Despite this arrangement, it is still possible to develop new apps that run inside Divide, says Toy, although typically they will have to be approved by the employer’s IT department before someone can install them. “Divide essentially masks the Android API [which apps use to plug into the operating system],” he says. Modifying a new or existing Android app to plug into Divide rather than the Android system is relatively simple, he says. An app that manages to take full control of the phone could gain access to Divide’s data, Toy admits, but the data would still be encrypted—and besides, it is very difficult to do this.
William Enck, a researcher at Penn State University who helped develop software that traces how Android apps share user information, points out that in that scenario “there isn’t a whole lot you can do to protect data, because the system has to be able to decrypt it for the apps to work.” Decryption keys must be hidden somewhere inside Divide, so a malicious program could search for them to unlock the data, explains Enck.
However, he says, Enterproid’s approach does make it significantly more difficult for an attacker to access users’ work data, without compromising their freedom to do as they wish with their phones. “The enhancements it makes are very practical,” he says, pointing out that, for example, a person could lend the phone to a friend without having to provide the password that protects work e-mail.
Enterproid say the basic architecture of its system should be applicable to Apple devices, albeit with tweaks to meet the company’s stringent App Store rules. Enterproid is not alone in wanting to help IT departments monitor Android devices, which cannot be controlled remotely to the extent that BlackBerries can, making them out of the question for many companies. Motorola recently acquired a small startup, 3LM, with technology that offers remote control of Android devices.
Toy also think apps that split a phone’s personality could be used by content providers to deliver people video and other media in a way that prevents copying. “You could imagine an app you open to see movies and that the movies available change every day,” he says.