It doesn't need to. The Enterprise has accepted iOS the way it is. It is already 128 bit encrypted. . . and secure, HIPAA compliant. Android is inherently insecure. Even Apple cannot decrypt an iPhone without the owners pass key. Not so with an Android even with Knox.
ITs requirement is admin rights on ANY device that has corporate email on it so then can control password policy or remote wipe or lock out if lost ..but it can be a vm
Your telling me an Iphone can not get lost and you might have set a too simple to no security on your phone exposing sensitive corporate documents to people that should not be seen them?..
We are a network security company and white hat hacking Our IT not going to allow any corporate documents or email on a device they do not admin
With the capability of creating a virtual machine smart-phone on my primary smart-phone I can grant IT admin rights to the vm smart-phone and run corporate email with out granting them right to my primary phone....
IT is not even aware or even cares that they are admin of just a vm on my primary phone..that can lock out or wipe everything in that vm image at will while never touching my personal phone..
That the beauty of it.. im still in overall control. .
My phone is the physical hardware server that i admin.
There just a vm image on my phone that i can access to do my corporate business while satisfied any admin rights IT wants.