BlackBerry tops enterprise mobile security survey

Researchers find BlackBerry 7.0 most compatible for enterprise use.

Security vendor Trend Micro has named BlackBerry 7.0 the most secure mobile operating system for enterprise use, above Apple iOS, Windows and Android platforms.

Researchers from Altimeter Group, Bloor Research and Trend Micro assessed built-in security, application security, authentication, device wipe, device firewall and virtualisation features of BlackBerry 7.0, iOS 5, Windows Phone 7.5 and Android 2.3.

BlackBerry gained the highest average score (2.89), followed by iOS (1.7), Windows Phone (1.61) and Android (1.37).

According to the report, published by Trend Micro this week (pdf), the corporate-grade security and manageability of BlackBerry made it the best option for the most stringent mobile roles.

It rated higher than Apple iOS due to the administrator's complete control over the device through the BlackBerry Enterprise Server (BES), but features need to be managed for there to be a benefit to the business, researchers said.

The report praised the sandboxing of the iOS application architecture and there being no options for adding removable storage.

It also praised the "reasonably robust and secure" smartphone operating system in Windows Phone, with the OS using privileges and isolation techniques to create sandbox processes based on a policy system that defines which features the processes operating in a chamber can access.

Although more up-to-date versions of Android are available, the researchers said version 2.x was still the most widely deployed on existing and new handsets, creating a security risk in itself. Apps also run in a sandboxed environment and they cannot access the network without prior consent.

“Against the growing, unstoppable backdrop of consumerisation and BYOD, every mobile device is a risk to business," said Raimund Genes, CTO of Trend Micro.

"What is interesting in these results is that, whilst some mobile platforms have evolved very noticeably along enterprise lines, there is still a strong ‘consumer marketing' legacy in some quarters and this is negating some of the progress made on the enterprise front.

"Indeed, some of the attributes we have examined in the report are still firmly ‘enterprise-unready'.”

Nigel Stanley, security practice leader at Bloor Research, said: “Security people I work with are scared witless by consumerisation and the rapid adoption of these devices.

"Aside from the technical challenges, organisations need to understand the importance of a decent mobile device security policy and supporting user education.”

This article originally appeared at scmagazineuk.com