How IT kills their best mobile platform. And what to do about it.
by Volker Weber
Photo: blindscape
I am often involved in decisions about future mobile platforms and I have spotted a pattern:
- Company has Exchange or Domino.
- Top users have a BlackBerry.
- BlackBerrys are managed with tight security.
- Users compare an unmanaged iPhone with a managed BlackBerry.
- Top users demand an iPhone.
- Users hate IT for "ruining" the iPhone.
The elephant in the room is item #3. The BlackBerry policies in place are outdated. They were certified years ago, when there was no such thing as BlackBerry Balance. Users can't install apps, can't use the USB port, can't use the memory card, etc.
What is Balance? It lets you deliberately manage only a fraction of the device. The stuff that matters. You define which applications are in a Work Perimeter. Those are locked down. All the other apps can't get into the Work Perimeter. Facebook can't steal your addresses. Users can't copy company internals to their private mail, etc.
With Balance, you have two devices in one. A managed, highly secure BlackBerry, and an unmanaged device that you customize and accessorize as you please. Without compromising the security of your business. No other platform can do this out of the box today. If you want to build something similar on iPhone, the device top users are craving for, you have to use a container like Good provides. That is a very expensive proposition and users generally hate it because "IT does not get it".
So what should IT do? What should RIM do? Go into the big accounts and offer to re-certify their security policies. It makes users happier and it preserves the one solution that can bridge both requirements today: a secure work environment and an enjoyable user experience.
Comments
You could say the same of Lotus.
Go into your existing customers and show them what they can do with your products ( all of them not just the shiny new ones )
I am not sure, but from the outside it looks like RIM/Blackberry is beyhond repair and will go the way of Nokia. My impression (as I said, from the outside) is that the mistakes (like the one you point out) were made at a much earlier stage.
Well, an outside view is often clouded by what you read on the Internet. It's always nice to know what's really going on.
You describe the very reason that I have returned my BB and moved to iPhone, despite the BB being very superior to the iPhone in terms of email and calendar management.
I don't get how some of those security policies are being developed. It probably is a case of "oh, we can lock this done/limit this/require that, so let's do it". Some of my favorite examples are that I have to change the password every month or so, and having to enter the password every time the device is switched on - even if it was off only for a second.
From a vendor perspective, I think the key issue is that their contacts are in IT, not in the business. And if IT isn't even willing to listen, how are they ever going to get the benefits of their proposition in front of the actual user?
Thank you for explaining the problem.
Changing your password once a month is a smart thing to do. And a four digit PIN code is not enough to secure an iPhone. So, if you would have to enter a six character password every time you switch on your iPhone or your BlackBerry, which one would you prefer?
At the same time people lose secret documents and thumb drives in cabs every day. I see people on flights handling secret information in documents and PPT-presentations for anyone to see. At least if you sit near by.
People need to put this into perspective.
@1 Sean
I hope this is what IBM Business Partners already do all day (because it is their job).
The Blackberry Playbook probably is the best tablet device you can get nowadays for less than 300 Euro (even cheaper in the US) and still it's not selling. The problem with companies like RIM (and Nokia) is that there comes a point when technology and features become less important. Hardly anyone wants to have a gadget from a company that is not winning (especially in management positions).
For RIM there is a chance that in the long run (upper) management does not want to use the same gadgets than, for example, their trainees (and really everyone has an iPhone nowadays). With Fusion, RIM already is developing a solution for managing mobile devices (not just from RIM). The combination could become quite powerful.
RIM is a company that has been growing fast for many years. Those companies are very vulnerable if the growth suddenly stops as they often cannot adapt fast enough.
Changing your password every month indeed can be a smart thing. But many people aren't smart. They will write it down. And because there are many passwords and many policies they will write them all down in an insecure place and/or carry them around.
Step 6 often is omitted and users become happy (big companies might work different but at least there is a lot of talk about "Bring your own device").
@Mus L
From the company view there are some reasons for models like BYOD or giving smartphones to their employees, for example
- the employees most often will use these kind of phones in their free time too, some of them will also read their mails and respond to them
- it adds some attractiveness (is this a real word ? I am no native speaker) for potential employees
Sorry, the comment I referred to seems no longer available.
Nope. The comment writer did not understand the concept "full name".
I HAVE to enter a 6 digit key every time.
How does changing it once a month increase security? I can see why that makes sense for websites or systems where a remote logon is possible, but for a personal device? With that, 2 things would have to happen: 1) get to know/guess the passcode and 2) get access to the device.
How likely is that?
(and if I lose the device I can have it wiped in a matter of hours)
What do you think is easier: entering a six character passcode on the iPhone or the BlackBerry? Which one is easier to spy?
Regular changes to the password keeps you from using "default" passwords that people close to you know, like your kids for instance. Or your friends.
Device wipe is a CYA feature. There are only two scenarios:
Somebody finds or steals your device and does not intend to return it. Since it has a passcode the person will wipe it for you.
Somebody steals your device because he wants data that is on your device. That person will make sure it never sees a network again, so the kill pill is never delivered.
The passcode is your only working line of defense. And it has to hold up.
How do you educate people? Pick up their unprotected device and post something embarrassing on Facebook. Or switch the device language to Chinese.
@Henning
from my experience I suspect that there are many small / medium customers out there who do not have a Business Partner aligned with them - and the Business Partners do not know who they are.
Sean
Sean, you are not trying to highjack my topic, are you?
Once vowe switched you to Chinese you want to look out for:
设置 and 语 and then 英语 or 德语
:-) stw
P.S.: If the characters don't show install the Chinese language pack of your OS
BlackBerry Balance is a great approach, if you are already running a BlackBerry Solution.
What should IT do?
First check and consider these points:
1. Is your BES5 already SP3 and later?
2. Are your device on a current firmware? Bold 9000 and older are out of luck, because you need at least OS 6.0, Bundle 1478. (Are you frequently updating device software?)
3. Do not look after the term "Balance" in your BlackBerry Administration. "BlackBerry Balance" is just RIM's marketing term. All technical docs referring for example to "securing devices for personal use and work use". In BAS you will find the corresponding IT policies in the section "Personal Devices" where you may "enable separation of work content".
4. And of course: If your company is paying an expensive BlackBerry data plan with a traffic limitation, private internet use will count against this plan, too. Have a look at an unlimited plan...
