“We’re in the middle of a paradigm shift in the consumer world”, Micharlis told his audience. “Security is too complicated and users don’t understand it. Security is not good enough – we need to improve it”.
The way to do this, Michaelis advised, is to “work on a secure operating system so we don’t have to rely on third parties. We need to improve the usability of security and make it harder for the hackers.” The balance between usability and security is important, he emphasised. “Don’t block everything – you’ll risk evasion to private non-secure devices. User experience is the key to success”. Punishing the end user, he said, will get you nowhere.
Fifteen to twenty-five percent of large enterprise smartphones are lost or stolen every year, he said. Given that the average cost of a lost data record is $258, “and as the average smartphone can store over 500 data records, the average lost value of a smartphone is $129,000”, Michaelis explained, adding that the value of the data on a tablet computer is, according to BlackBerry, worth $516,000.
IT staff are often unaware of what’s going on in the mobile environment, Michaelis warned. “You need to control application access rights. It’s so easy to jailbreak a device – any application is only as secure as the underlying operating system.”
Michaelis listed trust, authentication, confidentiality, privacy, and non-repudiation as the five pillars of security BlackBerry security abide by.
BYOD (Bring your own device) is being adopted whole-heartedly in North America, he advised, but declared Europe somewhat further behind. “In Europe, big enterprises aren’t really doing [BYOD] because the legal implications are a nightmare”, he concluded.