[W Hoa]

Some of the highlights from the article:

BYOD, cloud security conerns make military and intelligence agencies hesitate

US national security doesn't like the word "BYOD" and are mostly BlackBerry users still

By Kenneth Corbin | CIO US | Published: 17:04, 25 October 2012



If the shift to cloud computing and the adoption of BYOD policies seem like an inevitability in the corporate world, they are anything but in the military and intelligence communities.

In a panel discussion Tuesday at a government IT conference, Debora Plunkett, information assurance director at the National Security Agency, joked that she would break out into hives at the mere mention of the term "BYOD."

......

"It's very simple: 'I want one device.' I don't think it's any more complicated than that," Robert Carey, principal deputy CIO at the Department of Defense, said of the growing demand for BYOD policies. "Balancing ease of use and security is always the dynamic. Security is the antithesis of convenience."

By its sheer scale, the DoD is a uniquely challenging IT environment. Carey has been leading recent efforts to consolidate and standardize the DoD's far-flung computing environment while also working to bolster the security of its enterprise architecture. At present, the department runs about 10,000 distinct systems, maintains 1,500 data centers and upwards of 65,000 servers.

But in the mobile arena, the DoD is a fairly homogenous environment.

"We have very few devices at the DoD. We are pretty much a BlackBerry house," Carey said.

.........

Blackberry scores in government work

Carey noted that the Pentagon is currently running multiple pilot programs to test various devices from other manufacturers, and working with vendors to harden mobile operating systems to meet DoD security requirements. But he held RIM, the maker of the BlackBerry, apart from other device makers for its focus on enterprise-grade security from the outset, while Apple, Android and other operating systems began with a consumer-centric approach, and have only been beefing up security in response to concerns from corporate and government customers.

Full article:

BYOD, cloud security conerns make military & intelligence agencies hesitate - Techworld.com

[theRock1975]

RIM is definitely on the right track with enterprise and government. The stories about departments leaving BB for competitors gets a lot of attention but they are way overblown. Governments in US, Australia, Canada, UK.. are sticking with BB and RIM has solved some problems that have secured them with these clients.

Here are some facts from BBJam Enterprise:

New invocation framework will enable users of a corporation to transmit data to companies securely through BES/MobileFusion servers. No VPN needed. No encryption/decryption needs to be handled by the programmers, no "hole punching" in corporate firewalls, etc.. This is huge!

The work/personal perimeters will stop the need for users to carry multiple devices. Work hard and play hard on separate partitions.

Android apps will not work in work perimeter, ever! They gave some very compelling reasons. Just switch to personal space and run Android there.

Enterprise App store will be located on the BES server. No need to submit your code to RIM for approval (unlike Google play, Apple App store). Imagine having to reveal your secret processes to Google and Apple? WTF.

From what i've seen, RIM is atleast 10 years ahead of it's competitors in Enterprise/Government. Apple and Google have nothing to show. They'll keep on fighting eachother in the cut throat consumer space. Enterprise/Government will is where all the high margins will be found.

If you're a developer, architect or even CS student, make a name for yourself as a BB Enterprise Architect. You'll be in extremely high demand and make a ton of money!

[sf49ers]

From what i've seen, RIM is atleast 10 years ahead of it's competitors in Enterprise/Government. Apple and Google have nothing to show. They'll keep on fighting eachother in the cut throat consumer space. Enterprise/Government will is where all the high margins will be found.

not many realize that RIM got there 10 before years before anyone thought about it including Microsoft or Apple. Their policy offerings are broken down to such granular level, any man worth his salt will understand what I am talking about and it is still 10 years ahead of everyone. I am surprised people including even big guys at CB team doesn't realize the potential of the NOC, and I remember in one of the pod casts they were questioning do we need it any more or is it relevant anymore? . I will put it this way whatever value RIM holds is because of their NOC. They can make wonders with it, for example think of a service offering where they provide end-to-end encrypted email via NOC on Android and IOS. It is to anybody's guess how much revenue they can generate by doing such a thing. That said looking forward for BES 10..

[theRock1975]

not many realize that RIM got there 10 before years before anyone thought about it including Microsoft or Apple. Their policy offerings are broken down to such granular level, any man worth his salt will understand what I am talking about and it is still 10 years ahead of everyone. I am surprised people including even big guys at CB team doesn't realize the potential of the NOC, and I remember in one of the pod casts they were questioning do we need it any more or is it relevant anymore? . I will put it this way whatever value RIM holds is because of their NOC. They can make wonders with it, for example think of a service offering where they provide end-to-end encrypted email via NOC on Android and IOS. It is to anybody's guess how much revenue they can generate by doing such a thing. That said looking forward for BES 10..

I agree 100%. The NOC is an incredible achievement. Over 600 carriers are connected to this NOC around the world. Email doesnt necessarily need to pass through it. Last week, RIM was awarded the contract with Bell, Telus, Rogers to have all NFC payment transactions in Canada go through RIM's payment solution. They will soon be collecting service revenue from every POS terminal! Why are analysts overlooking this potential? Thor had mention payments through NOC in Indonesia just a few days prior to this announcement. What's next, credit checks, police checks, machine metrics... over NOC?
People are underestimating the need for security. Luckily, RIM are experts in security as much as mobile.

[Roo Zilla]

Enterprise App store will be located on the BES server. No need to submit your code to RIM for approval (unlike Google play, Apple App store). Imagine having to reveal your secret processes to Google and Apple? WTF.

Apple's Enterprise Developer Program does not require you to submit apps to Apple for approval. For Android, you don't need Google's approval for anything, as long as you follow the developer guidelines. Until very recently, Google Play was pretty much a free for all.

[theRock1975]

Apple's Enterprise Developer Program does not require you to submit apps to Apple for approval. For Android, you don't need Google's approval for anything, as long as you follow the developer guidelines. Until very recently, Google Play was pretty much a free for all.

Ok thanks for the clarification. Can you please confirm that Apple doesn't get the sourcecode in their Enterprise program?

[Roo Zilla]

Ok thanks for the clarification. Can you please confirm that Apple doesn't get the sourcecode in their Enterprise program?

Enterprise apps aren't submitted to Apple at all. They're installed in-house, and not via the App Store. To sign up, all you need is a DUNS number and $300. When the Enterprise program was originally deployed, it required the company to have at least 500 employees, they did away with that requirement, now a DUNS number is all that's required.

" In-house application deployment permits an IT to develop and deploy exactly what they require, without wading through Apple’s approval processes or lead times to get into the App Store."

Deploying Internal Enterprise Application for iPhone | iPhoneCTO

EDIT: Since this article was written in 2009, there have been some technological improvements to Enterprise deployment. For example, it's quite easy to deploy OTA now via various MDM systems. This of course, also completely bypasses Apple approval. It's also possible to deploy via iTunes, iPhone config utility, or via App Store if one desires.

[ayekon]

Still waiting for an article explaining why BB's are years ahead of competitors on security...
Law enforcement can hack an iPhone in 30 seconds... And so can you
We all know Android is a cess pool...
Besides the idiotic editorials on someone saying they beat BlackBerry by taking the unencrypted sd card out and using it to their whim, I do not see any other option out there that grants the peace of mind attached with RiM and their products...
Torpedos be damned..

[Roo Zilla]

Still waiting for an article explaining why BB's are years ahead of competitors on security...
Law enforcement can hack an iPhone in 30 seconds... And so can you
.

It seems security specialists at MIT would disagree:

"In fact, in its efforts to make its devices more secure, Apple has crossed a significant threshold. Technologies the company has adopted protect Apple customers' content so well that in many situations it's impossible for law enforcement to perform forensic examinations of devices seized from criminals. "

The iPhone Has Passed a Key Security Threshold | MIT Technology Review

BTW, those iPhone cracking machines that some LE have can only crack devices using A4 chips. they can't crack iPhone 4S or newer. There was an exploit in the A4 discovered by George Hotz (Geohot) that was never patched. That's why devices running on A4 can always be jailbroken. Those phone cracking machines use the same exploit.

[thecsman]

It seems security specialists at MIT would disagree:

"In fact, in its efforts to make its devices more secure, Apple has crossed a significant threshold. Technologies the company has adopted protect Apple customers' content so well that in many situations it's impossible for law enforcement to perform forensic examinations of devices seized from criminals. "

The iPhone Has Passed a Key Security Threshold | MIT Technology Review

BTW, those iPhone cracking machines that some LE have can only crack devices using A4 chips. they can't crack iPhone 4S or newer. There was an exploit in the A4 discovered by George Hotz (Geohot) that was never patched. That's why devices running on A4 can always be jailbroken. Those phone cracking machines use the same exploit.

You can still jailbreak any iOS device. Not a full hack, but a no-no in a secure corporate environment.

Neither Apple nor Google have a NOC. MDMs are still pretty meh, don't you agree?

I'm really looking forward to seeing how the BB perimeter will work on BB10 devices.

[bbmme]

Damn right eh! Go RIM!!

[Plazmic Flame]

Man, BB10 should be good! Security pouring out the wazoo!

[southlander]

Good news. It will be interesting to see the NOC with BB10. With RIM using activesync on the consumer side I suppose the truncated email issue will be gone. Yet the NOC is still part of the device services in terms of configuration, etc seems to be what I heard. (?). So there should be some interesting cloud services tie ins from RIM. Good integration and push everything.

Sent from my BlackBerry 9930 using Tapatalk

[TRlPPlN]

comparing and testing some MDM solutions on my infrastructure and i can honestly say, RIM has a big advantage on certain things that others will not be able to provide at all down the road. So what i can see happening is, all the other smaller agencies will drop BB's but the government will implement BES 10. Regardless of losing handsets out in the field, RIM will not be losing MDM services for the government.