Over the last couple of months, I’ve been writing a lot about sandboxed email. I’ve written about different products that do it. I’ve written about ways to around it. I’ve tried it out on my own. After all that talk, I want to step back a second and ask how users feel about it, as well as share my own experience.
Why sandbox mobile email?
Why do we want to avoid native, built-in mobile email clients? Here’s the one 30 second version: Native mail clients in mobile devices are designed to share information with any other app that happens to ask for it. Apps can open attachments, read calendars and contact lists, and even send emails using accounts synced to native clients. Once this information is pulled out of the email client, there’s no telling what the app might do with it.
There three ways to solve this problem:
- Use mobile device management software to monitor and control what apps are on the device.
- If all you’re worried about is attachments, encrypt or otherwise protect attachments, but still allow mail in the native client.
- Don’t allow corporate email to connect to built-in clients at all; instead limit it to third-party sandboxed clients (likely by utilizing Exchange ActiveSync client access rules).
It’s of course this third technique we’re talking about right now. The sandboxed email client can be managed by corporate IT, and access to attachments, contacts, and other data can be limited to other managed apps. The device itself can remain unmanaged.
What about users?
Sandboxed email sounds great, especially for BYOD, right? But there are two objections that users can have:
- Apps that aren’t part of the corporate management system can’t access corporate contacts or attachments.
- The third-party email app might not function as smoothly as a devices built in app.
The big question is whether these will be big enough problems that users decide to say FUIT and start getting “creative” about how they handle email.
My experience with sandboxed email
I’ve been living in a luxurious position with native email access but no oversight on my device. A while ago I wanted to see what it was like living with sandboxed email, so when Enterproid for iOS was released, I downloaded and synced my TechTarget email to it and disconnected my iPhone’s native mail app. In addition to my phone’s regular 4 digit pin code, I now had another password between me and my work email.
How much did it affect me? Not one bit. Sure it added an extra second or two to the time that it took me to check my messages, but if anything it cut prevented me from spending too much time casually checking my email. The result? Better work-life balance. When the Enterproid app was new, it crashed every time I would delete an email. It was fixed after a few weeks, but it wasn’t that big of a problem anyway, since I could still read and send emails just fine. Overall, the experience wasn’t all that much different than native mail, at least for me. The only difference was that some of the UI elements were green instead of grey or blue.
But I also know that our company is a special case. We (like many companies, I suspect) have very little in place in the way of a mobile strategy. The work-related apps that I do use are all available in public app stores. Some of them are indeed clients for company-provided services (example: Concur for expenses) and some of them are clients for services we use on our own (Dropbox, Google apps). Overall, I didn’t miss out on too much when my work email and contacts weren’t accessible by all my apps.
What's your experience?
Do you prefer built-in clients for a particular reason? Do you use a third-party app? Or does your company allow built-in native clients, and if so, with our without oversite of what apps are on a device?
(Note: You must be logged in to post a comment.)
If you log in and nothing happens, delete your cookies from BrianMadden.com and try again. Sorry about that, but we had to make a one-time change to the cookie path when we migrated web servers.