Following the release of the original iPhone in 2007 and the subsequent launch of Android, many people with work-issued phones spent years asking for their employers to switch away from BlackBerry smartphones to more modern devices. Finally, as Apple and Google increased their focus on security and BlackBerry hit dire straights a few years ago, workers began getting what that wanted and bring your own device (BYOD) policies became more common.
More recently, however, an interesting trend is being observed: Workers want their BlackBerry’s back.
CIO’s Tom Kaneshige reports on an interesting phenomenon that we’ve heard rumblings of in the past. At companies where employees were permitted to ditch their work-issued BlackBerry phones and bring their own iPhones and Android handsets, they’re now begging their IT departments to move back to BlackBerry.
Why? It turns out there are a few reasons.
For one thing, there are privacy concerns. When workers use their own iOS and Android devices, IT departments gain access to all of their private data in addition to any corporate apps that might be on the devices. It’s never a good thing when you have to hand over a smartphone packed full of naked selfies so that IT can fix an issue with email not syncing properly.
Beyond that, IT professionals Kaneshige spoke with say they are having some serious problems with mobile device management (MDM) software, and the related on-device apps often cause issues like battery drain and device bogging.
A vulnerability in the BlackBerry Protect software built into Z10 smart phones could allow hackers to gain access to the passwords of some devices, according to a security advisory issued by BlackBerry
By taking advantage of “weak permissions” malicious applications will be able to:
- Gain the device password if a remote password reset command had been issued through the BlackBerry Web site
- Intercept and prevent the phone from acting on BlackBerry Protect commands, such as remote wipe
BlackBerry said the issue is with the BlackBerry Protect software and not the Z10’s operating system.
“The most severe potential impact of this vulnerability requires a BlackBerry Z10 smart phone user to install a specially crafted malicious app, enable BlackBerry Protect and reset the device password through BlackBerry Protect,” the advisory said.
With the device password and physical access to the phone, an attacker can:
• Access the functionality of the smartphone (including the BlackBerry Hub, apps, data, and the phone) by unlocking the smartphone.
• Unlock the work perimeter on a BlackBerry Z10 smartphone that has BlackBerry Balance technology enabled if the work perimeter password is the same as the device password.
• Access the smartphone over a USB tether with either BlackBerry Link or the computer’s file viewer, allowing access to the smartphone’s personal files, contacts, PIM data, and so on. The attacker could also access work perimeter content on BlackBerry Balance smartphones if the work perimeter is unlocked and access over a USB tether is allowed by a policy that the IT administrator sets.
• Enable development mode after accessing the smartphone over a USB tether, allowing remote access as a low privilege development user.
• Change the current device password, allowing the attacker to deny access to the legitimate user of the smartphone.
• Access any other local and enterprise services for which the legitimate user has used the same password as the smartphone’s password.
An attacker can also gain Wi-Fi access to the phone if the owner enables Wi-Fi storage access on the Z10 and sets a storage access password that is the same as the device password.