Most enterprises have moved past the value of mobility and are focused on execution. It can be a challenge to determine what tools, processes and other things they need to be able to support whatever mobile initiatives they have -- BYOD included. So with the recent BlackBerry Enterprise Service 10 announcement, what does BB 10 bring to the table in terms of new enterprise management, security and true enterprise mobility?
Two key features are rolling out with BES 10 that are great for the enterprise and deliver good value; however, one is unique albeit some say a gimmick and another is part of most MDM solutions already.
First, the new BES 10 is now using an AES256 encrypted tunnel for all communications between BES and the device that is also FIPS140-2 certified (so the government can use these anywhere!). Think of this tunnel like a VPN tunnel. All data going over it is encapsulated so email, ActiveSync, file transfers, browsing, etc., all now are transported within this tunnel. This enables the enterprise to allow the browser on the BB device to route and access internal enterprise Web apps through the tunnel without the pain of having to configure a VPN profile or even provision a VPN username and password. Given that BB has one of the most advanced Web browsers in terms of HTML5 and other configuration options, this is a great win for enterprises that want to deliver HTML5 mobile Web application experiences to their corporate users without making the Web application public.
[ What can RIM do to regain its position as the enterprise smartphone? Read BlackBerry Comeback: RIM Must Win Developer Support. ]
The second, and more significant, announcement for the enterprise is that of BlackBerry Balance. Balance is a technology where the BlackBerry device is partitioned into two separate but always active worlds: Personal and Work. Each partition is encrypted and secure with the Work Partition being controlled remotely by a policy (Note there is no word on whether you can have multiple Work profiles). Apps such as Box.net can exist in one or both worlds and have completely separate application profiles enabling personal accounts for accessing your personal Box.net files and still have access to the corporate Box.net without data comingling. For example, you can have personal email from Gmail on your personal side and your corporate email on the work side and not have the pesky security restrictions enforced on your personal email as you do on the work email.
The BlackBerry Hub pulls this all together by giving the user a unified inbox, text messages and simple list of apps to run. The user doesn't need to be concerned what side of the device the app resides on. The Hub even securely unifies the work and personal profiles. The profiles are accessed by the sliding of your finger down the middle of the screen, allowing you to switch app screens from one side to another. This method allows for a quick switching between work and personal apps.
There are some settings to allow personal apps to access the work network and also set passwords for the work profile that don't exist in the personal profile. For example, you can use your personal profile all day Saturday and then when you flip to your work profile you enter your password before being able to access any work apps. All of these security items can be centrally managed from the BES 10 server.