Security needs people and process more than technology
Since the launch yesterday of BlackBerry's new operating system, BB10, numerous commentators have said that they believe perhaps the biggest differentiator will be one valued by corporate users and their employers: something called BlackBerry Balance. But is it more than a gimmick?
The idea of BlackBerry Balance - which is a feature only available for those whose companies also pay for the latest BlackBerry Enterprise Server - is that it enables your personal and corporate digital worlds to be kept separate, but on the same BlackBerry smartphone or PlayBook tablet.
"BlackBerry Enterprise Service 10 empowers employees to be more productive and better equipped to serve customers while it provides business and IT leaders with the confidence that corporate data is protected and manageable in the same way they have long enjoyed with BlackBerry," said Peter Devenyi, SVP enterprise software at BlackBerry.
Specifically, BlackBerry Balance is part of a mobile device management system, which can do things like send mandatory or optional applications to the corporate side of a staffer's phone, and prevent data from being cut-and-pasted from the corporate side to the personal side. The corporate side can alert a user when a document deemed sensitive is about to be sent outside the firewall on an email, or simply block such emails as a matter of course.
Several commentators are impressed. Describing Balance as a "killer feature", Tudor Aw, KPMG's head of technology Europe, said, "Perhaps the most interesting aspect of the new BlackBerry smartphones is the BlackBerry Balance feature which allows you to flip your phone between personal apps and a secure Corporate space. BlackBerry may have come up with the killer feature that will satisfy Corporate IT departments while keeping consumers happy."
The Guardian's technology editor Charles Arthur broadly agrees, describing Balance as the new operating system's unique selling point (USP): "Where is the USP? Buried deep inside, and only if you are working for a company that pays for the new BlackBerry Enterprise Server software. BB10 offers corporate users a feature called BlackBerry Balance."
Balance may indeed be welcomed by IT departments, who will also welcome the fact that BlackBerry's mobile device management can also manage iOS and Android devices from a single console. It will be welcomed by some staff, too, as it helps to keep things nice and ordered, and means that in your 'personal' space things stay completely private. IT departments can also remotely wipe the corporate side if a member of staff leaves or the phone is lost, without deleting cherished family photographs from the personal side, for example.
But while it's a nice feature, is it really a 'killer feature'? IT departments know only too well that if a member of staff really does want to steal away corporate data, there's very little they can do about it. Security isn't just about technology, it's also about people and process.
Preventing sensitive documents from being emailed out of the firewall only works if every corporate asset is correctly marked as confidential - which is unlikely. So staff may not be able to cut and paste from the corporate to the private side, but they could simply email their personal account instead. Besides, if a staffer really is determined to pilfer trade secrets, they could still do so with their work PC and a memory stick. You have data loss prevention tech that stops that happening? Only if every document is correctly classified. Even then, staff can often simply print what they want and put it in their briefcase or handbag.
There are other weaknesses in the chain. Staff could simply photograph their smartphone or PC screen, then run that through an OCR engine to turn it back into text. They could write it down, attach it to a webmail service like Hotmail or Gmail, upload it to DropBox - you get the drift.
So while BlackBerry Balance may be useful in warning non-rogue staff they may be about to accidentally leak some sensitive information, rogue staff could still find a workaround. BlackBerry Balance gives IT departments a little peace of mind, perhaps, but no solution is foolproof.
For staff, while some may like to keep work and their personal data separate, others may find that somewhat clunky.
BlackBerry markets Balance as being able to help IT departments cope in the era of Bring Your Own Device (BYOD). The trouble is, in a lot of organisations where staff have been able to 'BYOD', it's not a BlackBerry that they've brought to work, it's an iPhone or Android device. Balance only works on BlackBerry 10 smartphones.
Ultimately, BlackBerry Balance is a nice-to-have, not a need-to-have. It's not a 'killer' feature for staff or their employers, in my view, and is only relevant to those with the latest BlackBerry Enterprise Server anyway. And if Balance isn't BB10's killer feature, it's hard to think what else might be.