General Locomotives like any other companies in the recent times of technology puts emphasis in the deployment of new and latest technology. This majorly entails use of enterprise mobility. For instance, General Locomotives are capable of receiving and replying emails over their handheld devices. This is achieved through the browser or application option.
However, as it is well known there lurks a number of hackers who would want to enter into business or organizational information technology with their attitudes well known to them. Mobile security comes into place to counter the actions of the hackers (Bergman, et al., 2013).
In this paper, we will discuss mobile computing and security basing our discussion on Blackberry MDM/MAM application. Security to mobile devices has become major concern in recent years due to increased use of number mobile devices in organizations. The problem is coupled within business enterprises as the continued trend towards IT consumerization has led to more and more employee-owned devices connecting to organizations network. Major security threats to mobile security are: Application insecurity, Device theft, Malware attacks, Device leakage and Device loss.
Brief description of MDM/MAM
MDM abbreviates Mobile Device Management. It is practiced in form of software that business enterprises can deploy to control, enforce policies, lock down and encrypt mobile devices named above.
MDM software provides IT department team with ability to have full control over mobile devices. IT department essentially can do anything with the device (Turban, et al., 2017). This must be awesome. However, how many of you would want their personal devices be controlled by somebody somewhere?
Mobile Application Management (MAM) came into place to provide a solution to the above question. MAM is similar to MDM except for it provides to IT department full control of a particular mobile application rather full control of every application of the mobile device. The idea in general that Mobile Application Management is that IT department can lock down, secure and control their organizational applications whereas everything else is left for the mobile device user. Additionally, Mobile Information Management (MIM) is another mobile computing technology that is being embraced. MIM can be described as a cloud based service that synchronizes documents and files across different mobile devices. Such cloud services include but are not limited to Google drive, Box, Microsoft SkyDrive, Dropbox that are for personal use. WatchDox, Citrix ShareFile, RES HyperDrive and Vmware Octopus are examples of corporate MIM application (Pierer, 2016 ).
Bagchus defines Blackberry as an enterprise solution that allow IT department to mobilize at workplace. Employees can make timely decisions on basis of the best information available, hence, increased productivity and boosted business performance. The Blackberry Enterprise lets mobile users to have access to information and communication wirelessly. This is through emailing and texting the organizer and the corporate data (Bagchus, 2013). It has provided corporates benefits that include but not limited to lowest total cost and flexibility of operations. For flexibility benefit, blackberry provides leading email platforms, applications from a range of vendors and back-end systems. It also allows IT department to manage numerous messaging servers, wireless network technologies, devices and enterprise systems through only one Blackberry Enterprise Server. It allows business corporates to keep their workers connected to their information, while profiting from a low generally total cost of operation. This kind of solution provides good stored data and wireless data security.
Wireless data security, rsa secure-id and end-to-end enciphering two factor authentication are deployed. In the end-to-end enciphering, the mobile blackberry enterprise resolution delivers two transportation enciphering options, triple information encryption standard and advanced encryption standard for every data transmitted amongst blackberry smartphones and Blackberry enterprise servers. .Every secret key kept singly in the operator’s protected enterprise account like Ms. Exchange and on BlackBerry handheld smartphone. It can be restored wirelessly by the operator (Schaefer & Rossberg, 2016).
Data transmitted to Blackberry handheld smartphone is always encrypted by the BlackBerry Enterpriser server by use of private key obtained from client’s mailbox. Encrypted data is transmitted securely transversely the network to end handheld device where is deciphered with a key deposited there. Information remains enciphered during transmission and is never deciphered outside the company firewall. The RSA secure-id 2-factor offers corporates with added authorizations when operators access the application info or company intranets on BlackBerry phones.
BlackBerry mobile info system services make use of RSA agent/ace approval API 5.0 to border to RSA servers. Operators are prompted for username and OTP secret word when they visit the application or site that requires authorization (Hu & Wen-Chen, 2010).
BlackBerry Mobile Information System services act as the secure gateway amid corporate intranets and wireless network and internet. They leverage BlackBerry Triple DES or AES enciphering means of transport and similarly support https links to application software servers. Https communication is supported by BlackBerry smartphones in one of the two modes. This is dependent on the commercial company security requests.
Proxy Mode: the tls/ssl connection is established application server and the BlackBerry Enterprise Server in the best interests of BlackBerry smartphones. The information from application software server is at that moment Triple DES or AES enciphered and transmitted via the wireless link to BlackBerry phones.
End-to-End Mode: Information is enciphered over tls/ssl for the whole connection amongst the application server and BlackBerry smartphones. This makes end-to-end mode links more suitable for applications wherever only operation end-points are reliable. Smartphones for BlackBerry have applications created using BlackBerry jde which has specific functionality like ability to execute on the startup or to access possibly supersensitive BlackBerry smartphone application information, necessitates developers to register their application with Research in Motion. This methodology complements protection by offering a superior rank of control and expectedness to the loading and behavior of the application software on the BlackBerry smartphones. In addition, BlackBerry registering authority facility can aid protect access to functionality and information of third party application utility by enabling organizational administrators or developers manage access to the specific sensitive API and information data centers via use of server-side application software and private and public signature. To assist secure BlackBerry MDS Studio application programs from interfering, organizational developers can register the application program bundled with the digital certificate (Santos & Block, 2012).
They can deploy both a generated certificate or trusted certificate authority. The BlackBerry MDS studio creates and cyphers applications with licenses that are in order with public key infrastructure standard. For put in storage information security, BlackBerry Enterprise Solution covers wireless device and corporate security and provides administrators and developers with facilities to manage the security.
To protect data kept on BlackBerry handheld smartphones, secret word authentication can be made compulsory via the customizable Information Technology of BlackBerry Enterprise Server. Passcode authentication is restricted to less than ten attempts by default, after which the smartphone’s memory is wiped away.
Local enciphering of all information can also be enforced through IT policy. For the passcode custodian, advanced encryption standard enciphering technology allows secret word entries to be kept securely on the handheld device. Furthermore, system administrators are able to develop and send wireless instructions to remotely alter BlackBerry smartphone secret words and delete or lock data from stolen or lost BlackBerry smartphones. BlackBerry Enterprise Server Security (BESS) is another form of security as it does not store information or email. It increases the security from unauthorized parties by ensuring there is no staging area between BlackBerry smartphone and the server where data is deciphered (Satish Bommisetty, 2014).
Security is supplementary enhanced by consenting only outbound-initiated, authenticated connections via port 3101 of a firewall. There is no inbound traffic is allowed from sources apart from the email server or BlackBerry smartphone. This implies that unapproved commands can’t be performed on the system. Communications that can only be deciphered are the ones with a valid encryption key between the wireless network and the server.
Comparison between BlackBerry and MobileIron MDMs
Architecture: MobileIron architecture hybrid-based. It has two types of Communication servers which makes it hybrid. They include: Cloud Communication Server (which is a communication server installed in the cloud and there is no need to install the server) and local communication server (which is locally deployed on the premise). On the hand, BlackBerry architecture is cloud-based. BlackBerry UEM Cloud service has a BlackBerry Connectivity Node that is installed on corporate’s firewall controlling incoming and outgoing traffic.
Installation Platforms: BlackBerry is supported with windows server 2008 and above. MobileIron supports VMware ESX or Microsoft Hyper-V. However, MobileIron Core can be established as a standalone hardware appliance.
Supported Devices: BlackBerry supported devices are BlackBerry PlayBook, BlackBerry smartphones, Android and iOS. MobileIron on the other hand supports three major mobile platforms namely Google’s Android, Microsoft Windows Phone and Apple’s iOS.
Technical approach: Technically, MobileIron is a subscription-based SaaS service. It has a mobile connecter deployed on-premises data center, and ensures that cloud Connected Cloud syncs with enterprise resources such as Active Directory and LDAP. BlackBerry Enterprise Solution has a UEM that is cloud-based service that allows management of corporate devices. This is achieved through use of Connectivity Node which is a component installed on corporate’s firewall (Mukherjea, 2016).
Solution Designation Requirements
- BlackBerry UEM Cloud: BlackBerry UEM Cloud service allows system administrators to manage mobile devices used by corporate’s environment.
- BlackBerry Dynamics NOC and Infrastructure: BlackBerry Dynamics NOC operations center provides secured communications between BlackBerry control, Proxy and Enterprise Mobility Server and BlackBerry Dynamics apps on mobility devices.
- BlackBerry Infrastructure: BlackBerry Infrastructure is installed to register operator information for mobility device activation and validation licensing information.
- Third-party content servers and application: BlackBerry UEM requires connection to application and content servers in corporate’s environment. These servers include mail, company directory, etc.
- BEMS and BlackBerry plug-ins: BlackBerry works with added plug-ins such as BlackBerry 2FA, Workspaces, Enterprise Identity and BlackBerry WorkLife allowing extended management activities.
Au, M. H. & Choo, R., 2016. Mobile Security and Privacy: Advances, Challenges and Future Research Directions. New York City: Elsevier Science & Technology Books.
Bagchus, W., 2013. GroupWise 2012 Administrator's Guide. New York City: Lulu.
Bergman, N., Stanfield, M. & Rouse, ., 2013. Hacking Exposed Mobile: Security Secrets & Solutions. Pennsylvania Plaza New York City: McGraw Hill Professional.
Hu & Wen-Chen, 2010. Handheld Computing for Mobile Commerce: Applications, Concepts. Hershey: IGI Global.
Mukherjea, S., 2016. Mobile Application Development, Usability, and Security. Hershey: IGI Global.
Pierer, M., 2016 . Mobile Device Management: Mobility Evaluation in Small and Medium-Sized. Springer: New York City.
Santos, R. A. & Block, A. E., 2012. Embedded Systems and Wireless Technology: Theory and Practical Applications. Boca Raton, Florida: CRC Press.
Satish Bommisetty, . T. . M., 2014. Practical Mobile Forensics. Birmingham: Packt Publishing Ltd.
Schaefer, G. & Rossberg, ., 2016. Security in Fixed and Wireless Networks. 2nd ed. Hoboken, New Jersey: John Wiley & Sons..
Turban, B. E. et al., 2017. Electronic Commerce 2018: A Managerial and Social Networks Perspective. 9th ed. Salmon Tower Building New York City: Springer.