The Advantages of BlackBerry UEM for Mobile Device Management

Myntex Data Center

BlackBerry® Unified Endpoint Manager unlocks the Android For Work security component built into Android devices. This allows Myntex to deploy our encrypted mobile solutions on authorized off the shelf devices around the world. BlackBerry UEM is an important component of our organization as it works with a wide variety of models for use with ChatMail™.

We can attest to the fact, “With its single management console and trusted end-to-end security, BlackBerry UEM provides flexibility and security to keep your employees connected and protected so they can work from practically any device, anywhere.”  

Our History With BlackBerry

We were inspired by the security and privacy afforded by BlackBerry Messenger and all the capabilities of the BlackBerry phones. As a company, Myntex began offering PGP encryption on BlackBerry phones as a white label solution in 2011.

BlackBerry phones introduced Secure Wipe and Remote data wipe, two of the features that businesses appreciate to secure their data in situations such as when an employee loses their phone or is terminated.

The Many Ways of Using UEM

As stated on their website, “You can install BlackBerry UEM in an on-premises environment for the utmost control over your servers, data, and devices. This prevents any third party from having access to the secure configuration. An alternate method is to use BlackBerry UEM Cloud, which offers an easy-to-use, low-cost, and secure solution. BlackBerry hosts BlackBerry UEM Cloud over the Internet. You only need a supported web browser to access the service.”

Rather than using BlackBerry UEMs virtual machine on their cloud, Myntex runs a self-hosted instance in our own private data center. This allows us to maintain granular control over our infrastructure, eliminating the risk of unauthorized access and intrusion.

How Myntex Adopted BlackBerry UEM

In 2005, Blackberry released BBM Enterprise through the Google Play Store and then on the Apple Store. The BlackBerry Wikipedia page refers to BBMe as “An IP-based enterprise instant messaging platform that provides end-to-end encryption for voice, video, and text-based communication.” Afterwards, a Software Development Kit was issued for BBMe, which gave Myntex the impetus to create ChatMail.

BlackBerry Enterprise Server was introduced in 1999 and by 2008, as technology changed, BES became vulnerable to several issues that eroded its’ security. The company acquired a solid MDM solution from Good Technology and merged it with BES, rebranding the combined service as BlackBerry UEM.

BBMe let developers add the brand’s trustworthy capabilities into their own applications, including secure messaging, voice, video, and file sharing. BBMe was developed, first and foremost, as a business tool, and (was) a lot more streamlined by design . . . Because it was built for use in high-security industries, BBMe (offered) stronger encryption than BBM. BlackBerry retired BBM in 2019.

UEM has many different configuration options, you can choose to integrate with Microsoft based products like active directory and Microsoft Exchange, but you can also use it as a standalone secure AFW management tool. Without having to introduce additional third-party software. We do not use Microsoft Exchange or active directory because they introduce further vulnerabilities. We only use UEM for securing and locking down the phone. BlackBerry UEM provisions the phone and secures the device using the built-in security policies provided by Android For Work.

What Does Blackberry Have Access To?

The ingenious design of UEM, in conjunction with AFW, allows us to privately manage our own secure, private version of the Google Play Store. This organizational play store is only available on our custom devices and can only be managed by our company. This is very different from what is available on standard smartphones. Our organizational play store is controlled exclusively by Myntex. All applications are signed internally with our cryptographic keys, further guarding against malicious code attacks. This allows secure distribution of our custom applications to UEM secured devices.

BlackBerry UEM has no access to our ecosystem at all. This means UEM doesn’t have access to any of our infrastructure, nor do they have access to the application data on our secure devices. Furthermore, UEM doesn’t track your location. If the GPS was ever accessed maliciously, mock location data is sent – further ensuring your privacy.

A Global Industry Leader

Today, BlackBerry UEM ranks alongside the market front-runners including Microsoft Endpoint Manager, VMware Workspace One, Citrix Endpoint Management, IBM MaaS360, and Ivanti UEM.

The Best UEM software will be a matter of choice for each enterprise depending on the needs within the Internet of Things they want to securely enable. “Using BlackBerry UEM, enterprise workers can work from almost any device, anywhere, using a single management dashboard and end-to-end security.”

Key Blackberry UEM Differentiators:

  • provides behavioral risk scores to users based on applications usage, with users who use applications consistently being deemed low risk
  • offers multi-factor authentication for a secure and easy connection to a VPN on a device
  • manage mobile devices from a single management interface, reducing risks and ensuring regulatory compliance
  • ownership model includes bring your own device company owned, personally enabled, and company owned business only
  • supports wearables such as smart glasses

For our purposes, Myntex trusts UEM to seamlessly provide Mobile Device Management to support our need to control mobile device functionality, including device enrollment, and device lockdown.