When experts talk about security, they always use the words “risk management” and a “layered approach.” What exactly do we mean with those words and how do they apply to mobile communications?
Risk Management is the simplest to explain. Risk surrounds us every day and via a combination of behavioral choices, tools, social norms, regulations and more we are mostly able to manage it. Take my favorite city in the world, London. So big, diverse, and walkable it attracts millions of visitors a year. And if you’re like me, those very large, very red, double-decker busses that come right up to the curb – on the “wrong” side of the road – are a clear and present danger to me and the millions of other visitors who drive on the right and look to left before we cross at home.
London helps to manage this risk by painting on the ground, before each crosswalk, the words “look right”. Risk isn’t eliminated – I might be too engaged with my screen to notice the warning signs – it is managed and reasonably minimized without fundamentally changing the nature of the risk-worthy reward (a pleasant stroll through Soho).
The second term – “layered security” – is most easily understood by thinking about how you might protect something valuable in your home. Perhaps you start with a good front door and lock. You add a home security system. You put the valuable item in a safe – both to protect against burglary and fire. This is layered security, a thief might get in the front door, but that will trip the alarm, if the alarm is defeated, they still must contend with the safe, and so on. While none alone eliminates risk, taken together and properly applied (did you lock the door? set the alarm? secure the safe?) each layer helps to manage and further minimize risk.
A similar approach is taken with smartphones. Because many of us place them at the center of our connected lives, we take on a lot of risk by trusting them with very sensitive personal and business information. We do this because we gain significant benefits, provided we can adequately manage the risk of unauthorized access.
In BlackBerry-branded devices, the Android OS includes several built-in security features which BlackBerry Secure extends and increases. BlackBerry locks down capabilities in the Android OS that could give attackers the opportunity to compromise your device, and the software provides a secure environment that makes it difficult for attackers to find vulnerabilities or perform attacks. Furthermore, downgrade prevention protects you against loading an Android OS version that doesn’t have the latest security fixes.
We inject security keys during manufacturing to make sure that you have “genuine” hardware. We utilize “secure boot” technology to make sure that no malware loads before the operating system. We make modifications throughout the Android operating system “stack” to not only harden it, but also to have “triggers” that ensure if there is an attempt to hack the software, you are alerted.
To top it off, we have the DTEK application’s active security dashboard that provides a real-time look into what is going on inside your BlackBerry Android smartphone.
Each layer of security works together to manage and minimize risk and ensure that you have the world’s most secure Android smartphone, one that proudly carries forward BlackBerry’s legendary reputation for mobile security.