More and more mobile devices are appearing in the networks of large companies and organizations. With Unified Endpoint Management (UEM), administrators try to manage and secure this flow of devices as well as possible. With artificial intelligence (AI) and the use of machine learning this can be a lot faster and easier, says BlackBerry. The provider of software and cloud-based solutions for secure communication connections uses AI to define ‘risk factors’ in order to provide end users with the best possible security anywhere, anytime. Techzine spoke to Senior Vice President of Product Management Frank Cotter about this.
Companies and organizations have been dealing with a growing number of mobile devices that appear on, or access their networks for years. Not to mention the numerous sensors that the Internet of Things (IoT) brings with it.
Traditional management and security applications such as Mobile Device Management (MDM) and Mobile Application Management (MAM) are no longer sufficient to manage and secure this flow of mobile devices. Think not only of business-delivered smartphones or laptops, but also of devices that employees bring themselves (BYOD). The management and security of these mobile devices is also becoming increasingly complex due to the amount of device operating systems.
The advent of Unified Endpoint Management (UEM) tools fortunately brings some order to this mobile chaos. UEM allows administrators to manage, deploy and secure all existing devices, applications and content from a centralized environment. It should not matter which operating systems the devices use. For administrators, UEM also provides more insight into which devices are active within their network environments.
The disadvantage, however, is that human intervention is still often necessary for all this management and the roll-out of security policies. Now that the networks of companies are flooded with mobile devices, sensors and other equipment connected to the internet, this is no longer an effective method.
Use of artificial intelligence
According to BlackBerry, AI could help. AI could make it possible to provide mobile devices with self-adjusting security and continuous authentication. This makes it easier for companies and organizations to apply reliable endpoint security for both trusted and unfamiliar environments.
Not only companies should benefit from this. It should also give employees a better and more productive experience, while their devices comply with the latest security requirements and regulations anywhere, anytime.
BlackBerry Intelligent System
BlackBerry has now introduced BlackBerry Intelligent System. In short, this is a cloud-based solution that creates risk profiles based on a combination of contextual factors, in this case machine learning and predictive AI. Using these risk profiles, the endpoint security for each device, application and end user can then be determined dynamically, or ‘on the fly’. This technology comes from security specialist Cylance, acquired by BlackBerry at the end of 2018.
More specifically, the solution uses information about the location of the end users, how often and when end users use their device and what they do exactly. This makes it possible to make an analysis of whether the location, the network, the network use and the end user performing the actions can actually be trusted and comply with certain usage patterns that have already been observed. With this analysis, the solution automatically adjusts the risk factors. In addition, administrators can create a standard list of trusted parameters and risk factors that allow or deny certain actions.
If end users display deviant behaviour, BlackBerry Intelligent Security can automatically take action. This involves, for example, asking for a certain authentication such as a fingerprint, a face scan or simply a password.
This in turn determines the risk profile. If the answer to this extra authentication is not positive, access to the device is refused. In case of a positive answer, but with some deviating behaviour, the access time or access to certain websites can be limited, for example.
Better user experience
With the now released solution of the security specialist, a digital profile of the end user and his device is actually built with AI. This profile knows how the end user works normally, from which location he/she works and it can also learn the order of his daily work with the device.
So, these are the risk factors, combined with any predefined company policies or factors, which then automatically determine whether or not to give access to the company’s network, applications or devices.
This ensures that employees are provided with the best possible security without any worries and that they have a better user experience. This is especially true because access to applications and devices is automatically given, wherever the employees are located. According to Cotter, this also stimulates the productivity of the employees.
Not only should BlackBerry Intelligent Security deliver better user experience and improved productivity, it will also reduce costs. The solution is offered as a cloud service, which means that additional software does not have to be installed and managed.
Compatible with other solutions
End users of BlackBerry Intelligent Security do not have to be existing customers. According to Cotter, the solution is compatible with many existing UEM or Identity Provider (IDP) solutions, whether cloud-based or not, and adds a self-learning security layer based on AI and machine learning.
It can also be used by customers who do not have a UEM solution at all. For these customers, the application can be used through a web-based environment.
BlackBerry will be adding more features to the security solution. It will soon be possible to base the risk factors on the time of use of the device or of certain applications. The application learns how and when authorized end-users use their devices and access data. This automatically scales the risk level up or down, and with it the security measures.
Device and Application DNA are also added to BlackBerry Intelligent Security. This feature automatically determines whether devices and apps comply with the company’s regulations and adjusts the security based on this unique profile. A unique identification signature for trusted, authorized devices and applications is then used for this purpose. This signature ultimately detects and blocks dangerous and unauthorized ones.
A prelude to more applications within Spark
Cotter also states that the technology of BlackBerry Intelligent Security will soon also be used for other applications – also based on the Cylance products – within the BlackBerry Spark security platform. Spark is Blackberry’s overarching security platform for the Internet of Things (IoT) – or, as the company calls it: the Enterprise of Things.
Now, BlackBerry Intelligent Security only works with mobile devices and apps. Later it should also lead to risk-based security of all other devices connected to the corporate network or whatever else can be considered an endpoint. One example is a connected company car.
With the introduction of BlackBerry Intelligent Security, the company has taken another step forward with security applications for securing mobile endpoints. By using artificial intelligence -including machine learning- to create risk profiles of end users and to adapt security to these profiles in a fully customized way, end users will be completely relieved of their worries in this area and thus become more productive. This also makes it easier for companies to manage all mobile devices better in terms of security, because of the automation.
We are very curious to see how the technology will soon be used within the Spark platform and how this could possibly lead to a revolution in the security of the Internet of Things, or Enterprise of Things. Therefore, we will continue to follow the developments surrounding BlackBerry Intelligent Security with interest.