BlackBerry 7.0 has come out on top in a comparison of mobile platforms and how they meet the demands of use in the enterprise, following research from Trend Micro, Altimeter Group, Enterprise Mobile Foundation and Bloor Research.
The platforms were each scored on a combination of factors, including built-in security, application security, authentication, device wipe, device firewall and virtualisation.
BlackBerry 7.0 attained an average score of 2.89, followed by Apple iOS5, Windows Phone 7.5 and Google’s Android 2.3, with scores of 1.7, 1.61 and 1.37 respectively.
“Security people I work with are scared witless by consumerisation and the rapid adoption of these devices. Aside from the technical challenges, organisations need to understand the importance of a decent mobile device security policy and supporting user education,” said Nigel Stanley, an author on the report.
With BlackBerry, the researchers commented that corporate-grade security and manageability make this platform the option of choice for the most stringent mobile roles. However, many features and protections that are commonly enabled or enforceable via the BlackBerry Enterprise Server (BES) are not present on devices that are user-provisioned via BlackBerry Internet Services (BIS).
Apple’s iOS application architecture natively provides users much protection because all applications are “sand-boxed” in a common memory environment, the research said. Security in iOS also extends to the physical attributes of the iPhone and iPad and there are no options for adding removable storage, which in effect provides another layer of protection for users.
Apple also compared favourably to BlackBerry insofar as the BlackBerry IT administrator has complete control over the device, whereas in iOS, the IT department can only configure items once the user has supplied their permission
The researchers said that Microsoft has learnt the lessons of the past and created a reasonably robust and secure smartphone operating system in Windows Phone. They added that the OS uses privileges and isolation techniques to create sandbox processes, and these “chambers” are based on a policy system that, in turn, defines which system features the processes operating in a chamber can access.
Although Android is now available in more recent versions (4.x), version 2.x is still the most widely deployed on existing and new handsets, according to the research. This is a security risk in itself, it said, as there is no central means of providing Operating System updates – meaning many users remain unprotected from critical vulnerabilities for a prolonged period.
On the plus side, it is a privilege-separated operating system and applications can’t access the network without prior consent, the researchers said. Unfortunately the end user often fails to closely inspect the permissions request dialogue in their haste to use the app, and it is often unclear, when permissions are given, what the application is actually capable of, they added.
“Against the growing, unstoppable backdrop of consumerisation and BYOD, every mobile device is a risk to business,” said Raimund Genes, CTO at Trend Micro and a researcher on the report.
“What is interesting in these results is that, whilst some mobile platforms have evolved very noticeably along enterprise lines, there is still a strong ‘consumer marketing’ legacy in some quarters and this is negating some of the progress made on the enterprise front. Indeed, some of the attributes we have examined in the report are still firmly ‘enterprise-unready’,” he added.
