Would you use a "Zero-Data" VMI solution?
Posted by beakshay@reddit | sysadmin | View on Reddit | 12 comments
Hi
I’m looking for honest feedback on a Virtual Mobile Infrastructure (VMI) tool to solve BYOD security and privacy headaches.
The Pitch:
- Zero Data on Device: Work apps are streamed as encrypted pixels; no data ever touches the physical hardware.
- 100% Privacy: Employers can't see personal photos/texts or wipe the personal side of the phone—making it an easier "sell" to employees than MDM.
- Instant Offboarding: Delete the virtual instance in 1 second when a user leaves.
The Catch: There can be a slight lag (aiming for <100ms) and high mobile data usage.
Questions for you:
- Would your clients (Health, Finance, Gov) buy this to eliminate mobile data breaches?
- If yes, what is a fair monthly price per user?
Thanks
Smooth-Zucchini4923@reddit
Doesn't this product already exist? E.g. Citrix.
beakshay@reddit (OP)
Competition is there. But their markets are different
ImperatorKon@reddit
No, because in my experience, MDM is enough and users like the mobile-native apps, so unless you are streaming those, I am not sure what this would do. And at least in finance what you have on mobile is the Teams, Outlook, Slack, not the LoB apps you would stream.
beakshay@reddit (OP)
When you share a sensitive file through Teams/Outlook, it will be saved on the user's phone. The user can reshare that information with anyone outside the org. I'm thinking of solving this problem.
ImperatorKon@reddit
I think you are not understanding what Intune provides in terms of secure containers that prevent exactly the scenario you are describing from occuring.
beakshay@reddit (OP)
I thought they still save the data on user's phone.
JGWisenheimer@reddit
It does. But only applications in that same secure container (i.e. work apps) have access to the data.
beakshay@reddit (OP)
I know about work profile. Did employees like to use work profile in their personal devices?
Happy_Macaron5197@reddit
the privacy angle is actually the strongest part of the pitch, MDM has always been a hard sell to employees because of the "my employer can see everything" fear even when that's not fully true. removing that concern entirely is genuinely useful.
the real friction for health and finance clients will be compliance validation, not the concept itself. they're going to ask for SOC2, HIPAA BAA, FedRAMP depending on the sector, and "encrypted pixels" needs a proper audit trail and documentation before procurement will touch it. the pitch needs to get ahead of that.
100ms lag is borderline for most users, anything that feels like it's buffering on a phone will get complaints fast regardless of the security benefits. i'd be more honest about realistic conditions rather than quoting the best case.
pricing for that sector is usually per user per month in the $15-40 range depending on features and compliance certs. without the certs you're looking at the low end of that or below. with SOC2 and HIPAA you could push higher.
ImperatorKon@reddit
Without SOC2 I would say you are not getting into the finance party of the target market in any meaningful way, in my experience.
beakshay@reddit (OP)
I'm targeting the EU market first. GDPR and ISO 27001 are important in the EU. I will definitely look into SOC2.
beakshay@reddit (OP)
I appreciate your honesty.