BROCHURE THERE’S GOOD SECURITY AND THEN THERE’S NATIONAL SECURITY BlackBerry 10 and BES10 The perfect balance of protection and productivity Back to the Contents THE PERFECT BALANCE OF PROTECTION AND PRODUCTIVITY Contents BlackBerry 10 & BES10 3 Corporate Networks Under Attack 4 BlackBerry Security 5 Protecting Data in Motion 7 BES10 Security Philosophy 8 BES10 Certification & Encryption 9 BES10 Layers of Protection 9 Tech Talk 1 & 2 10 Protecting Work Data on Personal-Use-Enabled Devices 11 BlackBerry Balance 12 Tech Talk 3 13 Enforcing Strong Access Controls 14 BlackBerry 10 Device OS Security Features 15 BES10’s Gold level Controls and Settings 16 Manging Devices 18 BlackBerry Mobile Device Management in Action 19 End-to-end Security 21 3 BlackBerry 10 & BES10 End-to-end mobile data security without compromising business productivity or user satisfaction Keeping corporate data secure is a top priority for The entryways for potential attacks, data loss and productivity any organization. After all, a data breach can cause compromises include: significant financial losses, expose executives to legal Employees maintaining a mix of corporate and third-party actions, damage your company's reputation and weaken applications on the same device and exchanging information or eliminate competitive business advantage. between the two domains As more employees access your corporate network The installation of threat-vulnerable containerization through mobile devices to communicate, collaborate on mobile devices and share data, your infrastructure becomes increasingly Employees visiting sites where they encounter malware or vulnerable to outside attacks and harder to secure and malicious threats protect. The mixing of personal and work email accounts, apps and data, as well as the proliferation of employee- The use of employee-owned devices to access enterprise owned devices, increases the chance of major data leaks. resources and information Rivaling the importance of information security, IT managers need a solution that helps them: however, is business-user productivity and satisfaction. Deliver transparent security for an optimal user experience A mobilized workforce is only effective if the end-user experience is uncompromised and critical applications Provide integrated containerization that enables simple and productivity tools operate as efficiently from a enterprise application development and deployment mobile device as they do from a PC attached directly Reduce employee misuse of devices to the corporate network. An effective mobile security solution is one that imposes no limitations on end-user Keep personal and work information separate productivity. Ensure that network data, both in transit and at rest, are kept secure The BlackBerry end-to-end enterprise security solution secures data from would-be attacks and loss without requiring you to compromise productivity or user BlackBerry delivers a security solution that satisfaction. satisfies the needs of both enterprises and government agencies. The solution provides IT managers must now consider a highly complex the confidentiality, integrity and authenticity to corporate network infrastructure, accessible to a growing number and diversity of devices and applications, when help protect your organization from data loss devising a plan to protect corporate information and and theft while delivering a seamless, simple maintain worker productivity. and uncompromised end-user experience. Back to the Contents 4 Corporate Networks Under Attack* 71% 54% Of breaches targeted Of breaches compromised user devices... servers.... 78% 66% Of intrusions rated as low Of breaches go undetected difficulty... for six months or longer... *Verizon 2013 Data Breach Investigations Report Back to the Contents 5 An unavoidable consequence of the explosive expansion of BlackBerry Security mobile devices within businesses and organization of all sizes is a proportional elevation in vulnerability to security breaches A fully integrated end-to-end enterprise and data leakage. To protect your information from increased mobility security solution exposure to attacks or data loss through accidental or malicious means, IT administrators require a comprehensive security solution, but one that does not sacrifice business productivity or end-user satisfaction. BlackBerry end-to-end security is purpose built to deliver optimal protection for work- related content, both on devices and in transit. BlackBerry security delivers fast, integrated device, application and content management and fully encrypted behind-the-firewall access to corporate data without the need for 3rd-party VPNs or add-on security. The BlackBerry network, combined with its infrastructure authentication, device management capabilities and hardened BlackBerry® 10 operating system, is the ultimate end-to-end mobile security solution. BlackBerry security focuses on four critical areas: • Protecting data in motion • Protecting work data on personal-use-enabled devices • Enforcing strong access controls • Managing devices All G7 These four functions protect your data from GOVERNMENTS breaches, losses or alteration as it transits and 16 of the G20 governments the end-to-end path from your enterprise, rely on BlackBerry security BES10 server, the BlackBerry network and, ultimately, your employees’ BlackBerry devices. Back to the Contents 6 The ultimate standard for end-to-end mobile security 45 35PB Security certificates per month on average. Only MDM provider More than any other mobile vendor Moves more secure mobile data through its infrastructure than to obtain ATO on U.S. any other EMM vendor Defense networks AES FIPS Dedicated 256 140-2 Security Team Back to the Contents 7 Protecting Data in Motion A key element of the BlackBerry solution for in-transit data security in BES10 Because many of your employees work outside the office, BES10 Overview it’s critical that you have strong security measures in place BlackBerry has long-been the ultimate in mobile security. – both on employees’ devices and across internal network An integral component of the BlackBerry solution is BES10, infrastructure – to protect data in transit. A key element of the which secures in-transit data using transport layer security BlackBerry solution for in-transit data security is the BlackBerry over the BlackBerry infrastructure. BES10 encrypts data using Enterprise Service 10, BlackBerry's device and application AES 256-bit encryption prior to transmission, while message management platform. BES10 offers built-in data encryption keys are encrypted by the device transport key. BES10 also to help both enterprises and government agencies protect protects and manages devices and applications within the sensitive information and minimize data loss or alteration. end-to-end BlackBerry security solution. Secure Enterprise Connectivity Work Personal BlackBerry Enterprise Service 10 Enable Work Network TLS over For Personal Use (Enable/Disable) AES BlackBerry BlackBerry SSL (Optional) Mobile Data Dispatcher and Connection BlackBerry Wi Fi Wi Fi Infrastructure Service Firewall or 3G/4G BlackBerry 10 or 3G/4G Enerprise Management Web Service SSL Enable Work Network For Personal Use (Enable/Disable) VPN over Private Network Content servers Wi Fi VPN over Firewall with Firewall with SSL (Optional) or 3G/4G BlackBerry 10 Wi Fi VPN Gateway VPN Gateway or 3G/4G Web servers Wi Fi Microsoft ActiveSync VPN: IPSec or SSL SSL (Optional): Authenticated with server specific certificate TLS: BlackBerry infrastructure authenticated SSL: Authenicated with client/server certificates generated with self certification during activation AES 256: Encrypted with device transport key Wi Fi Wi-Fi: IEE 802.11.i with 802. 1x generated during activation (EAP-FAST, EAP-TLS. EAP-TTLS, PEAP and LEAP) Back to the Contents 8 Protecting Data in Motion cont. BES10 Security Philosophy Confidentiality Integrity Authenticity The security features found in BES10 are built upon a foundation of confidentiality, integrity and authenticity. Confidentiality BES10's encryption capabilities ensures that only intended recipients can view corporate data. Integrity All email sent over a secure network is strongly encrypted to keep third parties from decrypting or altering the message. Authenticity BES10 provides two-way authentication upon pairing with the device, helping reduce the possibility of counterfeit devices accessing your infrastructure. Back to the Contents 9 Protecting Data in Motion cont. BlackBerry 10/BES10 FIPS 140-2 Certification Encryption Options Businesses and government agencies alike need to feel confident BES10 uses a technique called tunneling to protect data in that their highly sensitive data – whether it’s in storage or transit over a secure network. Tunneling incorporates multiple in transit – stays secure from would-be attackers. The U.S. layers of encryption between devices, BES10 and the wireless government created and implemented the FIPS 140-2 computer resource for additional data protection. security standard and uses it to accredit file encryption modules. For example, when employees access the corporate Wi-Fi Both the BlackBerry 10 OS and BES10 software are FIPS 140-2 network, data transmissions between their device and certified, which means that your organization’s data is strongly BES10 are secured first by AES encryption and then by encrypted and the corresponding encryption keys are rigorously Wi-Fi encryption. protected. BlackBerry 10 devices, controlled by BES10, are the only mobile
Details
-
File Typepdf
-
Upload Time-
-
Content LanguagesEnglish
-
Upload UserAnonymous/Not logged-in
-
File Pages23 Page
-
File Size-