Analysts are concerned FBI may be making a mistake; Android may not be secure enough

The U.S. Federal Bureau of Investigation (FBI) and the U.S. Navy are two massive federal agencies.  The FBI has over 35,000 active employees [source]; the Navy has 54,000+ officers [source].  What do all of those government employees have in common?  Most of them carry government-purchased smartphones from Canada's BlackBerry Ltd. (TSE:BB).

I. Samsung Nears Deal to Supply Navy, FBI With SE Android Smartphones

But Reuters and The Wall Street Journal are reporting that Samsung Electronics Comp., Ltd. (KSC:005930) is on the verge of signing new contracts that would break BlackBerry's exclusivity as smartphone supplier to these agencies.  

The deal would be a massive victory for the world's largest smartphone maker, which has been lobbying the U.S. government hard to adopt its Galaxy S IV smartphones.  And it would be opportune timing given Samsung's growth had started to slow on a market-wide stagnation of smartphone sales.

At the same time, the deal would be a big blow financially to BlackBerry – a company whose future already looks uncertain given the slow sales of its tardy BlackBerry 10 platform.

BlackBerry 10 (BB10) -- originally scheduled for a H1 2012 launch -- was delayed a year, finally seeing a soft launch in January.  The first BB10 devices hit the U.S. in March, but the most popular variety of Blackberries -- keyboard equipped models -- were delayed even further, only starting to sell in May in the U.S.

BB10 phones
The slow rollout of the BB10 devices may have cost RIM part of its gov't contracts.

That sluggish rollout may have been the last straw for more than one government agency that is losing faith that keeping BlackBerry exclusive is a wise logistics choice.  In May the Pentagon approved for the first time the use of Samsung and Apple, Inc. (AAPL) smartphones by the branches of the U.S. Department of Defense (DoD).

II. Getting Serious About Security

In recent months a number of government agencies:

... have dumped BB, either partially or entirely, mostly for iOS.

BlackBerry Adieu
Gov't agencies are fleeing the sinking BlackBerry ship. [Image Source:]

Meanwhile, BB10 has struggled, flunking the UK's strictest security requirements earlier this year.

The looming Navy/FBI contracts could make it a three-man race between BlackBerry, Apple, and Samsung for agency contract dominance.  That competitive state of affairs come thanks to hard work on Samsung and Google's parts.  While BlackBerry has long offered the most secure business solution, Samsung has been working hard to change that picture.  

Samsung started by last year airing an enterprise ready Android distribution, which adds on technologies from other top software players.  That initial effort -- available for the Galaxy S III and Galaxy Note II -- was dubbed SAFE.  

It offered 256-bit encryption, Microsoft Corp.'s (MSFT) ActiveSync email/calendar suite, VPN (jointly implemented by Juniper Networks, Inc. (JNPR) and Cisco Systems, Inc. (CSCO)), and a plethora of mobile device management (MDM) APIs to support MobileIron, SAP AG's (ETR:SAPSybase Afaria, Citrix Systems, Inc.'s (CTXSZenpriseSOTI, Motorola Solutions, Inc.'s (MSI) AirWatch, and other top management platforms.  In total over 340 IT policies are supported by the platform.

III. KNOX Impresses

But where interest is really heating up is SAFE's successor, "KNOX".  Just released for the Galaxy S IV, KNOX leverages Google Inc.'s (GOOG) new "Security Enhanced" (SE) Android platform, which was co-designed by the U.S. National Security Agency (NSA).

Samsung Knox
Samsung KNOX is arguably the first truly enterprise-ready secured Android platform.

SE Linux to offer sandboxed work and business containers (comparable to BB's "Balance" environments), which coexist alongside the general recreational workspace.  Each container is encrypted and apps in one container are unable to access other containers' data.  Messages can be routed to accounts on individual containers.  Digital rights management (DRM) of containers is, in part, handled using ARM Holdings plc's (LON:ARM) licensed "TrustZone" hardware DRM technology.

If the name doesn't say enough, KNOX's features clearly show Samsung is targeting defense and intelligence agency clients.  Samsung put the device through a variety of certification hurdles, including SRG compliance (Defense Information Systems Agency's Security Requirements Guide), CAC capability (common access card, the DOD's secure thin-client standard for smartphones), FIPS 140-2 compliance (both over the air and on device) and root of trust (special secured boots for government devices).

KNOX expands support to 474+ IT policies, and offers 1,034+ MDM APIs.

Market research firm Gartner Inc. (IT) points out that the MDM APIs and the third-party management tools they enable are one key advantage KNOX has over the closed BB10 platform.  Comments Gartner, "BlackBerry has not opened management API support to popular MDM tools. This will limit the appeal of BB10 devices for those enterprises that manage smartphones through cross-platform MDM tools."

Thorsten Heins
Analysts are critical of BB's decision to block out third party MDM to try to lock its users into its service fees. [Image Source: Getty Images]

In other words, with KNOX an organization could (theoretically) shift to another mobile OS -- say Apple's iOS or Microsoft's Windows Phone -- without having to replace your MDM apps.  By contrast, BB's model inherently tries to lock you in to their high-priced solutions.

BB does have a slight edge in that it uses direct encrypted links (via BB Enterprise Server (BES)) between devices, versus VPN.  But with modern network speeds and multi-core smartphone chips the performance penalty for using VPNs is much smaller than it used to be.

IV. Some Analysts, Politicians Not Sold on Android's Security

Still not all analysts are convinced that jumping from BB to KNOX is a sound decision.

The Enderle Group's principle analyst Rob Enderle tells Reuters, "The Android operating system hasn't been secured properly.  If you are going to tackle security, you kind of have to do it throughout the entire platform. It's not that Samsung doesn't want to - it is that they don't own the operating system so they cannot.  If you're going to sell into government, you have to be able to provide a secure solution and Android isn't it yet."
U.S. Representative Kenny Marchant (R, Tex.) wrote a letter to the FBI commenting, ""I understand that the FBI may be considering a new solution that is a patchwork of technologies stitched together.  I am concerned that this approach may prove to be more costly than other alternatives."

Last, but not least, BlackBerry's chief legal officer, Steve Zipperstein -- an understandably biased source -- complained to Reuters, "The security of mobile devices is more important now than it has ever been before.  It is fair to ask why in this context anyone would consider moving from the gold standard in security, which is the BlackBerry platform."

V. How BB's Decision to be Closed Has Come Back to Haunt It

All these criticisms do have some footing.  BB does offer the most proven secured smartphone solutions.  But from a technical standpoint it's hard to see what exactly KNOX is lacking, other than perhaps field testing.

Perhaps that's why the Navy and FBI are eyeing big contracts to test Samsung's wares.  They may not be impervious to attack, but they seeming check all the necessary boxes and more importantly free these organizations' IT staff from being shackled to a proprietary MDM platform.

BlackBerry Locked
BlackBerry's locked environment is no longer the only game in town. [Image Source: Reuters]

BlackBerry has long enjoyed exclusivity from the majority of government agencies and security-oriented enterprise clients, largely on the simple basis that it was the only one that managed to adequately equip its mobile platform with the requisite technologies for secure operation.  That achievement allowed BB to command steep fees in part by locking users into its services by crippling third party management.  IT folks didn't like it, but they had no choice.

Now that they have a choice, BB is starting to see those policies come back to haunt it.  With a nonexistent consumer brand it could be the final nail in the coffin if BlackBerry's margin-driving government contracts are scaled back.

Sources: WSJ, Reuters, DOD

"This week I got an iPhone. This weekend I got four chargers so I can keep it charged everywhere I go and a land line so I can actually make phone calls." -- Facebook CEO Mark Zuckerberg

Latest Blog Posts
The Best Android Apps
Saimin Nidarson - May 20, 2017, 6:16 AM

Copyright 2017 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki