BlackBerry UEM monitors mobile devices via a single management console using a trusted end-to-end security model to reduce risks and meet regulatory compliance requirements without compromising productivity.

BlackBerry has clearly prioritized security in this version, evident in the addition of iOS and Android patch management. BlackBerry Work is an application that provides secure access to the most frequently used workplace applications like email, calendar and contacts. According to BlackBerry, this security has never been hacked, a truly impressive security achievement.

The platform assigns behavioral risk scores to users based on how and when applications are used, deeming users with consistent usage as low risk. It also factors Geo-Zones into risk scores on business-only devices. Tracking mechanisms create a baseline of a device’s frequently visited locations that are then labeled safe. Geo-violations occur when a device travels to any location not previously deemed safe. They continuously increase a device’s risk score until it returns to a known safe location. Geo-velocity violations occur when a device appears in a geographical location to which it would have been impossible for a user to travel in a given time period. Geo-velocity violations result in critical security alerts.

BlackBerry Dynamics Apps provide important usage information such as the number of active users on a particular application and the frequency of an application’s use. While in the past, compromised applications required security teams to either wipe a device entirely or at least to remove all of its corporate data, BlackBerry UEM is highly specialized and can instead target only the problematic application, containing the device’s exposure to risk and preserving the rest of its operations and data.

A unique physical security feature, BlackBerry AtHoc, the crisis communications system that many governments use, can issue widespread alerts ranging from bad weather to acts of terrorism in a matter of seconds.

Blackberry provides multi-factor authentication (MFA) for safe and easy connection to a VPN on an unsecured device. First, the Identity Platform assigns services to identify and enroll users based on known email addresses and once an enrolled user requests a session, MFA sends a secure message in the email client to verify. Single sign-on is not only a safe way to cut down on verification time and hassle, while avoiding security lapses caused by unsecure passwords and repeated credentials.

Finally, while the dashboard is clear and concise and features some customization capabilities, we occasionally found this product confusing to navigate. For example, we enrolled an Android device without a hitch but struggled to enroll an iOS device. We successfully assigned applications to users but could not find a way to assign applications to the devices themselves. In both cases, the instructions provided were insufficient to help us complete our tasks.

Blackberry UEM can be purchased for $5 per user/month. An annual subscription option is also available. 24/7 phone, email and web support come standard with the purchase of BlackBerry Unified Endpoint. A knowledgebase and FAQ list are also included.  

 Tested by: Tom Weil