It’s well known that BlackBerry® smartphones are some of the most approved and accredited devices in the market — and you may have seen news reports and social content about BlackBerry smartphones earning approvals from various governments and international certification bodies. I work as part of the BlackBerry Security Certifications team, and in this blog post I’ll provide some insights into the team that is responsible for achieving these security approvals and certifications.
The Security Certifications team is a global group with multiple presences in North America, Europe and Asia-Pacific regions. With varied personal interests, our team members are even more diverse than our geographical locations. Having such a varied team allows us to leverage our unique strengths and draw from each others varied knowledge, interactions, and experiences. This helps us to stay current in the security and information assurance industries. Talk to us about an intriguing piece of technology and we will likely be able to tell you what security certifications apply to it!
So, what exactly do we do? We facilitate communication between technology-approving organizations and the BlackBerry product teams — and of course, we work on earning new product approvals and accreditations! For us, security is a way of life and not just an item on the checklist. I look forward to describing these certifications in detail over the coming months, but here is an overview of some of what we have achieved to date (a more detailed list can be found here):
- CESG Approval – CESG Approval allows private sector company products to be used by the United Kingdom government and other organizations, when correctly configured.
- Common Criteria Evaluation Scheme – Common Criteria (ISO 15408) is a multinational security certification program that is recognized in 26 countries world wide.
- Government Approvals – Various BlackBerry products have been independently evaluated and verified for in-country specific needs by NATO, as well as the governments of New Zealand, Australia, Canada, the United States, Austria, Turkey, and others.
- Near Field Communication (NFC) Certifications – Some of the latest BlackBerry devices are the first mobile devices to achieve UICC (SIM card) certification for both MasterCard® and VISA®. Using NFC technology, these devices are now approved to be used like credit cards that are capable of using either MasterCard PayPass® or VISA payWave® payment terminals.
- NIST FIPS 140-2 – The FIPS 140-2 is part of the Cryptographic Module Validation Program National Institute of Standards and Technology (for US government) and the Communications Security Establishment (for Canadian government).
This is just a snapshot of the wide range of work that our team performs and the certifications that have been achieved by BlackBerry solutions. By adding new approvals all the time, we continue to lead the industry in enterprise mobile security.
(As of February 2015, BlackBerry holds 70+ security certifications and approvals from governments.)
What approvals and certifications do you require in order to bring BlackBerry devices into your business? Share in the comments below.