Bitzer Mobile BEAM Mobility Platform v2.4
Strengths: Secure container approach; built-in support for custom apps; native application access to existing network shares.
Weaknesses: Possible data leakage in some rare cases; however, the workaround proves adequate.
Verdict: An excellent product worthy of consideration in almost any environment.
Providing complete isolation of corporate data within an end-user-owned mobile device, the BEAM Mobility Platform from Bitzer Mobile allows IT departments to enforce data leakage protection policies while offering secure access to internal applications - without the use of VPN.
The tool was provided to us via access to a preconfigured server, so our experience with the nuances of actual server configuration is limited. The product consists of a gateway server, administration control panel, mobile file manager, notification server and database, all of which can be deployed on separate servers or consolidated to reduce server footprint. At minimum, the product requires Windows Server 2008 and either MySQL 6.1 or Microsoft SQL 2003. Bitzer does recommend that the gateway server be installed separately from the other components in a production environment. The client application runs on iOS and Android mobile platforms.
The feature set is impressive. Oriented around the concept of a container, the product sets up a secure sandbox on the end-user devices. In-house or other third-party applications can be trusted by BEAM, and are considered at that point to be "containerized," and secured the same way as are the native Bitzer apps. These apps can be added to the Bitzer home screen via the "add vApp" option, which functions like a private app store, or can be force-installed via policy. Sites accessed through the included secure web browser are tunneled through the BEAM gateway, providing access to internal-only sites. A slick secure file manager provides access to existing internal file shares, such as Windows CIFS shares. Policies can be configured, which provide data leakage protection, and the containers themselves can be configured to auto-lock or wipe themselves when jailbreaking or rooting is detected. Administrators can also manually issue a lock or wipe command in the event of device theft or employment termination. We did find that it's possible, in some cases, for a device that has been locked to still display whatever data was last being viewed before the container was locked.
Documentation is thorough, providing enough detail to walk admins through the setup. The construction of the installation and troubleshooting PDFs is a little basic, however, providing screenshots where appropriate, but no bookmarking or internal document hyperlinking.
Three different support levels are available. Basic is included in the license fee, which provides eight-hours-a-day/five-days-a-week email and Level 2 phone support. For an additional fee, administrators can upgrade to one of Bitzer's 24/7 support options, which provide email and phone access to Level 2 or Level 1 support services.
Bitzer Mobile starts at a cost of $60 per user per year. Perpetual licenses are available, starting at approximately two times the normal annual subscription price, plus a yearly maintenance fee that covers bug fixes and upgrades. Basic support is included in the license fee, with the 24/7 support upgrades available at an additional $1 to $2 per user per month.