Updated BlackBerry security features aimed at boosting corporate use
Could give RIM device an edge over rivals in penetrating the enterprise, analyst says
Computerworld - Research in Motion (RIM) Wednesday padded the latest version of its BlackBerry Enterprise Server software with new security features designed to accommodate the growing use BlackBerry devices in corporate settings.
The updates, part of the new Blackberry Enterprise Server (BES) Version 5.0.2 released today, include a new tool dubbed the Individual-Liable Devices Policy that lets users separate personal use from corporate use of the device. The version also includes technology that allows corporate data stored on personal BlackBerry devises to be erased remotely.
Though the new version is a relatively minor point release of BES, the security tweaks address an important need, said Jack Gold, an analyst at J. Gold Associates.
Increasingly, companies that are unable or unwilling to buy such technologies permit employees to access enterprise applications and data from personal smartphones such as RIM's BlackBerry device, Gold said.
Some companies address security risks by only allowing workers to use approved devices, he said.
Others allow the use of many devices, but have separate data access policies for each, he added. For instance, a company might have a policy that allows Android users to only access enterprise e-mail, while a user of a personal BlackBerry might have wider access to enterprise applications, he said.
RIM's newest security enhancements appear designed to make it easier for security administrators to allow employees to use personal BlackBerry's for corporate uses, Gold said.
The company's support for remote removal of corporate data from employee-owned devices for instance, allows for more granular control over personal devices, he said.
"BES was always able to remotely remove data on your device. Your company could simply send a 'kill-pill' and your device would be trashed," he said. "Now they wouldn't need to do that. They could just delete the corporate part and leave your personal data alone," he said.
Meanwhile, the new Individual-Liable Devices Policy will allow users of personally-owned BlackBerry's to access their personal e-mail and calendar, and allow calls on personal voice plans, even while the device is locked out of corporate use. The policy can also prevent users from accessing organizer data such as tasks, contacts and calendar entries from within social networking applications, according to RIM.
The updated BES also includes new self-service options that allow users connected to a BlackBerry Enterprise Server to reset their device password, lock the device or remotely delete all data in case the BlackBerry is lost or stolen. Previously, such functions could only be carried out by an IT administrator, according to RIM.
Such features should, in theory at least, reduce the risk of "cross-contamination" that can result when personal devices are used for corporate purposes, Gold said. "Now as an IT administrator I can tell you to go out and buy your Blackberry and use it for your own personal use, because in theory at least I can separate your stuff from my business stuff," he said.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan, or subscribe to Jaikumar's RSS feed . His e-mail address is email@example.com.
Read more about Smartphones in Computerworld's Smartphones Topic Center.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts