Speaking recently in Kuala Lumpur, Malaysia, mobile products and services firm BlackBerry's senior executives - Dereck Daymond, vice president of sales APAC; Nader Henein, regional director of BlackBerry product security; and Ben Quirin, BlackBerry IndoChina managing director - tackled the different security needs of the enterprise and public sectors as well as privacy issues faced by all Malaysian businesses within the country's Personal Data Protection Act (PDPA) regulations.
A Q&A layout of the responses from the three senior executives is presented below.
Photo - (From left) Dereck Daymond, Vice President of Sales APAC at BlackBerry; Nader Henein, Regional Director of BlackBerry Product Security; and Ben Quirin, BlackBerry IndoChina Managing Director.
Dereck Daymond, Vice President of Sales, BlackBerry APAC :
What does security generally mean for enterprises today?
Our teams work closely with customers to better understand their needs and concerns. In the past, most people were not aware of the need for security on their phones. However, today both security and privacy are hot topics for anyone who uses a mobile device.
We have seen company executives resign because of data breaches and generally people are becoming more concerned about the importance of securing data, especially as mobile devices now have far more computing power and the capability of handling more and different types of data.
The importance of security in the workplace has never been higher and cyber security threats are placing more pressure on enterprises: it is critical for companies to protect and prevent data leakage. Both governments and enterprises must secure their data especially in the light of recent high-profile corporate data leaks, which have caused tremendous damage and drawn attention to the need for secure Enterprise Mobility Management (EMM).
When it comes to true end-to-end security trusted by the world's most powerful leaders, the choices are few and far between. BlackBerry is synonymous with mobile security, and we will continue to do everything we can to protect our valued customers and their data. We are deploying BlackBerry products in highly-regulated industries, from finance to medical, and that's where security is most needed.
How is BlackBerry faring in the security space?
BlackBerry provides the industry's most comprehensive mobile security platform, and we're committed to advancing mobile security in order to continue delivering the unique level of protection BlackBerry customers rely upon.
No other company can claim BlackBerry's security milestones including:
o BlackBerry 10 is the first mobile solution to earn "Full Operational Capability" level of certification for operation on U.S. Department of Defence Networks.
o BES10 and BlackBerry 10 smartphones were the first to be approved by NATO for classified communications up to "Restricted" level
o Working with Secusmart, BlackBerry is the only vendor able to provide mobile devices that include anti-eavesdrop technology that meets the requirements of government organizations around the globe, including the German government
Also, the BlackBerry security model is the only model in the industry that encompasses hardware, manufacturing (supply chain), software, service authentication, VPN and behind the firewall management into a single end-to-end solution
o BlackBerry products and solutions are protected by best-in-class AES 256-bit encryption, a highly secure, internationally recognised data protection standard
How is BlackBerry reinventing itself for enterprise, business, and government?
There is no doubt that cyber threats, which include data theft and security breaches, are common threat for both small and large organisations. Companies spend about US$1.5 to US$5 million to recover from data breaches.
Security remains at the core of what allows us to provide the mobile-first capabilities that help enterprises be more productive in the workplace. BlackBerry has an aggressive plan to continue to lead in the enterprise mobility market while also developing a broader set of tools and value-add services.
Our goal, of course, is to remain the number one provider of EMM solutions, with BES10 today and BES12 later this year, and we're focused on providing our customers with increased choice and flexibility in how they will meet their employees' mobility needs.
We've taken the time to listen closely to our enterprise and government customers. And, in short order we have:
o Developed a new BES12 platform that takes customers beyond EMM to application-enabled mobile environments.
o Opened our mobility ecosystem by enabling AirWatch, Citrix, IBM and SAP to be the first MDM companies to manage BlackBerry 10 devices.
o Made it significantly easier to migrate or upgrade to BES12 thanks to the EZ Pass Migration Program.
What is the BlackBerry message to organisations in Malaysia and Asia?
The fact is that BlackBerry has the largest installed base and highest calibre customer base, an unparalleled global infrastructure, and the deepest understanding of how to provide secure, productive mobile collaboration and communications in the enterprise space.
The new BlackBerry has an aggressive plan to continue to lead this market. While we execute against this plan, it's critical that we also help our customers understand these and other facts amidst a sea of outdated assumptions and misperceptions. The reality is that in a few short months, the new leadership team has made decisive and swift changes to re-energize our enterprise strategy and put our company on the path to success.
Also, our recent partnerships and announcements, including Amazon and EnStream, set the stage for the launch of BES12 later this year. BES12 will be much more than a software upgrade to BES10. It will provide the foundation for managing a wider range of intelligent end-points, and ultimately more "things" in the Internet of Things, including more mobile devices, laptops, desktops and other intelligent endpoints.
Nader Henein, Regional Director, BlackBerry Product Security :
How is BlackBerry enhancing mobile security for the government and public sector?
We recently announced our acquisition of Secusmart, a German mobile security company, which is aimed at securing voice and data and putting better mobile security. We work with them to develop an even more secure solution for the government sector.
So how do we guarantee security? We believe that security has to be built into every part of our enterprise solutions and every single device. All you need to do is to select a number to dial and the device ensures it has a secure line. This allows the device to pick up the little signals, and shows the way you pick up the phone to ensure the line is secure, without the user needing to learn anything new or download another application, which is a critical part of our processes. It has to just work and that's the power of BlackBerry.
What does the expected enforcement of Malaysia's Personal Data Protection Act (PDPA) mean for local organisations?
The PDPA is the first step towards how private information is managed without impacting businesses and for BlackBerry, we ensure our products can provide compliance to our enterprise customers. However, it is just the first step and moving forward we are definitely going to see stricter policies around this in due course.
For instance, in the European Union, data protection and information privacy regulation has been implemented on stricter levels. European Union law requires the reporting of security breaches as well as strict civil and criminal liabilities - which means that if there is a malicious breach in privacy, a Chief Security Officer could be held liable in the eyes of the law.
Globally, we are seeing a rise in number of breaches disclose and ideally, a market should be ahead of well-built security and not just well-marketed security, and this should be the distinction moving forward.
Enterprise mobility needs mitigation and requires careful assessment of risk scenarios. There is a need for thorough evaluation of technical EMM approaches to reduce incidents that range from minor security breaches to the worst and most dramatic cases.
In recent years, BlackBerry has lost its stronghold within the government. For example, the Department of Defence approved Samsung KNOX for use on its networks. Does this mean that other smartphones are just as secure as BlackBerry devices?
Absolutely not. In March BlackBerry became the first, and remains the only mobility solution to receive Full Operational Capability (FOC) to run on U.S. Department of Defence (DoD) networks. The designation enables government users with a BlackBerry 10 smartphone connected with BlackBerry®
Enterprise Service 10 (BES10) to securely access email, data, apps and other DoD network resources. As the first mobile solutions provider to achieve FOC, BlackBerry continues to prove why we are the most trusted enterprise mobility platform.
BlackBerry also remains quite strong in the government and manages the mobile infrastructure of over tens of thousands of customers worldwide, including all G7 governments, 16 of the G20 governments and 10 out of 10 largest global enterprises in each of the pharmaceutical, law firm and automotive industries.
How is BlackBerry addressing consumer privacy concerns?
Mobile technologies are changing the way that people live and work. With change comes inevitable risk. It seems that the rush to own the latest app has overshadowed the safequarding of one's privacy. Securing your privacy should never be taken lightly. When consumers download an app from an app store, they should check its properties for possible risks or exposures: the majority of users don't.
The truth is that you shouldn't have to check because your smartphone should already contain the necessary tools to ensure you aren't vulnerable to cyber-attacks or phishing. Instead of asking millions of BlackBerry users to purchase or download and maintain anti-virus software on their devices, we scan each and every app in our cloud with BlackBerry's multi-layered approach for app-vetting. BlackBerry Guardian and Trend Micro's reputation engine ensure that apps that don't meet our stringent security and privacy specifications are never on offer on our storefront.
For messaging, we have BBM, BlackBerry's award winning instant messaging application which relies on an anonymous PIN number to uniquely identify each user. Unlike most solutions in the market that rely on the user's phone number or their email address, the unique PIN provides absolute anonymity. A user must share their PIN with another to connect over BBM because we value the user's privacy over viral growth.
Built into our operating system, Parental Controls provide clear options to restrict access to specific BlackBerry functions, features and applications such as the Browser and Messaging amongst others. BlackBerry Protect allows for tracking of lost or stolen devices to protect their users and the information they hold.
BlackBerry is still synonymous with security; it's baked into our solutions, deep in our DNA. We use the same countermeasures developed for heads of state to protect individual privacy. Likewise for enterprises, BlackBerry ensures the information is secure and only accessible by people authorised to see that information. For consumers, we care about their privacy, that is your private pictures, private information from any kind of unauthorized access.
Ben Quirin, Managing Director of IndoChina, BlackBerry :
How has BlackBerry business in Malaysia been affected by BlackBerry's global challenges?
Malaysia is still one of our key markets and we are excited about the opportunities that Malaysia has for us. According to IDC, Malaysia is the fastest growing smartphone market in Southeast Asia with 40 percent year-over-year growth rate and will ship more than 8 million units of smartphones by 2015.
We are working to continue raising market awareness of the BlackBerry 10 platform and its unique capabilities and enhancements. BBOS products have been very successful here, and we are continuing our efforts to ensure users learn, adapt to, and love BlackBerry 10.
It is vital to ensure that mobile communications and the devices supported by enterprise platforms are not compromised. For instance, the expected enforcement of the Personal Data Protection Act (PDPA) in Malaysia will require companies to ensure that the processing of personal data is taken care of before the collection of the data.
Could you talk about some of the security challenges you think Malaysian businesses need to consider?
Sign up for CIO Asia eNewsletters.