Mobile // Mobile Business
07:00 AM
Risk Data as a Strategy
Apr 06, 2016
There is a renewed focus on risk data aggregation and reporting (RDAR) solutions, as financial ins ...Read More>>

BlackBerry Swipes At Android Security

In response to Google I/O announcements, BlackBerry criticizes Android's lack of security. On point, or sour grapes?

IT Salaries: 8 Cold Hard Facts
IT Salaries: 8 Cold Hard Facts
(Click image for larger view and slideshow.)

BlackBerry CEO John Chen took a swipe at Google this week, suggesting the Android-maker's new security push is too little, too late. In today's world of BYOD, Chen says businesses need to prioritize security from the start, not add it after the fact.

Android For Work will be built into Android Release L, and will also be available separately for earlier versions of Android going back to Ice Cream Sandwich. Google is relying a bit on the hard work done by Samsung to entice businesses by adopting portions of Samsung's Knox security platform. With Android For Work, businesses can separate work data from personal data through containerization. The segregated data can be managed from the IT admin console and locked, wiped, or restored as needed without touching the owner's personal information.

Android For Work also allows for the bulk installation of apps to an entire fleet of devices. According to Google, companies won't have to modify their apps to function within the Android For Work environment.

It's a big step forward for Android, one that should make it more attractive to businesses. In a blog post, BlackBerry's Chen contends Google's efforts are a good first step, but are only the start.

"At Google's I/O developer conference, the company said it would do several things to boost Android's security. Most prominently, this includes separating work and personal apps and data in coming versions of Android by leveraging Samsung's Knox containerization technology," said Chen. "I'm delighted by this first step. The need to improve Android's security was clear. And it validates what we at BlackBerry have been saying all along about the potential perils that businesses face in the BYOD era."

[Do you have a Mobile Security Action Plan?]

As Chen points out, however, Knox's success can be described as limited at best. Fewer than 2 million Samsung devices are actually running Knox. To put that in some perspective, Samsung sells between 75 million and 90 million smartphones per quarter.

"Tens of millions of BlackBerry devices are trusted every day by Fortune 1000 firms worldwide," said Chen. "Our BES software dominates the enterprise mobility management space, with more business customers than our top three competitors combined. And while Knox tries to build a fortress upon an insecure foundation, BlackBerry's entire infrastructure is constructed upon a multi-decade bedrock of mobile management and security expertise."

Chen's blog then devolves into a long-winded and analyst-backed pitch for BlackBerry's products and services. Comparing Android's numbers to BlackBerry's, however, shows just how much impact BlackBerry's security focus has in the real world.

During its I/O keynote, Google's Sundar Pichai said there are more than 1 billion active Android devices on planet Earth. That's a device for one out of every seven people on the planet. Android owns more than two-thirds of the global market for smartphones. By Chen's own admission, BlackBerry's presence in the market has dwindled to just tens of millions of users. Its worldwide share has fallen to about 3%. Microsoft's Windows Phone platform, which is struggling for relevance, now outsells BlackBerry.

"While we applaud Google and Samsung for their plans, we don't think it's enough for security-minded enterprises. Don't be dazzled by those who can talk the security talk. Instead, look to the company that has proven repeatedly it can walk the walk," concluded Chen.

There's no doubt BlackBerry's model offers strong security. For many businesses, however, Android L and Samsung's Knox may be secure enough. Sometimes secure-enough is all the security you need.

What do you think? Are Chen's comments warranted, or do they come off as sour grapes from a cast-aside has-been?

Most IT teams have their conventional databases covered in terms of security and business continuity. But as we enter the era of big data, Hadoop, and NoSQL, protection schemes need to evolve. In fact, big data could drive the next big security strategy shift. Get the 6 Tools To Protect Big Data report today (registration required).

Eric is a freelance writer for InformationWeek specializing in mobile technologies. View Full Bio

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Page 1 / 2   >   >>
User Rank: Apprentice
7/19/2014 | 11:38:00 PM
Android Security dissertation
Hello. I am starting my dissertation on Android Security. Please help me by visiting my kickstarter project and support. Here is the link:
User Rank: Moderator
6/30/2014 | 1:56:23 PM
Re: Tears of lost glory
@Les Beyond its incompetence, Blackberry appears to be making the even harder to explain move of mocking other companies that are more successful. 

Blackberry seems to forget that market share renders a lot of other points moot, including product superiority. All of us know scads of products and services that had advantages over companies who were leaders at the time, but couldn't get it together enough to be a sincere challenger. 

This just sounds like another example of this with a layer of "sour grapes"  on the top.
User Rank: Ninja
6/30/2014 | 7:42:23 AM
Re: Security, Reliability and Market share
"So why is Blackberry upset? They have reliability issues due to the design of having everything go through their data-center. This channel has failed more than once. Lesson learned, single point of failure bad. The android mechanism provides a mechanism to "privatize" the key data synchronization into each"


These are very good points, and one of the reasons I was very happy to finally turn off the last company owned Blackberry device a few years ago and to shut down our BES server.  Blackberry put a good deal of emphasis on controlling the software, data and connection but the outages were more than just a little irritating.  I think everyone has been waiting for Apple and Google to get a better mobile management system implemented but we have also realized that we can survive without a Blackberry style implementation.  We've started looking at smartphones as little laptops and treat them the same way. 

User Rank: Strategist
6/29/2014 | 7:31:46 PM
Security, Reliability and Market share
This is a conversation I have been waiting over a year to happen.

To make a successful hybrid of business and personal data and devices segmentation and proper authoritative control is a key element. I give a standing ovation (of one, me at least) to Google for actually starting the development of the key controls in this element that has actually been needed for decades. (yeah, laptops needed it but never got it back in the day) I see this as a core "feature" technology mechanism that will be taken for granted within the next five years.

So what should this really look like from a use-case point of view. I believe that enterprise IT needs the authority and immediate ability to protect the corporate intellectual property (and devices) through the tools of absolute policy control and ability to "scrub" a remote data island, but only for what belongs to the company. The IT department needs these tools to fulfill it's part of the mission in protecting corporate assets while meeting the desires of the social mission in allowing personally owned and customized technology for user convenience. (BYOD is a much abused meaningless catch-phrase, please quit using it)
Creating the built in separation of business and personal gives IT a standardized mechanism that we have have had to customize and crowbar wedge into devices before or just blanket take ownership and responsibility for the entire device.

So why is Blackberry upset? They have reliability issues due to the design of having everything go through their data-center. This channel has failed more than once. Lesson learned, single point of failure bad. The android mechanism provides a mechanism to "privatize" the key data synchronization into each enterprise's IT department or spread out the load across the massive Google data center architecture. This means much lower risk as a platform, and lower isolated failures (if a company has a server go down, no one else's businesses are affected) Versus, Every single hand-held in the market experiencing an outage of sync data because Blackberry data service centers are getting DDOS attacks.
 Yet if I was Blackberry, I would be nervous too; but rather than whining, I would look to learn from Google and build upon it.
User Rank: Ninja
6/29/2014 | 3:50:58 PM
Re: Tears of lost glory

to add to your comment, I think that fact that BB is lashing out at Google is evidence enough that they know they're in trouble. In the past they dominated there aspect of the industry, and now the only piece of the pie they have left, there are companies trying to get there hands on it's of no surprise that Google is trying to gain traction in the enterprise.


I also agree that BB is one of those companies that'll be remember for it's successes and failures.
User Rank: Apprentice
6/29/2014 | 11:52:11 AM
Managin BYOD
The BYOD concept can be intimidating for IT staff, but there are strategies to minimize security risks and device management headaches.  HTML5 technologies can allow users to connect to applications and systems without requiring IT staff to install anything on user devices. For example, Ericom AccessNow is an HTML5 RDP client that enables remote users to securely connect from iPads, iPhones and Android devices to any RDP host, including Terminal Server and VDI virtual desktops, and run their applications and desktops in a browser. This enhances security by keeping applications and data separate from personal devices.

Since AccessNow doesn't require any software installation on the end user device IT staff end up with less support hassles. Any user that brings in their own device merely opens their HTML5-compatible browser and connects to the URL given them by the IT admin.

Visit for more info.

Please note that I work for Ericom
User Rank: Apprentice
6/29/2014 | 11:34:43 AM
Re: Tears of lost glory
LIke you say Stratustician, those companies that allow the discussion to be around what employees choose to bring in from home, focusing on ease-of-experience over security, will sadly be those in the news most often with exposures of their intellectual property, customer or employee private data. I don't disagree that BYOD shapes policy - there's nothing new in a disruptive technology changing behavior - but it's sad to see some companies abandon policy alltogether in the interests of saving the cash that would buy their tethered employees a device. That's very short-term, pedestrian and dangerous thinking. Some companies will do that but it's no reason to think it's acceptable. Maybe they won't last long. I challenge the actual numbers of companies, Fortune 1000 companies, allowing "ANY" device. I suspect it's not as many as very small companies who nickel and dime their financial reports.  "If you think security is expensive, try going without."
User Rank: Ninja
6/29/2014 | 10:48:53 AM
Re: Tears of lost glory
While it's easy to focus on who has the better security offering, the real discussion will still be around what types of devices employees want to use.  If organizations have higher ratios of one mobile OS, that will most likely shape their security policies.  Whether the solution is as solid as another isn't sadly the main discussion anymore.
User Rank: Apprentice
6/29/2014 | 10:35:56 AM
All devices are not equal.
I'd like to hear about battery life and responsiveness directly from people who own iPhones and Androids that have MDM clients on them and that have no hardware encryption chip. I've been told by many that their personally owned phones, that were not designed to run MDM 24/7, are slow and must be charged every six to eight hours. But I'd be posting hearsay in a forum so prefer real statistics. A device designed for the consumer doesn't usually fare well in corporate use, just as using your personal vehicle for a 40 hour work week proves not to be the best tool for the job. It's not  a simple matter of software upgrade.
Les Moor
Les Moor,
User Rank: Apprentice
6/29/2014 | 9:23:15 AM
Tears of lost glory
BYOD demands that IT support all of the devices.  BB can talk trash all it wants but after the major missteps it's made is it smart?  It will not shame consumers into buying its products, especially when their confidence in BB has been eroded, and may anger IT professionals.  There is a long history of products that disappeared because management made poor decisions.  BB is likely to be one of those.
Page 1 / 2   >   >>
InformationWeek Elite 100
InformationWeek Elite 100
Our data shows these innovators using digital technology in two key areas: providing better products and cutting costs. Almost half of them expect to introduce a new IT-led product this year, and 46% are using technology to make business processes more efficient.
Register for InformationWeek Newsletters
White Papers
Current Issue
4 Trends Shaping Digital Transformation in Insurance
Insurers no longer have a choice about digital adoption if they want to remain relevant. A comprehensive enterprise-wide digital strategy is fundamental to doing business today.
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on for the week of April 17, 2016. We'll be talking with the editors and correspondents who brought you the top stories of the week!
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.