BlackBerry UEM is now in on zero trust, user behavior analytics, and mobile threat defense

A look at BlackBerry Intelligent Security, BlackBerry Enterprise Identity, and CylancePROTECT for Mobile.

It’s been a little while since I caught up with BlackBerry, so recently I got on the phone with John Herrema.

Last year at BlackBerry’s 2018 analyst day, the company kicked off their current phase as a software-only business, so really, there’s no more need to discuss the hardware-to-software transition.

Since then, they’ve been busy. On top of the treadmill of keeping up with iOS and Android updates, BlackBerry acquired Cylance, announced new conditional access / zero trust and mobile threat defense products, and rolled out plenty of other updates.

New security products

BlackBerry announced BlackBerry Intelligent Security in August. In a now-familiar model, this takes all of the context from BlackBerry UEM and can feed in into access decisions. It also includes some homegrown user behavior analytics features; John gave examples around user location, but they’re working on a variety of factors.

Intelligent Security feeds into BlackBerry Enterprise Identity, the identity plumbing that’s built into BlackBerry UEM. This can hook into Active Directory, Azure Active Directory, or LDAP directories on one side, and on the other side, it speaks SAML. There’s also an API. Overall, their message is a familiar one: BlackBerry wants to take device context and their analytics, and feed it into whatever you’re already doing for identity and federation.

These signals can be used to inform access decisions when users are on their desktops, as well. (Incidentally, Cylance had been working on user behavior analytics, too, in the form of  CyclancePERSONA.)

The next new security area for BlackBerry is mobile threat defense. They took tech from CylancePROTECT and put it into the Dynamics SDK. This product, CylancePROTECT for Mobile, was announced in October and is currently in beta, with general availability planned for January. I’ve always thought having embedded MTD capabilities was a good approach. Also, it’s interesting to see Cylance come full circle since back when we covered their desktop products.

Other BlackBerry UEM updates

As Bas van Kaam covered for us back in October, BlackBerry has partnered with Awingu, so that customers can put Awingu’s workspace aggregation appliance behind BlackBerry Access, a containerized local desktop browser that I’ve been a fan of ever since it came out.

On the deployment front, BlackBerry has reconfigured its product SKUs into just three main suites; and BlackBerry UEM is now also available in AWS and Azure marketplaces. BlackBerry’s Government Mobility Suite is now FedRAMP-Ready.

Over the last year or so, you might have heard of the BlackBerry Spark platform, and wondered what it was. For BlackBerry UEM, this basically means that they can reuse microservices across the BlackBerry portfolio.

What’s next

There will be more to dig into on the Cylance front, but it’s still a little early to share all the details. One thing that I did notice, though, is that John Chen spoke at BlackBerry’s general meeting about how Cylance brings lots of channel partners in the small and medium enterprise space. This is a new thing for BlackBerry, so it’s something to keep an eye on, too.

Dig Deeper on Mobile security