FIPS 140-2 Certification Reinforces RIM Commitment to Security
BlackBerry smartphones with 7.0 and 7.1 operating systems were recently awarded FIPS 140-2 certification by the National Institute of Standards and Technology (NIST) and the Communications Security Establishment Canada (CSEC). While the FIPS 140-2 and Common Criteria certification were expected deliverables from RIM, there are some important takeaways from the announcement:
Security Still RIM’s Bread & Butter. FIPS 140-2 is a security standard used to accredit devices or modules that include both hardware and software components. In both the US and Canada, FIPS certification is required before a device can be used by a government agency. These are expensive processes to complete, both in terms of financial expenditures and resources, and RIM’s recent accreditation demonstrates a continued level of commitment to industries such as government, financial services, and healthcare which inherently disseminate highly sensitive information. With 7.0 & 7.1 blackberry devices and the PlayBook now certified under the FIPS program, government agencies and other highly regulated verticals are more apt to deploy an expanded RIM product portfolio.
Reinforces RIM’s Commitment to Government Sector. There has been speculation that some government agencies have become increasingly concerned over the long term viability of RIM. This has been fueled by highly publicized network outages, questions on blackberry’s future OS roadmap, and the company’s overall financial stability. Some analysts have even suggested that RIM may be phased out of certain government agencies as quickly as practical. The reality, however, is that RIM maintains an extremely strong government foothold with over one million active North American government users. Scott Totzke, senior VP of BlackBerry security at RIM, has indicated RIM continues to see 'steady and incremental growth’ in the federal sector in terms of new subscriber acquisition and refresh business. Churn rates are substantially lower in government then other verticals. Moreover, the recent security certifications only reinforce RIM’s commitment to the sector, so RIM’s foothold is unlikely to deteriorate any time soon.
Competitive Environment Intensifies. Nevertheless, the mobile device landscape is evolving and it is inevitable that federal agencies will increasingly evaluate alternatives to blackberry such as Android and iOS devices. The Department of Defense, for example, has developed a secure kernel for the Android 2.2 OS with FIPS 140-2 capability and is currently testing a variety of customized applications. Military contractors, Harris and Intelligent Software Solutions (ISS), are actively developing applications for the iPhone, iPad and the Android platform. The diversity of mobile devices and overall competitive environment will only continue to intensify and, although adoption may move slower then what we have seen in other vertical markets, a more heterogeneous mobile environment in government is inevitable.
How can RIM Maintain Strong Government Foothold? RIM’s announcement of Mobile Fusion was an acknowledgement that RIM (finally) came to terms with the growing diversity of mobile devices in the enterprise. Similar to the early days of mobility in enterprise, RIM was once essentially the only ‘game in town’ for government employees. However, times have changed. Thus, it is critical that RIM stay ahead of the curve in the government sector and be proactive rather than reactive with respect to evolving trends toward device diversity. RIM currently has a number of enterprise beta customers for BlackBerry Mobile Fusion, however, none yet in the federal sector. So some advice for RIM: Leverage your existing foothold in government by continuing to emphasize and enhance core competencies such as advanced security capabilities and commitments to the most stringent security standards, but stay ahead of the curve by aggressively moving forward with Mobile Fusion for Government.