BlackBerry licenses security tech to IoT device makers
.png)
BlackBerry is to license its secure software development technology to the makers of internet-connected devices to boost IoT security
When asked about future purchases, respondents said they were more likely to choose a product or do business with a company that had a strong reputation for data security and privacy.
To address this concern, BlackBerry announced at the Consumer Electronics Show (CES) in Las Vegas that it is to license its trusted software framework to enable device makers to build smart products securely without having to develop their own technology and cyber security expertise.
Once developed, BlackBerry’s team of cyber security experts will review each device, awarding BlackBerry Secure certification to show that the required level of data security and trust has been met.
“2019 will be the year consumers will begin to vote with their wallets and seek out products that promise a higher level of security and data privacy,” said Alex Thurber, senior vice-president and general manager of mobility solutions at BlackBerry.
“IoT device manufacturers can address security and privacy concerns head-on and stand out in the cluttered IoT space by bringing to market ultra-secure products that consumers, retailers and enterprises want to buy and use,” he said.
Thurber described the initiative as “a pivotal point” in BlackBerry’s software licensing strategy. “It underscores BlackBerry’s evolution from providing the most secure smartphones to delivering the trusted security for all smart ‘things’,” he said.
From today, device makers will have the choice of three “feature packs” which build on each other and provide various levels of management and control.
The BlackBerry Secure Enablement Feature Pack offers secure manufacturing and product lifecycle management features.
This means BlackBerry will provide a manufacturing station that provides a hardware root of trust and is connected to the company’s Network Operation Centre that is monitored 24/7 for uptime and reliability. During manufacturing, a BlackBerry identity key is injected into the hardware and recorded on a secure server. At launch and periodically throughout the product’s lifecycle, checks will be performed to verify that the two keys match. If they do not, the device no longer boots.
The BlackBerry Secure Foundations Feature Pack is aimed at enabling product suppliers to harden the operating system kernel and lock down software being executed.
This includes secure boot and ARM Trustzone technology to generate, use and store encryption keys used for various software operations. It also includes the BlackBerry Integrity Detection service which generates real-time “health” reports that can be accessed by users and trusted third-party applications.
The BlackBerry Secure Enterprise Feature Pack is aimed at devices that will be used in regulated or restricted environments as it enables deeper management and control beyond what is standard in Android Enterprise.
Through extended device management policies deployed on the device, BlackBerry said enterprises could protect their data by controlling what can be accessed via device debug interfaces, communication protocols such as Bluetooth, and cellular, Wi-Fi and GPS communication channels.
In 2018, IoT technology firms began signing up to a UK code of practice to strengthen the security of internet-connected devices. The code is expected to form the basis of an international standard.
In October, the UK published a voluntary code of practice (CoP) to help manufacturers boost the security of internet-connected devices that make up the internet of things (IoT).
Tech companies HP and Centrica Hive were the first to commit to implement the CoP by 2021. The code is aimed at encouraging innovation while ensuring tech consumers are safe by addressing potential security vulnerabilities at the design stage.
Although the CoP is aimed at consumer products, the UK government hopes it will establish standards and principles that will filter through to the industrial, enterprise and other IoT markets. Also, government departments plan to engage with individual sectors about industry-specific IoT security issues.
In view of the risk posed by IoT devices, the UK is leading global efforts to improve the security of internet-connected devices by encouraging device makers to embed security into the design of new technology rather than bolt it on afterwards.
source computerweekly
Industry: Cyber Security News
Latest Jobs
-
- Sailpoint IIQ Consultant
- London
- Up to £75,000
-
SailPoint IIQ consultant- London We are looking for a strong SailPoint IIQ consultant to work for this global enterprise, in this position you will be the lead consultant in regard to the IAM and PAM tools Duties include Responsible for designing, developing, testing, implementing, and integrating IAM (SailPoint) systems and solutions. Assessing requirements for Identity and Access Management solutions to meet stakeholders needs. Provide support for production IAM infrastructure systems and processes. Ensures the maintenance, patching, operating, and monitoring of IAM systems. Ensures senior management and staff are informed of any changes and updates in a timely manner. Experience with Maintaining and supporting SailPoint IIQ Assessing requirements for Privilege Access Management solutions to meet stakeholders needs We are looking for someone with the following experience SailPoint IIQ experience Expertise working with SailPoint Identity IQ platform - Access Lifecycle Management, Certifications, Role Management Expertise in onboarding applications with various connectors like Active Directory, JDBC, SCIM 2.0, Azure Active Directory Expertise in developing APIs (SCIM, REST) leveraging Java based developmentExperience of Privileged Access Management concepts and use cases Unfortunatly we are unable to provide sponsorship for this opportunity, therefore applications will need to be able to work in the UK
-
- SailPoint Consultant- Netherland-
- Netherlands
- upto €700 per day
-
We are looking for a highly skilled SailPoint IIQ Consultant to work on a major deployment project. The ideal candidate will have experience with all aspects of SailPoint IIQ, including development, configuration, and administration. They will also be able to work independently and as part of a team to deliver high-quality results. · Responsibilities · Develop and configure Sailpoint IIQ solutions · Integrate SailPoint IIQ with other systems · Support SailPoint IIQ deployments · Provide technical support to users If you are a highly skilled SailPoint IIQ consultant who is looking for their next project, we encourage you to apply. look forward to hearing from you!
-
- Lead CyberArk deployment Consultant
- London
- Upto £80,000 plus benefits
-
CyberArk Consultant is needed to be responsible for leading the deployment of CyberArk solutions for this expanding IT services business, You will work with customer both pre and post sales, getting involved in CyberArk Solution Design, helping to create CyberArk Strategic Roadmaps, on-boarding accounts, product and process integration into the CyberArk Solution and Proviso of Installation and technical Documentation. We are looking for this individual to have experience in: Installation of CyberArk PAS for V11.X and V12.X (Vault, DR Vault, Central Policy Manager and Password Vault Web Access) Upgrade of CyberArk from V9 and V10 (Vault, DR Vault, Central Policy Manager and Password Vault Web Access) Installation and Upgrade of Privilege Session Manager and Privilege Session Manager Proxy As some of your client will be government site, all individual will need to be put through SC clearance, therefore you must be eligible to receive this and happy to be put through(With a British Citizen or to have lived in the UK for the past 5 years) We are unable to provide work visa sponsorship for this opportunity
-
- Senior Business Analyst - Outside IR35 Contract, SC Clearance Required, London
- London
- £400 per day outside IR35
-
Senior Business Analyst - Outside IR35 Contract, SC Clearance Required, Based in London Project- to engage with colleagues and stakeholders to investigate and model business functions, processes, information flows and data structures, using a range of business analysis techniques. • You will translate the solution to the business problem into detailed requirements by creating user stories and well-defined acceptance criteria. • Elicit end-to-end business requirements for a live cross-government service • Working across the Government departments to bring together varied business and operational outcomes to form a holistic overall set of service requirements Current SC clearance is required. As is the ability to travel to London.