If 2010 was the year for enterprise IT departments to embrace employee-owned devices and multiple smartphone operating systems, then 2011 will be the year when IT grapples with the fact that employees are using personal devices to handle sensitive business information. Fortunately, it looks like solutions providers also putting a heavy emphasis on finding ways to use their own devices while not compromising company data, especially as IT departments begin to embrace smartphone apps.

Mobile device management and security company MobileIron today announced release 4.0 of its Virtual Smartphone Platform (VSP), which features application management and security for iOS, Android, BlackBerry, Windows Mobile and Symbian devices circulating throughout enterprises. The vendor is delivering an Enterprise App Storefront combined with a policy engine to make sure apps are secure and to keep rogue apps out.

Ojas Rege, vice president of products and marketing with MobileIron said 2011 will be characterized as the enterprise moving beyond mobile email and focusing on productivity and corporate applications.

"At this point, about half of customers have plans for apps in 2011," Rege said. "iPad has been a catalyst...It's all about getting to this next stage and getting the good apps to employees."

MobileIron's release 4.0 of VSP establishes an enterprise app storefront to enable IT to distribute in-house apps without having to post them publicly. That way IT can approve the apps, set policy and push it to end users. Moreover, IT can decide which apps to allow and which ones to keep out by blocking rogue apps that might create security holes or violate acceptable-use policies.

IT can now categorically deny email access to any device with a password spoofing app, or alert the user when they download an app that violates policy and guide them through remediation. IT can also create policies based on device posture; for example, apps that require security will not be published to a device that is not properly encrypted.

"What we're seeing is a fundamental shift in the security model," Rege said. "I can't prevent you from downloading an application or lock you down...But if you have something on the phone that poses a security risk, it will trigger alerts and block access to the enterprise."

Rege said much of an IT department's security model should be based on education. When an employee is notified that an app he or she has downloaded poses problems with an enterprise's security, the majority of the time they will delete it.

Another piece of MobileIron's VSP is an API that enables the delivery of cross-platform application information so that other corporate services can understand what apps are on what devices. For example, a company can use the MobileIron API to track its mobile app license inventory to make sure that it is using the number of licenses in its contract.

Also this week, VMware and smartphone vendor LG have formed a partnership to build smartphones that will include a separate corporate identity and email account that is distinct from a user's personal account using VMware's virtualization software.

The screen on the LG devices will show up as an application, but that application is really its own secure corporate entity that may include email, contacts, an attachment viewer and document editing. Other functions can also be added.

The phones are expected to come to the U.S. market in the first or second quarter of 2011.

It looks like IT is in for a wild ride in 2011 as it works to understand what kind of applications it should be most worried about when it comes to corporate security. And it's a delicate balance between allowing employees to do what they want with their devices while still imposing restrictions to protect the enterprise. - Lynnette