A recent ZDNet article gives a blow-by-blow account of the fight between Blackberry and Blackphone over which company offers better mobile security. In a series of back-and-forth blog posts, the smartphone makers traded shots about each other's approach to device security. But should we even pay attention to these small fries?
With Android and iOS making up an astonishing 95 percent of 2013's fourth quarter mobile sales, a fight between two relatively small players isn't major news. However, the online flame war reveals just how much security has changed in the last 12 months.
Since Edward Snowden made his first revelations, we've seen the biggest tech companies scrambling to demonstrate that they offer secure services to clients. The Target data breach further compounded data security anxieties and made it clear that businesses have to invest more in IT security.
The dust-up is evidence of the growing attention – and scrutiny – IT security faces. Let's take a look at how Blackphone and Blackberry differ on their approach to security and what it means for IT professionals.
A Tale of Two Security Approaches: The Heart of the Blackphone and Blackberry Battle
The argument between Blackphone and Blackberry is an interesting one because it highlights the different ways IT companies approach mobile device security.
As we reported in "Black to the Future: Better Security from the Next Class of Smartphones?" Blackphone launched this year and is designed to offer customizable user security on a solid, secure platform. Companies are in control of the IT infrastructure they put on the phone, and the OS offers secure messaging and phone call service.
Blackberry has lingered in the mobile market because of its government contracts and end-to-end IT infrastructure, which appeals to some security-focused companies. However, this has also led to its decreased market share as businesses and users want more choices when it comes to apps.
The dispute is a fundamental one in IT security. Blackphone argues that users want a blank-slate phone that they can customize with third-party apps and IT. It argues this is the best way for users to avoid backdoors that let in government hackers. On the other hand, Blackberry sees end-to-end enterprise solutions as the most secure option for the opposite reason: it limits third party apps and liability.
Which company is right? Not to give a wishy-washy answer, but there's some truth to both options. And both options also come with their risks. For instance…
- As an IT consultant, you can be sued for recommending third-party apps and IT solutions that lead to data breaches.
- If you recommend end-to-end software that doesn't integrate with a client's other IT or limits their productivity, you can be sued for not recommending the optimal solution.
IT consultants are in a difficult place because they are liable for the performance of IT solutions as well as their security.
Futile Fight: Why Apple and IBM Might Have Changed the Game
BYOD workplaces have become more common, which suggests that Blackphone's view of mobile device security is closer to what users want. It's rare for any business's employees to view their mobile devices as purely for work.
In fact, many companies are betting that the next wave of mobile device security will find a way to secure personal devices at the workplace. Blackberry's just-for-business approach strikes many companies as outdated and inadequate.
This explains why IBM and Apple were so eager to form a mobile partnership. As we profiled yesterday in our article “What the Apple-IBM Partnership Means for IT Professionals,” these two companies are attempting to offer vertically integrated IT solutions (through IBM) on the Apple platform. IBM claims its security technology can limit BYOD liability by letting personal devices securely join their enterprise cloud solutions.
In essence, the Apple and IBM partnership aims to offer the customizability that mobile users want combined with better end-to-end security of enterprise software.
Lessons Learned from the Mobile Wars
While mobile companies exchange feisty blog posts, IT consultants can learn a few things about their own liability:
- Security is always a tradeoff. As a consultant, you try to find the right balance of price, security, and performance for your clients.
- No security is perfect. Even if you find a sensible IT solution for a client, an employee mistake could cause a data breach, or the company could be hit with a sophisticated cyber attack.
- IT security is an evolving field. There are problems with all security solutions. Cyber attacks and liabilities are always changing. The approach you take to combat cyber attacks must change, too.
The uncertainty in IT security is yet another reason why IT consultants invest in Errors and Omissions Insurance. Many clients require you to have this coverage before you work for them because they want to know that you have the means to cover data breach lawsuits.
If a breach occurs on a client's mobile device or network, your IT insurance covers legal expenses and damages you owe the client. For free IT insurance quotes, submit an online insurance form.
