partly for security. And while corporate data security is deeply important - what about the security of sensitive government and military data? That's life and death. Do commanders want troops in the field checking Facebook or sending personal email on the same mobile devices they are using for sensitive operations. Not likely. So to insure data isolation between the persona persona and the IT-managed persona, you end up with two phones, two tablets, two laptops, etc.
Imagine that hardware bloat expanded across, say, a whole army. At the Embedded Systems Conference in Boston on Tuesday I chatted with Brad Jackson, a senior field applications engineer at
Green Hills Software, about their Integrity Multivisor platform, for which they've just rolled out
updates that add support for "the latest versions of Android and other mobile operating systems." Jackson describes the system as, "software separation as secure as hardware separation."
In the example we discussed, one might install two instances of the Android operating system on top of Green Hills' INTEGRITY Multivisor mobile hypervisor, which installs directly to the hardware. One of the Android installs is for the "sensitive network" with key management, crypto and authentication applications, the other is for the "quality-of-life" network, where you might email your kids and check Twitter - "multimedia, social and Internet apps."
Anyone whose work takes him away from home and family, even for short stretches of time like days or weeks, knows how important it is to be able to maintain that connection to home. This must be infinitely more true for people who must be away for months or even years. Mobile devices and the social tools they enable are powerful ways to stay connected. It's not just a convenience; but a vital way to stay connected. "Warfighters expect to be able to email their loved ones back home," Jackson told me. Business, government and military leaders seem to be conceding to this expectation.
For warfighters, eliminating the need for multiple devices in the field for secure and non-secure data has size, weight and power (SWaP) implications, as well as cost benefits.
For business travelers, it may someday mean fewer devices and cables in the laptop bag and a faster trip through airport security. And for politicians, maybe it means one less embarrassing picture, tweet or email message offered up for scandal, scorn and joke fodder for late night talk show hosts.
Ernesto Burden is the publisher of Military & Aerospace Electronics and Avionics Intelligence. He can be reached at ernestob@pennwell.com and on Twitter @ aero_ernesto.