The Datalocking Company - Security for your BlackBerry

By Ryan Blundell on 3 Sep 2008 02:53 am EDT
-
loading...
-
loading...
-
loading...

Datalocking Company

"Keep your confidential emails confidential"

The world demands more and more accessibility to anything and everything. Sometimes, we forget that we, either as individuals or as a company, aren't the only ones who crave easy access. Just take a look at the past year or so, with countless "leaked information" on upcoming Berrys and other devices. Even some corporate downfalls can be credited to information from a simple email in the wrong hands. A misplaced Berry, or a prying eye could spell disaster. In this day and age, we cannot disconnect the phones, shut off our computers and mobiles and just stop talking to everybody. Dear old Uncle Ben taught us "With great power comes great responsibility." It's time to look at what we can do to ensure our privacy and security. ** special offer for CrackBerry Readers at the end! **

Prevention over Apprehension.

I had an opportunity to chat with the DataLocking Company, who provide complete, worldwide privacy and security solutions for those who rely on communication by email, like me. Not only can they secure messages on your BlackBerry, but your information will be secured in every nook and cranny that an email can be stored or viewed. The name is Blundell, Ryan Blundell. I have a license to Kill (my Berry if need be). My mission is to share with you, the DataLocking Company's vision and solution for complete privacy.

About the DataLocking Company

The DataLocking Company is a BlackBerry Alliance Member that is privately owned and based out of California. They are also partnered with T-Mobile and Vox Mobile. Its use of technology started off in Canada. In its early days, there was a group of high net worth individuals who were experiencing issues on their corporate servers, mainly with sending emails that contained proprietary information. This group approached the DataLocking Company, looking for a way to secure communications and email so that their own people weren't leaking trade secrets and other sensitive information. Since then, they've grown from providing specific applications, to a suite of applications that can be tailored to an individual or a company's needs.

DLC
security that works

I was able to get a hand's on look at their email encryption capabilities. The DataLocking Company utilizes an S/MIME 4096 bit encryption service through secure servers to keep a tight grip on the information shared between sender and recipient. S/MIME stands for Secure Multipurpose Internet Email Extensions. This encryption service is available for both the BlackBerry and desktop email platforms. Encrypted email arrives with a small key icon displayed over the message envelope. As I receive an email, I have to enter my BlackBerry password and private key to decrypt the message in order to view it. Not all of the emails I receive are encrypted. I was able to read emails sent from my CrackBerry account without entering in a private key.

DLC
each encrypted message requires a key

DLC
for your eyes only

Upon closing the decrypted message, your message becomes secure once again.

Nathanael Lineham, CEO of the DataLocking Company, explains why they chose the BlackBerry to sport their solutions.

"BlackBerry is the only, truly, secure end to end platform in the world. With Platforms like Palm, Windows Mobile, there's no real way to secure the info on the device itself. One of the features of the BlackBerry, is the ability to wipe your BlackBerry remotely. With the services available from the DataLocking company, you can also control the device end to end, control how the user uses a device, and only the BlackBerry can allow that. For example, you can turn the camera on or off on a user's BlackBerry camera from the server level. This allows us to provide complete end to end enforcement of company's privacy policies and security policies. Other platforms cannot support this level of security. We are in the business of delivering privacy, if there was a single breach, we would be out of business. If [the DataLocking Company] were deploying Palm, we'd have breaches everyday."

DLC
Various options

DLC
information about your key

Picture this; you are in the middle of a Merger/Acquisition Team and you're about to close the biggest merger in your Company's history. You have critical information, within emails, saved on your BlackBerry. The merger could come crashing down if anyone was able to access these emails. Your BlackBerry is locked, so you feel your information is pretty secure. Is it really? No. If someone can get their hands on your beloved Berry, there is technology available to the world that will allow them to get any piece of information they want from it. If you were to lose your mobile, you'd probably be feeling quite sick to your stomach at this point. The DataLocking Company's solutions could remedy this situation, if it arises. All you have to do is order in a Kill, your BlackBerry that is.

Kill My BlackBerry - Contact the DataLocking Company and report the lost or stolen Berry. They, in turn, will wipe all of the information on your BlackBerry remotely and immediately.

Silent Kill - This feature is very similar to Kill My BlackBerry. This feature allows you to physically wipe your device. If you put in a variation of the password, that variation sends a notification, through an encrypted pass, to the company's back end and then the administrator kills the Berry for you.

Most may not use the Silent Kill feature. If you were in a situation where you were forced to open your email, perhaps for security reasons, this feature would be monumentally beneficial.

The DataLocking Company provides various Enterprise, Monthly and Pre-Paid DataLocked plans for you needs. I cannot quote strict pricing, as the pricing depends on the size of the Company in need, and the level of security it requires. The level of security may vary, from using on-shore or off-shore secure servers, encryption and closed loop communications. Closed loop means that messages can only be composed, delivered and received by members within a defined ring. No outside messages allowed. Companies may look at this closed loop very closely, to eliminate breaches and Company owned BlackBerry abuse. If required, they also have BlackBerrys available with the DataLocked solutions pre-installed.

The Three Pillars

DLC

As their website explains, it takes three disciplines to make complete privacy and anonymity, if necessary. The Three Pillars (from the website) are;

Technology: we apply advanced encryption service at 4096 BIT through servers to the Blackberry device. We ensure that the message residing on your Blackberry, its transmission and where it resides on the server are secure to all potential viewing points. Thus ensuring the intended recipient and its creator are the only ones that have access to view the message(s).

Legal: our solution is based around two key principals. One, servers are located offshore creating a jurisdiction hurdle for someone trying to order or subpoena our clients information. Two, resides with the actual ownership of the information. Neither you nor we own the encrypted information on the servers and thus neither can be forced to produce something we do not own or potentially have access too.

Corporate: our corporate policy's and products on how we identify a customer associated with what relevant information that we hold creates the third and binding attribute of true privacy. Our anonymity ability combined with the controlled rights and access of customer information are in concert with internal technology supporting your security."

Their biggest challenge they experience is showing a client where there potential breaches are and help them change the habits they have developed.

Lineham says "Before the age of email, if I wanted people to have access to a file, I would give them a key to a cabinet, I knew exactly who had access. The challenge is today, people you don't even know, within your company, have access. People haven't thought about the impact with changes they have made in technology. Many people from around the world could be looking at the same document and making changes simultaneously and collaborating to increase our ability to be productive in business. But, the challenge is, every one of these customers has not thought with that access how much of their security and confidentiality has been breached. . The way that we overcome it is with information, education; making them aware. The second thing is simple little things, like our technology."

Lineham said that they are not popular with IT people. "Because we ask the question that they don't want asked; Who other than you, Mr CEO, is reading your messages?" I don't see where the issue lies. I would be elated if the pressure of that level of security was taken off of my shoulders. Just as one bad apple could spoil the bunch, one shady employee could spoil an important decision.

The abilities of the services offered are strongest when your contacts are using them as well. It doesn't make sense to have only one party signed up while the other isn't. How can the conversation be private if not every recipient is secure? Make sure your contacts sign up as well to ensure there are no breaches.

Conclusion

DLC

I want to thank the DataLocking Company for their insight and the opportunity to experience truly secure, truly private email communication. As I said before, the demand for instant, simple access to information is high and we must ensure that the security around this must be even higher. The DataLocking Company will work with your company to define and enforce the security and privacy policies, based upon the laws and regulations of the industry.

"Policies are like tea bags," says Lineham, "you never know how strong they are until you put them in hot water."

To Nathanael Lineham, Peter McKinnon and Brent Huling, thank you for your time, passion and expertise. The services provided by the DataLocking Company, in my opinion, are critical and should be the foremost thought for each organization looking for secure communication.

For more information on the DataLocking Company, and their services, click here.

SPECIAL PROMOTION *** The DataLocking Company has a very special offer for members of CrackBerry.com. During the month of September, the DataLocking Company is offering a 1 month trial subscription, FREE for anyone who signs up with their service!!

Head over to www.datalocknow.com and take advantage of this offer. While you're there, why not take their privacy test and see how secure you really are?

20 comments

rpalumbo

Thank you this article, our company is in the process of updating our infrastructure for the security of our systems. We have a ton of personal information, Name, SSN, Address, work history, etc, etc...if that information fell into the "wrong hands" it can be a huge loss for the person and the company. I have already forwarded this information to our IT department and with the amount of new Blackberry's on our network I believe this is a valuable piece of information. Prevention is always better than the cure. Thanks again

tonybunce

Doesn't BES do most of this already (IT Policies, Content Encryption, remote wipe, etc.)?

John_1337

This is stupid. This article pretty much described a BES with SMIME enabled.

Anonymous

John is right.. This is just spin

myvia

I am a very happy Datalocking customer for many years now. We have used it for our company and have never had a security infringement ever. A couple of or employees have lost it and we had to kill the berry making sure that none of our clients information was vulnerable to the outside. I will continue to use this service for many more years to come. If any of you are interested in getting one I can forward you my account executive’s info.

Anonymous

Didnt know they have been around for Many years! Since when do you take a privacy test to see how secure you are

send me your acct execs info.

Datalocknow

rpalumbo, I would be more than happy to follow up with your company and help answer any questions they may have. It sounds like your company would be a perfect candidate for our services. Feel free to reach me at brent.huling@datalocking.com. Thanks.

Datalocknow

John and Tony, with all due respect, you are confusing the difference between privacy and security. You can be as secure as you want, but the question is, who is reading your emails and how many people have access to your emails? Over 90% of all corporate breaches are internal. Add the closed loop communication services and the fact that all emails can be stored off shore to avoid litigation, and it is pretty obvious that our services are far greater than just BES and SMIME. Lastly, with our VIP plan, all users can remain completely anonymous if needed.

Most big companies already have some sort of security programs in place. Some policies are good and some aren't. We add another layer on top of the security, which is privacy. This will be a very important aspect of corporate policy in the years to come.

Anonymous

TThis is really a stupid concept you dont need offshore servers to be private. Much easier solutions out there. All this is a sales and marketing company selling you something you can buy yourself... Any Corp customers?

Datalocknow

It is amazing how these negative comments come from anonymous posters who have absolutely no facts to back up their claims. If this was a scam, I don't think Crackberry would be writing an article about us after the research they did. I also don't think RIM would allow us to be a member the BlackBerry® SI Alliance Program as a System Integrator Partner.

The DataLocking company has corporate hosted email services that include a 24/7 support help desk for our users. Let's looks at the facts if a company were to do this internally:

For a company to do this on their own, they would have the cost of buying a BES server ($2500), BES server software ($4k), Exchange licenses ($12k for 200 users), set up and installation fees, and maintaining that infrastructure on a 24/7 schedule (IT manager $80k, help desk support avg $45k, server maintenance, etc.). For a company of 200 people they could not do it themselves for less money compared to using Datalocking's service. For 200 employees, the cost would be $170k.

If Datalocking was used, this price goes down substantially. Again, this includes hosted email, BES, and 4096 encryption for all 200 Blackberries. Our monthly cost would be $10,000 per month with no set up fees.

Lastly, we wouldn't have very private services if we were telling you who all of our large corporate customers are now would we? I will tell you we have very large accounts with law firms, medical companies, research companies, etc. These companies are on the cutting edge and understand the value of keeping information private and secure.

These are the facts.

Anonymous

So, when is the "Going Out of Business Sale" ?????

Your Datalocking Service sure didn't protect your CEO from getting busted for dealing drugs and money laundering. Guess that encryption isn't that good after all :)

Here is a link to one of the two indictments Lineham got arrested for today.

http://www.insidesocal.com/sgvcrime/Candystore_-_Lineham_indictment%5B1%...

jsena

As a longtime blackberry user, I've been pushing management to add berry's for us in the field. We are a small aerospace contractor and are constantly facing cost/privacy issues. A hosted service with added security is an interesting possible solution to our issues.

Atomichelix

"These companies are on the cutting edge and understand the value of keeping information private and secure."

While I agree with that statement, by going with a host for securing their data, a client is trusting that host with information that isn't needed to be there. You may hold it offshore and it may not "belong" to anyone, but someone, somewhere has access to it.

The better solution is to encrypt and decrypt only at the endpoints, instead of on servers. Atomichelix has a PGP solution that does just that: encrypt and decrypt on the device itself. This way, it doesn't matter who gets access to the encrypted information anywhere along the way, as the only place it will be in plaintext will be the endpoint (i.e.: device itself, not the server).

Though, I do think your "Kill" functionality is a great idea.

Best of luck with your endeavors.

Mathew Hreljac
CEO
Atomichelix Software Limited

Anonymous

So they host Exchange with BES and PGP and THAT'S supposed to offer me privacy? Riiiiiiiiiight

Kill My Berry and 4096 bit encryption are HARDLY proprietary or exclusive to DataLocking (despite the claims on their website)

How much did these liars spend buttering you up to write this BullS***t review?

Anonymous

SANTA ANA – A Newport Beach man was among seven people arrested this morning on charges of involvement with a drug-trafficking ring that allegedly imported ecstasy and marijuana from – and sent cocaine to – Canada, federal prosecutors said.

Nathanael Garrard Lineham, 39, founder of The Datalocking Company, based in Aliso Viejo, allegedly used his position to provide encrypted BlackBerry mobile e-mail devices to members of the ring so they could evade detection by law enforcement.

The company also did business under the name beStealth, prosecutors said.

Two phone messages left with The Datalocking Company weren’t immediately returned. Phone numbers listed on beStealth’s Web site aren’t in service.

On Tuesday morning, agents with the Drug Enforcement Administration served a search warrant on the offices of The Datalocking Company, which is housed in a fourth-floor suite of a business building at 65 Enterprise in Aliso Viejo, said Thom Mrozek, spokesman for the U.S. Attorney’s Office. That search warrant is under seal, he said.

Altogether, 18 people were charged in two separate indictments after a two-year investigation that prosecutors dubbed "Operation Candystore."

During the investigation, authorities seized money and narcotics, including a 60-kilogram shipment of cocaine and a 35-kilogram shipment of cocaine, prosecutors said.

Many of the defendants reside in Los Angeles County, while some live in Canada. The only other Orange County resident charged in the case was Fausto Villa Perez, 49, of Santa Ana, who was arrested this morning, prosecutors said.

Lineham is named in both indictments. In addition to allegedly encrypting Blackberries, he is accused of supervising the movement of drugs and money within the U.S.

According to a press release from The Datalocking Company that quotes Lineham, the company’s private messaging service “offers best-in-class security to individuals who are concerned with the proprietary information that's often contained within their e-mails.”

Prosecutors allege that the ring was overseen in the U.S. by Jason I. Ming Wei, 30, a Canadian who lives in Temple City. Wei was arrested Sunday night at Los Angeles International Airport while preparing to board a flight to Canada. Wei made an initial court appearance Monday and was ordered held without bond, prosecutors said.

Also arrested today were Jerry Fanyuan Lin, 32, of Temple City, who allegedly obtained narcotics from Wei and had his own distribution network; Michelle Enck, 39, of Santa Monica, who along with Lineham is charged in both indictments; Jose G. Garibay, 28, of La Puente, who allegedly supplied methamphetamine to another defendant; Ming Chien Hsieh, 24, of San Gabriel, who allegedly distributed narcotics for Lin; and Alexander Chiang Pou, 19, of Santa Barbara, a U.C. Santa Barbara student who allegedly was involved in a series of drug transactions with Lin.

Perez is accused of helping to distribute cocaine on behalf of Wei, prosecutors said.

Those arrested this morning are expected to make their initial court appearances this afternoon in U.S. District Court in Santa Ana, prosecutors said.

The other U.S. defendants are being sought by authorities. Prosecutors expect to file provisional warrants against the Canadian defendants in coming days.

If convicted of the charges in the indictments, most of the defendants would face mandatory minimum sentences of 10 years in federal prison, prosecutors said.

Anonymous

what do you think about your "expert" now...

"Authorities break up U.S.-Canada drug ring"

story here: http://www.latimes.com/news/local/la-me-candystore1-2008oct01,0,4135751....

YOU are your best best for protecting your privacy, not some powder shoveling shyster with a "Secure Service"

Anonymous

so much for protecting peoples best interested....the CEO was arrested on monday for drug trafficking. How secure would you feel now knowing this

Anonymous

Authorities break up U.S.-Canada drug ring
'Operation Candystore' leads to charges against 18 people. The two-year federal investigation targeted trafficking in cocaine, ecstasy and marijuana.
By Paloma Esquivel, Los Angeles Times Staff Writer
October 1, 2008
Late last year, Nathanael Lineham got a panicked phone call, prosecutors say.

An associate working with Lineham to bring the drug ecstasy to California from Canada told him a shipment of 85,000 pills had been seized. Lineham was calm. After all, the deals were struck using coded e-mails -- on encrypted BlackBerrys from Lineham's own company.

What Lineham didn't know was that law enforcement officials were recording the call. And that, for almost a year, they had intercepted dozens of e-mails from supposedly secure BlackBerrys.

Lineham, of Newport Beach, was just one player in an import-export drug-trafficking ring that brought ecstasy and marijuana to the U.S. from Canada and sent cocaine back across the border, prosecutors say.

The ring was broken up Tuesday after a two-year investigation by federal agencies that relied heavily on intercepted e-mails and recorded phone calls. The alleged phone call and other accusations against Lineham and 17 others were laid out in a pair of indictments filed late last year.

Lineham, founder of Datalocking Co. in Aliso Viejo, seemed to believe his method was foolproof.

According to the company's website, Lineham has been working in telecommunications since 1989, when he founded a retail wireless and electronics store.

Four years ago, Lineham's company developed a way to keep personal information on BlackBerrys secure, the site claims. The phones were marketed to individuals and companies looking to secure privacy.

Top-level executives need to be assured others aren't privy to confidential content, Lineham told Fox News last month in an article on the privacy technology.

But Lineham also was marketing the devices to drug traffickers and using them in his own drug business, prosecutors said. Intercepted messages let investigators construct a detailed portrait of the operation, from the date and time of shipments to the type of container it was in.

The operation relied on an intricate network of smugglers and distributors to transport and disperse the drugs in Canada and the U.S., prosecutors said.

In addition to Lineham, prosecutors charged Jason I. Ming Wei, 30, a Canadian citizen who lives in Temple City, with overseeing the ring. He was arrested Sunday night at Los Angeles International Airport as he prepared to board a flight to Canada, said U.S. attorney's spokesman Thom Mrozek.

The investigation, dubbed "Operation Candystore," led to the seizure of money and drugs, including 60-kilogram and 35-kilogram shipments of cocaine. The 18 people implicated in the ring face a wide array of charges, including conspiracy to distribute and possess narcotics and money laundering.

In addition to Lineham and Wei, four others were arrested Tuesday. The other domestic defendants were being sought by authorities.

Officials said they will file provisional arrest warrants against the Canadian defendants in the next few days.