Most enterprises have moved past the value of mobility and are focused on execution. It can be a challenge to determine what tools, processes and other things they need to be able to support whatever mobile initiatives they have -- BYOD included. So with the recent BlackBerry Enterprise Service 10 announcement, what does BB 10 bring to the table in terms of new enterprise management, security and true enterprise mobility?
Two key features are rolling out with BES 10 that are great for the enterprise and deliver good value; however, one is unique albeit some say a gimmick and another is part of most MDM solutions already.
First, the new BES 10 is now using an AES256 encrypted tunnel for all communications between BES and the device that is also FIPS140-2 certified (so the government can use these anywhere!). Think of this tunnel like a VPN tunnel. All data going over it is encapsulated so email, ActiveSync, file transfers, browsing, etc., all now are transported within this tunnel. This enables the enterprise to allow the browser on the BB device to route and access internal enterprise Web apps through the tunnel without the pain of having to configure a VPN profile or even provision a VPN username and password. Given that BB has one of the most advanced Web browsers in terms of HTML5 and other configuration options, this is a great win for enterprises that want to deliver HTML5 mobile Web application experiences to their corporate users without making the Web application public.
[ What can RIM do to regain its position as the enterprise smartphone? Read BlackBerry Comeback: RIM Must Win Developer Support. ]
The second, and more significant, announcement for the enterprise is that of BlackBerry Balance. Balance is a technology where the BlackBerry device is partitioned into two separate but always active worlds: Personal and Work. Each partition is encrypted and secure with the Work Partition being controlled remotely by a policy (Note there is no word on whether you can have multiple Work profiles). Apps such as Box.net can exist in one or both worlds and have completely separate application profiles enabling personal accounts for accessing your personal Box.net files and still have access to the corporate Box.net without data comingling. For example, you can have personal email from Gmail on your personal side and your corporate email on the work side and not have the pesky security restrictions enforced on your personal email as you do on the work email.
The BlackBerry Hub pulls this all together by giving the user a unified inbox, text messages and simple list of apps to run. The user doesn't need to be concerned what side of the device the app resides on. The Hub even securely unifies the work and personal profiles. The profiles are accessed by the sliding of your finger down the middle of the screen, allowing you to switch app screens from one side to another. This method allows for a quick switching between work and personal apps.
There are some settings to allow personal apps to access the work network and also set passwords for the work profile that don't exist in the personal profile. For example, you can use your personal profile all day Saturday and then when you flip to your work profile you enter your password before being able to access any work apps. All of these security items can be centrally managed from the BES 10 server.
The other quick improvement for enterprises is that BES 10 now includes an enterprise App World that is separate from the Public App World, which can help limit what apps can be installed.
Balance is RIMs take on mobile device virtualization that we have seen from others such as Nokia and VMWare. It has the potential to be a great win for the enterprise; however, there are problems with the overall strategy that warrant discussion. First, balance requires BES10 and RIM could not confirm how many BES email hosting providers are planning to upgrade to BES10 or even support BES10 so if you are not an enterprise that wants to use BB Balance you may be out of luck until the major BES hosting providers catch up. Furthermore, for your enterprise to leverage Balance an upgrade to BES10 is required and all users have to use the new BB10 devices, which could be a deal killer depending on cost and the other BYOD initiatives.
The real question for the enterprise, "Is this too little too late?"
Last year, RIM released BlackBerry Fusion, which enabled an enterprise that was mostly blackberry to manage Android and iOS devices from the same console, which morphed into BES 10. Fusion was RIM's answer to all the MDM vendors making money off managing RIM devices and a way to stem the bleeding of enterprise's moving to Android and iOS. We reviewed Mobile Fusion in our BYOD story in December 2012 and found it isn't a great MDM solution by itself. It would be an okay solution for a heavy RIM shop to support a small amount of iOS and Android users and wasn't the best option available. The core problem with the solution was the lack of a unified console (which has been addressed in BES10, we are told, but have not verified) and that it did not have any features that the other MDM vendors didn't do. In other words, it was a me-too solution that just helped a BB organization deal with the pesky iOS and Android devices.
And that's the crux, unless you are a dedicated hardcore RIM shop -- the ability to manage iOS and Android devices with BES10 causes a problem for enterprise users looking to adopt BB 10 devices. Why would you? Since a user has to physically exchange their existing BB device to get the new features, and that same enterprise can now support iOS and Android, the user will have the option to upgrade to an iOS or Android device. With the experience being completely different on BB10 devices even hardcore BB users will need to relearn the entire device, a major detractor to just sticking with RIM.
Given that consumerization has led this trend to date, we don't think the new enterprise features -- which are really the only enhancements to the device as all of the consumer enhancements are just copycat functions of iOS and Android -- are going to be enough for the end user to stick with BB when facing the decision to change. BES10 is too little too late for most enterprises as the value proposition just isn't strong enough to overcome all the benefits of the other platforms for end users and RIM didn't do anything to reduce the costs and complexity associated with a BB infrastructure.