Gartner Blog Network


Mobile Application Security: the Walled Garden versus the Open Grounds

by Ramon Krikken  |  May 14, 2012  |  Comments Off on Mobile Application Security: the Walled Garden versus the Open Grounds

In our recent customer-facing research project on mobile application development, security was a smaller but important consideration for many participants.

When I read through a recent “this is what developing for Android looks like” blog post on the effects of Android fragmentation, I got inspired to write a quick piece on the platform. The open playground versus the walled garden approaches of the Android and Apple platforms, respectively, definitely play into how security can and must be designed.

One aspect of open versus closed is the ability to control and change what you have.  Avoiding vendor lock-in and heavy-handed vendor or carrier control (which in the consumer space often is often related to digital media) can be beneficial to security in the enterprise environment. On the open grounds those with the time and effort could create their own secure operating system specification, and those with less time can simply pick a few useful security components and add them on. To do so in a walled garden can be very difficult, if not impossible, and enterprises sure have a few complaints about controlling applications and data on the Apple platform here.

But notwithstanding a desire to maintain consumer choice and easily implement controls, it’s unavoidable to acknowledge that the walled garden can be very helpful for implementing security in B2E environments. If the endpoint is to handle sensitive data, we need a certain amount of control over the hardware and/or the operating system. This allows us to support or add on security features without the user having the ability to modify or remove them. The open Android model therefore definitely worries some enterprises when it concerns BYOD.

Neither platform is ideal for B2E – particularly for BYOD, where neither Android nor Apple have the best support for enterprise B2E application and data security requirements. In fact, right now both open and walled models have specific benefits that are appealing. But a variety of security and non-security factors sure do seem to drive organizations in the direction of favoring the walled garden, for better or for worse.

Additional Resources

View Free, Relevant Gartner Research

Gartner's research helps you cut through the complexity and deliver the knowledge you need to make the right decisions quickly, and with confidence.

Read Free Gartner Research

Category: 

Ramon Krikken
BG Analyst
2 years at Gartner
15 years IT industry

Ramon Krikken is a Research VP the Gartner for Technical Professionals Security and Risk Management Strategies team. He covers software/application security; service-oriented architecture (SOA) security; structured and unstructured data security management, including data masking, redaction and tokenization...Read Full Bio




Comments are closed

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.