Just like we have the U.S. Department of Homeland Security, Canada’s homeland security is called Public Safety Canada. Recently, this government department issued a warning that advises citizens, “to think twice before sending a BlackBerry (News - Alert) message.” The Public Safety Canada agency is the federal department charged with overseeing cyber security.
One of the factors that has always been strong aboutBlackBerry is its security. That is why it has always been so successful in the corporate world. Now with a warning from the Canadian government criticizing BlackBerry’s security, it has to hurt.
If we delve into the specifics of this warning, you will see that it is very limited. The one page policy memo issued by Public Safety Canada, which was updated in mid-January, attempts to dissuade government BlackBerry users from sending a PIN-to-PIN message. This is largely due to the fact that a PIN-to-PIN message can basically be read by any BlackBerry user anywhere in the world.
According to the published warning, sending messages by this method is not secure. The encryption of such messages is vulnerable because the default encryption key is not unique to a BlackBerry, but the same for all BlackBerrys. This makes it easy to decrypt a sensitive message sent by PIN-to-PIN. The documents were released under the access to information act and say PIN-to-PIN messaging isn’t “suitable for exchanging sensitive messages” because protected or classified information could be inadvertently leaked, or a mobile user could inadvertently download malware or viruses that would compromise their phone.
Just about two thirds of the federal government mobile users in Canada use BlackBerry. If they are all sending PIN-to-PIN messages, you can see why Public Safety Canada would be concerned. There is also the threat that sending messages outside government firewalls and security filters could lead to a user opening a virus attached with a PIN message. The memo also warns that PIN-to-PIN messaging bypasses all corporate e-mail security filters, and thus users may become vulnerable to viruses and malware code as well as spam messages if their PIN becomes known to unauthorized third parties.
In the U.S., BlackBerry has always been the mobile device of preference for the Department of Defense (DoD). Recently, the DoD released its Commercial Mobile Device Implementation plan. This plan has details of using commercial off the shelf devices such as Samsung (News - Alert) and Apples devices.
Teri Takai, Defense Department chief information officer, said, “The Department of Defense is taking a leadership role in leveraging mobile device technology by ensuring its workforce is empowered with mobile devices. As today’s DoD personnel increasingly rely on mobile technology as a key capability enabler for joint force combat operations, the application of mobile technology into global operations, integration of secure and non-secure communications, and development of portable, cloud-enabled capability will dramatically increase the number of people able to collaborate and share information rapidly.”
BlackBerry is struggling to keep a hold of the government and corporate contracts that it currently has. This is another body blow causing BlackBerry to take a few steps back to get some breathing room.