FIPS 140-2 is a huge certification when it comes to government spaces, and now security conscious organizations in US and Canada can safely deploy Secure Work Space in these environments. This security extends to both data-at-rest and data-in-transit for iOS and Android devices, meaning that all data is secure while within the enterprise.
BlackBerry Advances Security of its Multi-Platform Mobility Portfolio with New Cryptography Certification
FIPS 140-2 validation granted for Secure Work Space for iOS and Android
WATERLOO, ONTARIO--(Marketwired - March 26, 2014) - BlackBerry Limited (NASDAQ: BBRY)(TSX: BB), a world leader in mobile communications, today announced that Secure Work Space for iOS® and Android™, a multi-platform containerization solution managed through BlackBerry® Enterprise Service 10 (BES10), is now Federal Information Processing Standard (FIPS) 140-2 certified.
Considered a critical benchmark for security in government, FIPS validation assures users that a given encryption technology has passed rigorous testing in order to be used to encrypt and secure sensitive information. The certification will allow security-conscious organizations, including U.S. and Canadian government agencies, to confidently deploy Secure Work Space to securely separate sensitive corporate data from personal content.
"Organizations, in both the public and private sectors, must take the necessary steps to protect sensitive data and ensure that their mobile solutions offer the highest level of security," said Ben Hoffman, mobility analyst at IDC. "FIPS 140-2 certification indicates that BlackBerry is meeting the strict security requirements that many enterprise customers require."
The FIPS certification demonstrates BlackBerry's security capabilities for the transfer of sensitive data on third party devices. With Secure Work Space, BES10 protocols for data-at-rest and data-in-transit are extended to iOS and Android devices, including smartphones and tablets. This means data is protected while traversing networks as well as within the walls of the enterprise. Administrators can configure, secure, wipe and interact within the Secure Work Space on a device, while employees can enjoy the device for personal use. The features make Secure Work Space an ideal solution for organizations that desire the flexibility of a BYOD program with the control they require for mobile communications.
"BlackBerry is considered the most trusted and secure mobile platform and we continue to provide customers with choice and flexibility without compromising security," said Scott Totzke, Senior Vice President, Security Group at BlackBerry. "The FIPS 140-2 validation for Secure Work Space for iOS and Android demonstrates the multi-platform security capabilities that BlackBerry delivers for customers, helping governments and enterprises alike to deploy third-party devices with more confidence and less risk."
FIPS 140-2 is issued by the National Institute of Standards and Technology (NIST) to coordinate the requirements and standards for certifying cryptographic modules. The standard was developed through the Cryptographic Module Validation Program (CMVP), which certifies products for use by U.S. government agencies and regulated industries that collect, store, transfer, share and disseminate sensitive information. Product certifications under the CMVP are performed in accordance with the requirements of FIPS 140-2. In addition to U.S. government recognition, the certification is accepted and supported by the Communications Security Establishment Canada (CSEC) for government use.
BlackBerry products and solutions are protected by best-in-class AES 256-bit encryption, a highly secure, internationally recognized data protection standard. In addition to FIPS certification, BlackBerry products have continuously passed rigorous security assessments from a variety of independent organizations around the world. For example, BlackBerry 10 smartphones approved by NATO for use in classified communications up to the level of "Restricted." Additionally, BlackBerry was the first MDM vendor to achieve "Authority to Operate" on the U.S. Department of Defense's secure networks.