Is Mobile Security BlackBerry’s Escape Route?

wayne Rash

Offering security features to other platform could protect BlackBerry from the device maker blues, says Wayne Rash

BlackBerry is sharing its family jewels. It is bringing its  legendary uncrackable encryption to iOS and Android, along with other features.

The mobile firm is putting BlackBerry Secure Work Space on Android and iOS devices, and promises IT managers the stability they need to protect company information, while users get to use their favorite devices at work.

As well as BlackBerry encryption, the deal brings a suite of secure, containerised applications — including email, calendar, contacts and Web browsing — to those new devices.

Blackberry 10 balance RIMNo VPN required

Using this could eliminate the need to maintain a separate virtual private network (VPN), cutting costs while maintaining security.

BlackBerry senior vice president for security Scott Totzke described it to eWEEK as “the same secure connectivity with BlackBerry protocols” that’s being used for existing BlackBerry devices. He said the process is also the same. “Encrypt and compress using BlackBerry transport protocols using the same encryption and same outbound port,” he said.

“This is all managed by BlackBerry Enterprise Service [BES],” Totzke said. “There’s no VPN to deploy. There are no additional connections, no extra holes in the firewall.”

The network traffic looks the same to the firewall as any other BlackBerry traffic, according to Totzke, meaning that advanced firewalls and other security systems don’t need to be updated.

He also noted that the BlackBerry encryption works the same as it does with BlackBerry devices. “It uses an AES VPN key that changes with every packet,” he said, adding that BlackBerry treats every data packet as a separate VPN session and uses a new encryption key for each one.

Modified BlackBerry apps

The new apps that come with BlackBerry Secure Work Space are modified versions of apps that already exist for BlackBerry 10 and are used with BlackBerry Balance. There’s the secure HTML5 browser that allows users to connect securely to existing Web services behind the corporate firewall, secure email for use with BES 10.1 and the corporate email service. The calendar and contact apps work with their corporate analogs, and all connect using the secure BlackBerry environment.

While it’s possible to look at this as BlackBerry acknowledging that its devices aren’t selling, in reality there’s a lot more to it than that. One of the reasons that BlackBerry Enterprise Service is so widely used is because of its security. IT managers need to be able to deliver secure mobile applications regardless of the bring-your-own-device (BYOD) environment.

Because BlackBerry’s Enterprise Service is widely used, the move to BES 10.1, which is required to support the Secure Work Space, is easy to integrate, since it requires few if any changes to the existing BlackBerry environment. IT managers won’t need to change their company’s security infrastructure to work with the new capabilities.
Even better for IT managers is the fact that BES 10.1 is a free upgrade. The cost per client device is the same as it’s been, so there’s no change for companies with currently installed BlackBerry devices. The cost for new devices is $99 (£65) per year per device in the US, but that can be offset by reducing the requirement for a separate VPN.

What BlackBerry brings to the table with BlackBerry Secure Work Space is a unified security environment that’s able to provide a useful range of services to mobile users while also giving them the ability to continue using their existing consumer apps. The BES connection gives IT managers the ability to wipe the corporate part of the device while not touching the personal side.

Is this just BlackBerry Balance?

If all of this sounds a lot like BlackBerry Balance, that’s because it is similar. But according to Totzke, it’s not the same thing. “It’s not the same user experience,” he said. With BlackBerry Balance, the device has two partitions, one personal and one corporate, that are walled off from each other. With Secure Work Space the business apps exist along with the consumer apps, but have a designation (such as a lock on the icon) to show that it’s secure.”

Even though the apps appear on the same screen, the Secure Work Space apps still have a wall between them and the consumer apps. You cannot, for example, cut and paste between them.

In effect what BlackBerry has done in addition to delivering a mobile security platform to IT managers is to give them a way to keep buying services from BlackBerry regardless of whether they buy the company’s devices. This helps ensure a continued revenue stream that’s separate from the ups and downs of the device market.

Considering that the once invincible iPhone is being eaten alive by Android these days, that’s probably a good idea. If at some point Windows Phone starts taking off, as many analysts have predicted, then BlackBerry will make a version of Secure Work Space for that device, as Totzke said the company will make sure there are versions for whatever the next hot mobile device may be.

Meanwhile, BlackBerry is offering the whole kit and caboodle as a free download for 90 days. The iOS and Android apps are available for download from their respective app stores.

What do you know about BlackBerrys? Find out with our quiz!

Originally published on eWeek.