PlayBook security: How RIM aims to keep work and play separate

One of Research in Motion's biggest challenges in a world of the iPhone and Android has been how to keep its products fun and fresh while maintaining the high level of security its corporate users have come to rely on.

RELATED: RIM not sitting still with PlayBook

RIM has employed many methods to meet this challenge with its PlayBook tablet, none more obvious than the BlackBerry Balance technology that it introduced at BlackBerry World this week. Essentially, BlackBerry Balance allows users and IT departments to erect a firewall between personal and corporate data on devices so that end users have more personal freedom to run their own apps while ensuring that corporate data doesn't get compromised.

Among other things, BlackBerry Balance forbids users from copying and pasting information from an enterprise application into a personal application and restricts corporate data access for social networking applications. Additionally, if an employee is leaving their current company with a device that they personally own that contains corporate data, IT departments can perform remote wipes of enterprise data on the device without affecting users' personal data.

Tech debate: iPad vs. PlayBook

RIM is also keeping PlayBook secure through its BlackBerry Bridge system that allows the PlayBook to get access to corporate data by connecting it to BlackBerry smartphones over Bluetooth. RIM touts this as a simple way for IT departments to manage PlayBook because Bridge has a lot of features that automatically protect data wiith minimal intervention from IT.

This is largely because RIM has designed Bridge to provide PlayBook with a "window" into a BlackBerry smartphone's data without actually syncing that data onto the tablet itself. This means that when the PlayBook loses its Bluetooth connection with a BlackBerry device, it also loses access to corporate data. Furthermore, a remote wipe of a BlackBerry device will automatically lock down its cache of PlayBook data to ensure that it cannot be decrypted. Additionally, implementing a password reset on any BlackBerry device will automatically require a new password for Bridge, meaning that a PlayBook will not be able to view data from a reset device until both the smartphone and the tablet have a new password to connect to one another.

Bridge is also convenient for IT departments because it creates a list of applications on PlayBook that can function solely using Bridge, including BlackBerry Messenger, email, contacts, calendar and a special "Bridge Browser" that lets users surf the web securely through the data connection on their smartphone. To sum up, if an IT department wants to manage PlayBooks the easy way, they can simply mandate that employees can only access key corporate applications if they use Bridge to connect to their current IT-supported smartphone.

Of course, this won't be enough for some users who will want email and calendar information on their PlayBook even if they don't have their smartphone handy. For these users, who will be able to access corporate email once RIM pushes out a software upgrade to its tablet operating system later this year, RIM has developed the PlayBook Administration Service, a Web-based administration console that has the same core features as the BlackBerry Administration Service currently used to manage smartphones.

The Administration Service lets IT departments enforce software configurations, IT policies and connectivity profiles while also managing the kinds of applications users can have on their PlayBooks. RIM is also providing IT departments with a catalog of business-approved applications that can be safely downloaded onto PlayBooks and given access to corporate data.

When you combine these three security features - Balance, Bridge and the Administration Service - it becomes clear that RIM's PlayBook gives enterprise users the most security features and options of any other tablet on the market. The tablet's ultimate success, though, could come down to whether corporate users feel they need these strong precautions or whether they can mostly get by with the more limited security features available on the iPad.

Read more about anti-malware in Network World's Anti-malware section.

Join the CSO newsletter!

Error: Please check your email address.

Tags BlackberryPlayBookconsumer electronicsNetworkingsecuritywirelesssmartphonesPhones

More about AppleBlackBerryMessengerMotionResearch In Motion

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Brad Reed

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts