mobile security: wrapper or container? part 2

After my first blog post on the mobile security solution called container, here's the other one:

the wrapper, or sandbox

The idea here is based on Java and its famous virtual machine, but we can also call this solution a sandbox or wrapper.

Basically it’s an application that controls the professional area in a secure bubble. All applications running from the sandbox are secure because they are directly controlled by the sandbox. Similarly, documents are encrypted and can only be shared between applications within the sandbox. The system’s security policy can be managed with an administration tool.


The secured application, or the wrapper, is then made available to the user through the company’s private application store or through an MDM solution.

advantages and disadvantages of wrappers

The advantage of this model is that, in theory, you can control applications running on any OS. This includes applications developed using HTML 5, because special browsers are often developed for the professional zone to control access to mobile sites and/or websites, and thus limit the spread of malicious scripts.

The disadvantages of these types of solutions:

  • while lighter than containers, wrappers still require changes to be made on the device through an application installation (but no need to modify the ROM)
  • all applications secured by a wrapper must be recompiled, which can be time-consuming, even with tools supplied by editors
  • the user experience must change because these tools differ from the originals (different e-mail and browser tools from the ones supplied by the manufacturer)


The two approaches are interesting but do not provide the same level of security. Companies that need to give employees access to highly sensitive data should opt for container solutions, while applications secured by wrappers will still meet the security needs of most companies.

I also want to emphasize that these solutions have a significant impact on smartphone performance, so they should only be used with high-end devices that have fast processors and long battery life.


photo credit: © Scanrail -

This blog post was originally published in French here.

Philippe Macia

After previously working as a training manager, on-site IT officer, pre-sale technical officer, and customer service manager, I joined the Orange Business security team as a product manager. I’m very committed to the user experience and easy administration of the solutions we create. My watchwords: knowledge sharing, logic, pragmatism and simplicity.