BlackBerry, whose share of the mobile phone market has been on a downward spiral, this week launched BBM Protected, the first in its planned eBBM Suite of secure enterprise-class messaging products.
BBM Protected targets regulated industries.
It’s claimed to be the only secure mobile instant messaging app that uses a FIPS 140-2 validated cryptographic library.
Users can securely message colleagues, people in other companies, and friends and family — so long as the others also are using BBM Protected.
Given BlackBerry’s dismal market share, does anyone care? In 2012, BlackBerry had 6 percent of the worldwide market, Vodafone calculated. It’s expected to fall to 5.9 percent by 2016.
Nevertheless, “most large enterprises care,” Carl Howe, a vice president at the Yankee Group, told the E-Commerce Times.
“Few other mobile platforms have the long and trusted time in service that the BlackBerry platform does,” Howe explained. “Do you want your corporate data running through a network that has been handling encrypted enterprise data for the last decade, or would you rather it were routed through a South Korean consumer electronics company?
More About BBM Protected
Messages between users of BBM Protected are encrypted using a PGP-like model, with both the sender and recipient having unique public and private encryption and signing keys.
Messages are encrypted on the sender’s smartphone by a Triple DES 168-bit BBM scrambling key, which also is used to authenticate and decrypt messages on the recipient’s phone.
These keys are generated on the smartphone by the FIPS 140-2 crypto library. They are controlled by the enterprise.
Each message uses a new random symmetric key for encryption.
All this happens in the background, without involving the users.
The current version of BBM Protected runs on BlackBerry smartphones running BBOS 6.0 or later, or BlackBerry 10 in Regulated mode. Versions for BlackBerry 10 smartphones using BlackBerry Balance, and for iOS and Android devices, will be available later this year.
“With BBM Protected, BlackBerry is going back to its roots — the enterprise,” Ramon Llamas, a research manager at IDC, told the E –Commerce Times.
“Because BBM is available on iOS and Android, BlackBerry’s extending BBM Protected to those OSes to make the feature more useful for enterprise customers,” Llamas continued. “Congratulations. Good job.”
Reaching Out and Touching Someone
BBM Protected offers secure intercompany messaging — it automatically encrypts messages between users, even if those users work in different companies.
The companies involved don’t have to share a BES server or federate their servers.
Managing BBM Protected
BBM Protected is added as an IT policy through an enterprise’s existing BES console, without the need to purchase new hardware, install new servers or update the BlackBerry OS.
It works with BES servers’ existing logging and auditing capabilities, so user enterprises can meet regulatory and compliance requirements.
The feature enables chats, group discussions and file-sharing.
Users get delivery and read notifications for messages sent.
No Secret Agents, Man!
Another feature of BBM 10 is that key exchanges are not stored on BlackBerry servers, because neither BBM nor BlackBerry brokers the crypto key exchanges.
By doing this, BlackBerry, in essence, is ensuring that demands for data on its servers will not compromise customers.
While the NSA’s PRISM program comes immediately to mind, BlackBerry also has had run-ins with governments in India, Russia, China and the Middle East.
After fighting long and hard not to do so, it has given various governments — including those of Russia, China, various Middle Eastern countries and India — access to communications over BlackBerry devices by users living in those countries.
“BBM Protected is BlackBerry’s offering to assuage current CIO concerns about government and foreign snooping on their business,” Howe suggested.