Managing device security was pretty much a solved problem until the advent of BYOD (bring your own device), which was "a game changer," BlackBerry director of APJ sales engineering Jonathan Jackson told iTWire.
BYOD led to the development of Good Technology's container technology. This an "incredibly successful" way of managing security across many more devices and many more device types, he said. (BlackBerry acquired Good Technology in 2015.)
But machines are better than people when it comes to managing these diverse environments, Jackson said, so BlackBerry is putting AI into its Spark platform (as foreshadowed when BlackBerry acquired Cylance earlier this year).
This approach allows BlackBerry Intelligent Security to use a combination of contextual and behavioural factors to determine a risk score for each interaction.
The result is increased endpoint security, a better end-user experience, and improved productivity at a reduced cost, Jackson told iTWire.
The first release of Intelligent Security uses behavioural-based location information (primarily the physical location) as the main input, and dials the level of security up and down in response.
Jackson gave the example of a personal banker who might be given unfettered access while in the office, but if they sought access while off-premises, they would be required to reauthenticate (eg, via Touch ID) before continuing. And if they were in a distrusted location (perhaps a foreign country) they could be completely locked out of corporate data.
While other products have some of these features, Internet Security develops "deep insight into how users are consuming data and information on their device" and is able to handle authorisation to apps, device management, and in-flight data protection, he said.
The product works by treating all locations as untrusted at the outset, and during the first weeks of use it learns to trust locations where users successfully authenticates themselves, and will allow access in those places. Attempts to use devices in untrusted locations may be restricted to certain apps or data, or only allowed after (eg) a successful multifactor authentication.
Future releases scheduled for 2019 and 2020 will take into account additional information when calculating the risk score. These include network trustworthiness (a Wi-Fi network used for the first time would be regarded as untrustworthy), time of use (eg, if an employee has only used a device or app during business hours, attempted night time use would be treated with suspicion), and "device and app DNA" (a unique signature developed for each trusted and compliant device, helping to fend off access attempts by rogue or non-compliant devices).
BlackBerry is also considering schemes that would incorporate the way individuals actually use their devices, Jackson said. So if someone habitually opens their email app before anything else, or normally deletes items by swiping left rather than touching the trash button, any deviation would be increase the risk score, potentially triggering reauthentication or other action.
The cloud-based BlackBerry Intelligent Security is the first product to be built on top of BlackBerry Spark. It collects data from other BlackBerry products, including BlackBerry Dynamics and BlackBerry Enterprise Identity apps.
"The increasing velocity and complexity of threats render traditional security models incapable of fully satisfying critical requirements," said BlackBerry president and COO Bryan Palma.
"BlackBerry Intelligent Security's real-world context, machine learning and predictive analytics set a new standard for a zero trust environment, bringing a new level of sophistication to all industries where security is essential."