As we stated last week, protecting company data and a user’s personal information is essential when building Mobile Solutions. One of the questions we are often asked is; “When selecting a method to protect data (Containerizing), which is better using an SDK or Wrapper?”
There are benefits to both and more often than not, companies can use both methods depending on the mobile solution and content. To containerize an app essentially means enabling security around specific rules, authorization, or content a business wants protected – In some cases it might be specific to the app while in others it might be specific to the device. Containerizing Enterprise Apps is a great strategy to protect corporate data while not touching personal data.
As I mentioned above, there are two primary methods of securing mobile app’s data, and content – Software Development Kits (SDKs) and App Wrapping. While the concept behind each can is the same, understanding the scenarios of when to use one vs. the other is essential to determining which is best for a business. Depending on the Security Vendor, both wrapping and the SDK should accomplish the following: Data Encryption, Prevent the cutting or copying of data, App-Level VPNs, & Device Integrity Checks. Furthermore either of these methods can be used to validate user authentication and allow system admins the ability to gain control of the app or remote wipe specific content or the entire app from a user’s device.
The key to determining what strategy to uses lies in your company’s ability to access the Mobile App Source Code. The SDK method to containerize individual apps requires app developers to have access to the app source code in order to integrate the SDK. One benefit of the SDK method is that it does give software developers the added option to choose to use custom components or methods prescribed in the SDK for securing the app. On the other hand the major challenge in the SDK method is that Software providers often need to create and maintain multiple versions of the same app to support multiple security solutions and/or deployments thus making the maintenance and total cost of ownership (TCO) for the SDK method more expensive. A firm understanding of the source code and developer skills, which could vary, based on the platform, are also required for this method.
Conversely, app wrapping methods do not require any changes to the app’s code and are more cost effective. App wrapping does not require any developer skills, but has more limited security features, in most cases. A power user or system admin would upload the APK or IPA to the Security Vendor’s Solution to enable the app wrapper, and proceed to distribute the app through appropriate methods. In most cases, businesses can only use the wrapper when they do not consume a shared service and do not have access to the source code.
To learn more on this topic and how to strategically select the best option for your business Contact Us