[deadcowboy]

I'm happy to say that an an acquaintance of a friend is considering the BB10 for his small sales force because of the encryption provided. A small business in the medical sector, but the fines involved with simply losing sensitive information are very scary.

How does iOS and Android compare to BB10 when it comes to encryption and user-side security. I'm definitely pulling for BB10 in this case and would like to advise on the subject.

What's the deal with the newest BES in a situation like this? What about email safety in this situation?

[anon721037]

I would think you can't get any better than BES if it's security you are going for, that's why government use it.

[deadcowboy]

I have another question, then: how could using Android apps compromise security of email accounts? Most apks require every permissions access that they ask for.

So would a company using BES forbid android app use?

[Jerale]

Here's the thing:

iOS uses RSA security encryption

Android uses RSA security encryption

BlackBerry uses ECC security encryption (able to turn on/off)

RSA is known to have some backdoors implanted. Due to Android being open it can only be hacked through malicious software and apps. iOS just has some security holes in it. Only way to 'breach' a BlackBerry is through the networks (wifi, cloud, etc).

To defeat being breached BlackBerry doubles it's encryption through AES256 encryption for both work and personal reasons (Samsung does the same with Knox). BlackBerry becomes more secure through their MDM network security which is BES. BES also secures iOS and Android.

Powered by my BlackBerry (Z10). Join my #BBM Channels C001227CF, C00476C37, C003829C9, C002454C9,C002190AC, C00120CE3

[deadcowboy]

Interesting. Thanks for the reply. So operating with BES, all phones have that high level of security.

What about operating without BES? Is there really that much of an advantage for a BlackBerry over a Samsung with Knox implemented? Is ECC better or worse than RSA?

I'd imagine there are security levels that must be implemented for insurance purposes for those in the medical sector--standards. So a phone lost with ECC would generally be harder to crack than an iPhone?

And again, could sideloaded android apps compromise security, or does the ECC encryption on a BB10 phone prevent that?

[SmellWhole]

Well, BlackBerry 10 has "Balance," so work and personal spaces are separate on a BlackBerry on BES. More about that I don't know. Perhaps the android stuff can be limited to the personal side of the device?

The data stored on BlackBerry handsets is more secure than the data stored on many iOS and android handsets, because Cellebrite UFED equipment cannot bypass a locked Blackberry handset's password. Various iOS and android models are vulnerable; a Cellebrite UFED user can plug the equipment into the devices' USB ports, circumvent their passwords, and access their data.

[deadcowboy]

Well, BlackBerry 10 has "Balance," so work and personal spaces are separate on a BlackBerry on BES. More about that I don't know. Perhaps the android stuff can be limited o the personal side of the device?

The data stored on BlackBerry handsets is more secure than the data stored on many iOS and android handsets, because Cellebrite UFED equipment cannot bypass a locked Blackberry handset's password. Various iOS and android models are vulnerable; a Cellebrite UFED user can plug the equipment into the devices' USB ports, circumvent their passwords, and access their data.

That's some good information, thank you. And as much as I need to be able to research it properly from here, I think. But more information is always wanted.

Security on a lost phone is the paramount concern. And as I said, I think there my be specific security requirements for those carry sensitive data (medical). Thanks again.

[Alain_A]

Research Knox on android phone. It like having a phone into a phone..need password to get to it. files in there are separate from personal side.
You can only download app from the knox store which says secure.

[CarbonKevin]

When adding an exchange email account to an Android phone, the user has to grant the email administrator the ability to wipe the entire phone remotely. That's because of the inferior encryption and security used by Android. Not sure if using Knox removes that requirement.

BlackBerry are secure enough in "civilian" mode - that is, non-BES - that no such admin authorization is required.

For me, that says a lot about how secure BlackBerry is, and how secure Android ISN'T.

Posted via CB10

[CarbonKevin]

I have another question, then: how could using Android apps compromise security of email accounts? Most apks require every permissions access that they ask for.

So would a company using BES forbid android app use?

From what I understand, the Android virtual machine is a "sandbox" - APK files can play within the box, but they don't get to play outside the box.

Posted via CB10

[deadcowboy]

From what I understand, the Android virtual machine is a "sandbox" - APK files can play within the box, but they don't get to play outside the box.

Posted via CB10

Oh, yes. The android folder with its doubles. Makes lots of sense, now.

Thanks for the other info on Knox. Sounds like it's little more than a storage locker.

[zorgond]

Op, can't really say much here but since you're talking about bes, maybe you can try the enterprise section of Crackberry, sure people with bes knowledge can help you more on that.

Posted via CB10

[Jerale]

Interesting. Thanks for the reply. So operating with BES, all phones have that high level of security.

What about operating without BES? Is there really that much of an advantage for a BlackBerry over a Samsung with Knox implemented? Is ECC better or worse than RSA?

I'd imagine there are security levels that must be implemented for insurance purposes for those in the medical sector--standards. So a phone lost with ECC would generally be harder to crack than an iPhone?

And again, could sideloaded android apps compromise security, or does the ECC encryption on a BB10 phone prevent that?

I'm going to try to answer your questions as best as I can:

"Interesting. Thanks for the reply. So operating with BES, all phones have that high level of security."

- Yes.

"What about operating without BES? Is there really that much of an advantage for a BlackBerry over a Samsung with Knox implemented? Is ECC better or worse than RSA?"

- Operating without BES will only make your phone less secure through the network. Without BES your phone is still prone to phishing attacks just will be hard to physically hack (through cables and such). RSA is much weaker than ECC so I would believe it's worse for ECC. All these rumors about backdoors being implanted into iOS and Android devices are due to the RSA encryption keys which was said to have been already hacked by security agencies such as the CIA and NSA. Knox, like BES, also uses AES encryption but it doubles on RSA and has also already been hacked but unlike BES, Knox is also consumer oriented meaning it's also available to consumers.

"I'd imagine there are security levels that must be implemented for insurance purposes for those in the medical sector--standards. So a phone lost with ECC would generally be harder to crack than an iPhone?"

- Yes, a phone lost with ECC would be harder. There's no possible way to hack BB10. No rooting or jailbreaking of any sort. Earlier software such as 10.0 have been known to be rooted but ever since BlackBerry has made the software encryption stronger through software updates.

"And again, could sideloaded android apps compromise security, or does the ECC encryption on a BB10 phone prevent that?"

- I'm not sure about sideloaded apps but I do know Android apps are repackaged and sandboxed. I would think your BlackBerry is still secure even with sideloaded apps. I mean as long as you get your apps from stores BlackBerry considers as 'trusted' (Amazon) I'll pretty much think your phone is safe from malicious attacks. Knowing how Google has so many malicious apps I would say this is why BlackBerry wouldn't allow it services on BB10. Sideloading isn't even relevant anymore now that we can direct download. Also due to the embedded QNX Neutrino microkernel if your phone ever comes across a malicious app, to prevent it from crashing the embedded OS would reboot the process without having to shut down the whole phone.

This is the best way I can explain it for you. Hoped this helps.

Powered by my BlackBerry (Z10). Join my #BBM Channels C001227CF, C00476C37, C003829C9, C002454C9,C002190AC, C00120CE3

[deadcowboy]

Very helpful and informative. Thank you.

[Jerale]

Very helpful and informative. Thank you.

Oh and I almost forgot. If your job uses VPN it's available in BB10 through "Networks and Connections". I'm not sure how it works but I guess all you would need is access to your corporations VPN network.

Powered by my BlackBerry (Z10). Join my #BBM Channels C001227CF, C00476C37, C003829C9, C002454C9,C002190AC, C00120CE3

[Dr Rose]

Here is my 2 cents:
In BlackBerry, Data can be completely encrypted, and applications abilities can be restricted. While the controls are a benefit, they come at a cost. The ease of management can be time consuming for a non-enterprise user. More consumer-oriented devices are anticipated with the release of BlackBerry 10.
The BlackBerry App World market, which is the platform’s source for third-party applications, offers some degree of control for application submissions. Fortunately for RIM, developers of spyware and malware have not targeted the BlackBerry market to the same extent as they have the Android market.
A common complaint from BlackBerry users is that the user interface, or UI, is cluttered. However, that doesn’t seem to stop business and enterprise users from turning to this platform for business productivity purposes.