BlackBerry readies a more secure version of the Samsung Galaxy S7

SecuSuite for Samsung Knox is a new version of BlackBerry's established security platform tailored for Samsung Electronics' high-end smartphones

IDG

IDG

Secusmart, the BlackBerry subsidiary that secures the German Chancellor Angela Merkel's smartphone, will roll out a version of its SecuSuite security software compatible with Samsung Electronics' Knox platform later this year.

That means that organizations looking for smartphones offering government-grade security will be able to buy the Samsung Galaxy S7 or, soon, the S8 rather than the now-discontinued BlackBerry OS smartphones like the one Merkel uses.

In addition to encrypting communications and data stored on the device, the new SecuSuite also secures voice calls using the SNS standard set by Germany's Federal Office for Information Security (BSI). Organizational app traffic is passed through an IPsec VPN, while data from personal apps can go straight to the internet. Encrypted voice calls go through a different gateway, not the VPN.

When it goes on sale, likely around July, an S7 running SecuSuite for Samsung Knox will cost around €1900, said BlackBerry Secusmart managing director Christoph Erdmann. That's the same price as the existing BlackBerry 10 version, and includes the phone, a microSD smartcard to secure the encryption keys, and the first year of service.

Secusmart is demonstrating the new system on its stand at the Cebit trade show in Hanover, Germany this week.

This is not Secusmart's first collaboration with Samsung: Two years ago at Cebit, in conjunction with IBM, the companies unveiled an ultrasecure (and ultra-expensive) version of the Galaxy Tab S 10.5 tablet, called the Secutablet. It cost $2,300.

Users of SecuSuite for Samsung Knox will see the icons of applications managed by their employer tagged with a small padlock. When these applications are launched, they will ask for a PIN to authorize use of the encryption keys in the microSD card. Without these, neither the app nor its associated data can be accessed.

Other applications, including popular messaging platforms such as Twitter, Facebook, and WhatsApp, can be installed in accordance with the employer's security policies: Some organizations, like the German government, will allow only limited whitelists, while others may allow full access to the Google Play Store.

The controls are imposed by the organization's MDM (mobile device management) and MAM (mobile applications management) servers, typically BES 12 and EASE respectively.Â

Even if a user inadvertently downloads and installs one of the malicious apps that occasionally sneaks into the Google Play Store, data in the work-related apps is still securely protected, said Erdmann.

"Every good OS has to have a way to stop processes reading other processes' memory," he said, adding that the Android OS is one of the ones that does.

"On a non-manipulated OS, one app trying to read from the memory of another app would simply crash the OS. It's a segmentation violation," he said.

Ensuring that the OS in the phone has not been manipulated is the key. In the case of SecuSuite for Samsung Knox, certification authorities can examine the source code to ensure that Android's memory protections have not been bypassed, and rely on Samsung's secure boot system to be sure the signed OS image that is loaded is the same one they examined.

"This is why secure boot is important, to ensure that the system has not been manipulated," Erdmann said.

So far, only a couple of Android manufacturers offer devices with secure boot systems: Samsung, and TCL, the company that now manufactures BlackBerry-brand Android phones under license.

That opens up the possibility, at least, that the German Chancellor's BlackBerry replacement could also be a BlackBerry.

"There's great potential" for running SecuSuite on non-Knox Android phones, Erdmann said, but it won't happen right away.

"Getting these solutions to the security level that the BSI and top-secret government agencies require is very time-consuming," he said. "When we started on the Samsung solution, there was no BlackBerry Android, but with the BlackBerry Androids getting up to speed it's a natural evolution."

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags Cebit 2017

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Peter Sayer

IDG News Service
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Matthew Stivala

HP OfficeJet 250 Mobile Printer

The HP OfficeJet 250 Mobile Printer is a great device that fits perfectly into my fast paced and mobile lifestyle. My first impression of the printer itself was how incredibly compact and sleek the device was.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?