by_adr - Fotolia

Enhanced BlackBerry Spark strives for zero-trust security

With a bolstered unified endpoint security layer, announced at last week's RSA Conference, BlackBerry Spark wants to bring zero-trust security to a broad swath of devices.

BlackBerry Limited made changes to its unified endpoint security platform with the intention of bringing zero-trust security to device management.

The BlackBerry Spark enhancements, first announced at last week's RSA Conference in San Francisco, involve an improved unified endpoint security (UES) layer that will work in conjunction with unified endpoint management (UEM) products like its own to more fully protect a range of endpoints, among them desktops, mobile devices, servers and IoT devices.

The firm has emphasized the unified nature of BlackBerry Spark, which was released in 2018, noting its use of a single agent across multiple types of devices, a single console to manage those endpoints and artificial intelligence and machine learning to detect modern threats. Experts said this kind of approach seems to be a general trend in the market, and that BlackBerry would have to emphasize business cost savings to stand out.

Nigel Thompson, vice president of product solutions marketing at BlackBerry, said the changing nature of work means people are turning to a wider variety of devices to do their jobs.

"Historically, it was the desktop. In the last five to eight years, it was mobile," he said. "Now, we're starting to see the next wave of endpoints coming in, like smart speakers [or] people trying to get work done in their vehicles and [through] IoT devices."

Each device, Thompson noted, is another endpoint a business needs to secure. This, he said, has led to a security management jumble for IT -- several different security products, managed separately, running on devices that may or may not be owned by a company.

"We need a better way to think about doing security, not just from a technological standpoint but from an organizational standpoint," he said.

Security at the point of interaction

Thompson said BlackBerry Spark's zero-trust security presents a sensible way to handle the problem. As employees are authenticated continuously by checking user behavior against a profile of their typical actions while using these endpoints and applications, he said, the threat posed by such situations as someone picking up and using a misplaced device is minimized.

"Our philosophy is to bring security down to the point of interaction, the point where it really matters to protect your data," he said.

The ability to manage multiple kinds of devices through a single product, Thompson said, should prove a benefit to the IT professionals managing them.

"We've started to see security and IT not wanting to have multiple agents on the same device," he said. "It creates overhead -- overhead on the CPU or overhead from a management standpoint."

If you want to do threat detection holistically, you want a single agent that is looking across all endpoints and is looking for the same threats.
Nigel ThompsonVice president of product solutions marketing, BlackBerry

According to Thompson, having a single endpoint security product can put a company on good footing to detect broad-based attacks. Thinking of security in a segmented way was missing the bigger picture; hackers, he said, do not have separate departments for different devices, and the malicious code used to attack a mobile device is also used to attack desktops as well, he said.

"If you want to do threat detection holistically, you want a single agent that is looking across all endpoints and is looking for the same threats," he said.

Part of a trend

Andrew Hewitt, an analyst at Forrester Research, said BlackBerry's recent announcement fits into a larger trend of UEM vendors adopting zero-trust security and continuous authentication.

Andrew HewittAndrew Hewitt

"[BlackBerry] is focused on providing risk-based analytics that can look more at user behavior … than static device health conditions," he said.

UEM vendors, Hewitt said, have recognized that IT professionals who are managing devices need a single platform to deliver better threat detection and remediation capabilities.

Dion HinchcliffeDion Hinchcliffe

Dion Hinchcliffe, vice president and principal analyst at Constellation Research, said a holistic and integrated view of potential threats will provide enterprises with a better command over their security -- and that such an approach will likely gain traction with companies. Yet it remains to be seen, he added, whether BlackBerry Spark will be a winner in the market.

"The issue is that most enterprises already have unified endpoint security and/or management solutions," he said. "BlackBerry would need to be able to switch out up to several endpoint products at once … if they want to fully deliver the cited benefits to a customer."

Hinchcliffe said BlackBerry would have to emphasize the product's efficiency and cost savings to gain traction against various other market powers that may have a less holistic approach but are already entrenched in the enterprise.

Dig Deeper on Mobile management

Unified Communications