Whether government officials and Research In Motion Ltd. (RIM) executives are able to avert possible restrictions on BlackBerry use in the Middle East and Southeast Asia or not, the threat of a ban on the popular handset should serve as a wake up call for Canadian business travelers and organizations doing business abroad, according to industry watchers.
RIM is currently facing intense pressure to open its encrypted network to scrutiny by governments in situations that might affect national security. Saudi Arabia, the company’s largest Middle East Market with more than 700,000 BlackBerry users announced a ban on some of the smartphone’s services would commence Aug. 6. A similar ban in the United Arab Emirates (U.A.E) is scheduled to take effect in October.
BlackBerry Torch being passed to Canada this year
Canadian software tool blows away Net censorship, wins global award
Google backpedals in battle against China
BlackBerry Messenger quick tips: Mastering BBM basics
Other countries contemplating a ride on the BlackBerry ban bandwagon include: India, Kuwait, Algeria, Lebanon and Indonesia. As of Friday, U.S. and Canadian government officials and RIM were in talks with authorities in the Persian Gulf and South Asia. Newswire service Reuters reported early Friday morning threats to cut off BlackBerry Messenger service in Saudi Arabia had not yet taken hold as users were still able to access the service.
BlackBerry ban a threat to businesses too
“Hopefully the authorities and RIM come to some agreement. But this situation should serve as a wake up call to businesses that communications is a vital part of their business continuity planning,” said Claudiu Popa, a Toronto-based security and information management expert and founder of Informatica Corp.
In North America we typically take it for granted that our mobile communications will not be restricted or monitored by authorities, he said. “This makes it easy for many business travelers and companies with operations abroad to assume that the same arrangements exist abroad.”
Apart from the obvious implications to RIM’s bottom line, a ban on BlackBerry handsets could disrupt some Canadian and U.S. business operations as well.
The features, operating system, backend network, and the myriad business-specific mobile applications available to the BlackBerry, has resulted in the handset becoming widely popular with large enterprise and SMB users.
There are numerous Canadian and foreign businesses that have built their communication network around the BlackBerry platform, Popa said. “If a series of bans were to take effect over a wide area, it could cause some inconvenience to some operations.”
Popa imagines that a lot of businesses would be scrambling to switch over their travelling employees to alternative cell phone or smartphone units.
Popa’s Informatica Corp. has a number of clients that have operations in the Middle East. These companies however, will not likely experience difficulties because their communications are handled by secured virtual private networks (VPN).
The stakes are incredibly high for RIM as it negotiates with the governments in the UAE, Saudi Arabia and India, according to Carmi Levy, an independent technology analyst based in Ontario.
“Although it is unlikely that RIM will give in completely to these nations’ demands for fairly broad access to secure messaging traffic, doing so would severely damage the BlackBerry brand – long known for its best-of-breed security – by removing the one key factor that sets RIM’s devices apart from those of its competitors,” Levy told ITBusiness.ca.
“There’s a reason these governments aren’t learning on Apple and Google as well: Their messaging infrastructure is nowhere near as secure as RIM’s,” according to Levy.
It’s an easy assumption, the analyst said, that all non-BlackBerry mobile traffic in these countries is already being closely monitored by law enforcement agencies there.
The upshot at a market level is the BlackBerry could now become a tougher sell to globetrotters who, fearful of their devices going dark on a trip abroad, might increasingly consider alternative devices to avoid the risk altogether.
“As RIM ramps up its marketplace war against Apple and Google, with new devices, a new browser and a new operating system, a diversion like this is the last thing it ever wanted,” Levy said.
A ban on BlackBerry handsets could be a “major headache” for some organizations and travelers, according to Mark Tauschek, senior analyst with Info-Tech Research Group.
“If a ban goes down BlackBerry users will still have use of the unit’s voice features but email and all data services will be cut or blocked,” he said.
Users will need to carry around another device to access email and data, because anything going through RIM’s servers will be blocked, the Info-Tech analyst said.
Ban is not just a BlackBerry issue
The BlackBerry runs on RIM proprietary mobile operating system which has native support for corporate email. The system allows complete wireless activation and synchronization with Microsoft Exchange and other email, calendar, tasks, notes and contacts when used with the BlackBerry Enterprise Server.
The encryption capability of the BES is a main reason the BlackBerry is a popular choice of business users, according to Popa. “No other cell phone or smartphone maker can provide this level of security. iPhone and the rest have to rely on third party servers to provide security.”
RIM insists that even it can’t access the messages of its large enterprise customers, which have BlackBerry Enterprise Servers with encryption keys on their premises.
“This kind of puts them between a rock and a hard place, because they can’t really share this data even if they wanted to,” said analyst Jack Gold of J. Gold Associates. BlackBerry traffic also passes through RIM’s network operation centers, but they don’t handle the encryption and are “really just big routers to ensure delivery,” Gold said.
RIM has tried to take a firm stand on the issue, saying it won’t bow to government demands and that “customers of the BlackBerry enterprise solution can maintain confidence in the integrity of the security architecture without fear of compromise.”
But the company hasn’t said how it plans to resolve the issue.
The problems aren’t entirely unique to RIM, as its co-CEO Michael Lazaridis argued this week. “Everything on the Internet is encrypted,” he told the Wall Street Journal in an interview Wednesday. “This is not a BlackBerry-only issue. If they can’t deal with the Internet, they should shut it off.”
In the short-term, the situation is actually good PR for RIM, according to Tauschek of Info-Tech. “Imagine all these governments saying that BlackBerry is so secure that even they can’t crack it.”
“In the long-run however, RIM stands to lose out on a number of growing markets,” he said.
Tauschek suspects that the Canadian smartphone maker will eventually come into an agreement with the governments concerned.
As information and communications technologies start to blanket the world, they are running into a patchwork of different ideals and regulations about security, privacy and censorship.
“The rise of the Internet and global wireless communications is challenging the each-country-to-its-own scenario — introducing notions of global freedom expectations that appear to transcend the sovereignty of governments to regulate what their citizens will and will not see, hear, and say,” ICT research firm Ovum said in a research note.
Gerry Purdy, principal analyst at Mobiletrax sees a parallel between RIM’s position and those of the big search providers. “It’s similar to the Google search challenges in China,” he said. Google, Yahoo and Microsoft all are required to censor results as a condition of operating in China. They incurred a public relations backlash in the West for doing business there, and Google eventually stopped censoring its results at the risk of being ejected from the country.
What businesses can do
Popa said travelers to regions where the BlackBerry may end up banned or companies with operations in these areas have several options.
The simplest solution would be to switch to a different phone. This, Popa said, could be expensive for organizations that have heavily invested in BlackBerrys.
Security is another issue that will come into play.
Popa suggests companies set up its own VPN and transfer communications to that channel.
A VPN is a network that uses a public telecommunication infrastructure, such as the Internet, to provide remote offices or individual users with secure access to their organization’s network. It aims to avoid an expensive system of owned or leased lines that can be used by only one organization. The goal of a VPN is to provide the organization with the same secure capabilities, but at a much lower cost.
Lisa Phifer, vice-president of Core Competence Inc., a network security and management firm in Chester Springs, PA, says there are several types of VPN to choose from. Phifer outline some of the alternatives in a recent report:
IPsec VPNs- IPsec tunnels ensure confidentiality and integrity of all private IP packets exchanged over any public network between a mobile device and a corporate network VPN gateway. Today, most laptop and handheld operating systems include an embedded IPsec VPN client, and roughly two out of three enterprises have at least one IPsec VPN gateway. However, IPsec clients can be expensive to administer — particularly for large workforces that carry a broad mix of devices. IPsec can also be disruptive for mobile users that roam frequently from one network (and public IP address) to another. For these and other reasons, IPsec is most often used on IT-managed laptops that remain stationary during communication.
SSL VPN – SSL (secure socket layer) has been used for years in protecting e-commerce transactions between Web browsers and servers. SSL VPN gateways use this same protocol to secure corporate network communication by any device equipped with a Web browser. Today, SSL VPNs secure network communication with many kinds of mobile devices, including unmanaged PCs, PDAs and smartphones, but the applications supported on handhelds are often limited by OS and screen size.
Mobile VPN – Some VPN products are explicitly designed to overcome inter-network roaming disruption. Some Mobile VPNs can actually hold messages destined for a mobile that travels beyond wireless coverage or falls asleep, delivering them when communication resumes. Mobile VPNs offer clear advantages for workers who must communicate continuously, without disruption, while roaming between 3G/4G networks and Wi-Fi hot spots. This kind of functionality requires installed client software, however, so it is critical to select a product that can support all device operating systems used by your mobile workforce.
In diverse workforces, Phifer said, it may be difficult to serve every mobile user’s needs with a single type of secure network communication. For instance, a company might deploy one SSL VPN gateway but vary access based on device, user and associated risk.
“If a single access platform simply cannot do the trick, try to avoid narrow device or network-specific platforms and consolidate control by using the same policies and credentials,” Phifer said.
(With notes from James Niccolai)
Nestor Arellano is a Senior Writer at ITBusiness.ca. Follow him on Twitter, read his blog, and join the IT Business Facebook Page.