Research in Motion (RIM) Wednesday padded the latest version of its BlackBerry Enterprise Server software with new security features designed to accommodate the growing use BlackBerry devices in corporate settings.
The updates, part of the new Blackberry Enterprise Server (BES) Version 5.0.2 released today, include a new tool dubbed the Individual-Liable Devices Policy that lets users separate personal use from corporate use of the device. The version also includes technology that allows corporate data stored on personal BlackBerry devises to be erased remotely.
Though the new version is a relatively minor point release of BES, the security tweaks address an important need, said Jack Gold, an analyst at J. Gold Associates.
Increasingly, companies that are unable or unwilling to buy such technologies permit employees to access enterprise applications and data from personal smartphones such as RIM's BlackBerry device, Gold said.
Some companies address security risks by only allowing workers to use approved devices, he said.
Others allow the use of many devices, but have separate data access policies for each, he added. For instance, a company might have a policy that allows Android users to only access enterprise e-mail, while a user of a personal BlackBerry might have wider access to enterprise applications, he said.
RIM's newest security enhancements appear designed to make it easier for security administrators to allow employees to use personal BlackBerry's for corporate uses, Gold said.
The company's support for remote removal of corporate data from employee-owned devices for instance, allows for more granular control over personal devices, he said.
"BES was always able to remotely remove data on your device. Your company could simply send a 'kill-pill' and your device would be trashed," he said. "Now they wouldn't need to do that. They could just delete the corporate part and leave your personal data alone," he said.
Meanwhile, the new Individual-Liable Devices Policy will allow users of personally-owned BlackBerry's to access their personal e-mail and calendar, and allow calls on personal voice plans, even while the device is locked out of corporate use. The policy can also prevent users from accessing organizer data such as tasks, contacts and calendar entries from within social networking applications, according to RIM.
The updated BES also includes new self-service options that allow users connected to a BlackBerry Enterprise Server to reset their device password, lock the device or remotely delete all data in case the BlackBerry is lost or stolen. Previously, such functions could only be carried out by an IT administrator, according to RIM.
Such features should, in theory at least, reduce the risk of "cross-contamination" that can result when personal devices are used for corporate purposes, Gold said. "Now as an IT administrator I can tell you to go out and buy your Blackberry and use it for your own personal use, because in theory at least I can separate your stuff from my business stuff," he said.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan, or subscribe to Jaikumar's RSS feed . His e-mail address is firstname.lastname@example.org.