Canadian handset maker BlackBerry wants business users to know it's made the Android platform secure. Very secure. The company is going full court press to allay the fears of users who have grown wary of the mobile operating system, which has become the focus of multiple security vulnerabilities in the past several months.
The reason for BlackBerry’s new-found obsession with Android security is the Priv, the company’s latest handset and the first to run the Android system instead of BlackBerry’s proprietary OS. The move to launch an Android-powered device was seen as a belated acknowledgement that even business execs and politicians want access to a wider variety of apps than the company could make available.
A Secure Android Phone?
By offering BlackBerry customers an Android option, the company has a chance to win back once-loyal clients who had long ago defected to the more versatile mobile operating system. But rolling out an Android device also comes with major risks for BlackBerry.
In particular, to the extent that the company still has a toehold in the smartphone market it’s only thanks to its reputation for data security. Adopting a system known for its vulnerabilities could threaten to eliminate BlackBerry’s one remaining competitive advantage.
Which brings us to yesterday’s blog post, in which BlackBerry's director of security Alex Manea makes the case that the Android-powered Priv is just as secure as any of the company’s other handsets. “Building on decades of experience securing mobile devices and years of experience integrating Android technologies, the brand new Priv by BlackBerry is the perfect smartphone for businesses and consumers looking for productivity, privacy and security,” Manea said.
The Priv will be significantly more secure than any other Android phone on the market, thanks to the inclusion of BlackBerry’s proprietary security technology, according to David Kleidermacher, BlackBerry’s chief security officer.
Root of Trust
Among the security measures BlackBerry has applied to the Priv is a hardware manufacturing process it calls “Root of Trust,” in which the company injects keys into all of its hardware components during manufacturing. Every device is verified whenever it connects to the BlackBerry network.
Another security measure is the company’s Verified Boot and Secure Bootchain, which uses the embedded keys to verify every layer of the device from hardware to OS to applications to ensure they haven’t been tampered with, according to Manea.
The company has also included a hardened Linux kernel that it has reconfigured to provide additional security. The Priv also comes with full disk encryption enabled by default, along with the company’s BES12 enterprise mobility management platform. The Priv will also integrate with Android for Work, allowing users to maintain separate spaces for work and personal data and enabling enterprises to secure corporate data apart from users' information.
IT administrators can also use Google Play for Work to manage and deploy enterprise applications so they can whitelist apps to create custom catalogues, self-host the APK files and ensure that users cannot download apps to their work spaces from anywhere else.