Blackberry scales security technology for IoT devices
January 10, 2019
Blackberry is scaling its secure technology and licensing strategy to empower the electronics industry to bring to market safe and secure IoT devices.
According to a recent survey commissioned by the Canadian company, approximately 80% of consumers in the USA, UK and Canada do not trust their current internet-connected devices to secure their data and privacy. Additionally, when asked about future purchases, respondents said they were more likely to choose a product or do business with a company that had a strong reputation for data security and privacy.
The company's Blackberry Secure feature packs address this concern and buying preference by giving IoT device manufacturers the trusted software and proven framework to build securely smart products – from health trackers to Alexa-enabled speakers – without having to develop the technology and deep cyber-security expertise internally.
To ensure the products have been developed to the company's standards, Blackberry's team of cyber-security experts review the device. Following this process, the product will be deemed Blackberry Secure, a symbol of data security and trust.
"This will be the year consumers will begin to vote with their wallets and seek out products that promise a higher level of security and data privacy," said Alex Thurber, SVP at Blackberry. "IoT device manufacturers can address security and privacy concerns head on and stand out in the cluttered IoT space by bringing to market ultra-secure products that consumers, retailers and enterprises want to buy and use. This new service is a pivotal point in the company's software licensing strategy and underscores Blackberry's evolution from providing the most secure smartphones to delivering the trusted security for all smart things."
OEMs will have the choice of the following feature packs that build on each other and provide various levels of management and control:
- Secure enablement: The enablement pack offers secure manufacturing and product lifecycle management features. Specifically, a manufacturing station provides a hardware root of trust and is connected to the company's network operations centre that is monitored round the clock for uptime and reliability. During manufacturing, a Blackberry Secure identity service key is injected into the hardware and recorded on a secure server. Both at launch and periodically throughout the product's lifecycle, checks are performed to verify that the two keys match. If they do not, the device no longer boots.
- Secure foundations: In addition to hardening the operating system kernel, the foundations pack locks down software being executed with secure boot and Arm Trustzone technology to generate, use and store encryption keys securely for various software operations. It also includes the Blackberry Bid integrity detection service with various components (kernel, Pathtrust, SELinux and so on) across the software stack, and generates real-time health reports that can be accessed by users and trusted third-party applications.
- Secure enterprise: The enterprise pack is for devices that will be used in regulated or restricted environments as it enables deeper management and control beyond what is standard in Android Enterprise. Through extended device management policies deployed on the device, enterprises can protect their data by controlling what can be accessed via device debug interfaces, communications protocols (Bluetooth, NFC) and radios (cellular, wifi, GPS). It can also set policies that add baseline security for certifications such as Fips.