The BlackBerry solutions from Research In Motion^® (RIM^®) have made a name as effective instruments of rationalization, because they give employees anytime and anywhere access to the most important factor in today's business world: information. To protect this information BlackBerry uses a strong encryption scheme in which the data are encrypted while transmission between the BlackBerry Enterprise Server and BlackBerry devices. Why do we need then additional security layer, as offered by the Totemo AG?

In the BlackBerry solution, emails – directed at mobile devices – are conducted about so-called BlackBerry routers. If a target device is not available, the relevant emails are temporarily stored within the infrastructure of Research in Motion. In most cases you will find the BlackBerry router (of which there are only a few worldwide) not in the country of origin of the enterprise that uses the BlackBerry solution. Many security investigations criticize in the first place the central position of the BlackBerry routers in Canada and Great Britain, who control all communication with BlackBerry smartphones. No matter how safe the BlackBerry security infrastructure may be, alone the fact, that all communication runs via a few central server (on which data is possibly stored in the short term), some companies are forced to implement an additional layer of security.

Totemo TrustMail^® is a solution for the secure and confidential communications over the Internet - and therefore the ideal addition to your BlackBerry^® Enterprise Solution. TrustMail is one of the most innovative and successful secure messaging solutions.

Totemo TrustMail^® can provide together with the BlackBerry solution that data are sent securely over the public Internet. With its patented Internal Encryption module TrustMail also protects emails within the corporate network without requiring any plug-ins or additional software need on the workstations or mobile devices to be installed.

The Totemo Transcoder for BlackBerry also provides an additional layer of security because it protects not only emails; it encrypts all traffic between the BlackBerry Enterprise Server and the BlackBerry device, including contacts, calendar, VoIP, proprietary applications etc.

Through the encryption of the highly developed and user friendly PKI technology the highest possible level of safety is achieved. The Totemo Transcoder for BlackBerry encrypts and decrypts all data being exchanged between the BlackBerry Enterprise Server and BlackBerry smartphones, using a hybrid encryption (AES and RSA).

As usual with all Totemo solutions, the management and distribution of the certificates and keys, required for the encryption, are fully automated and require absolutely no interaction from the user.

The Totemo Transcoder for BlackBerry can be easily integrated into any existing system environment. It is simply installed as a plug-in on the BlackBerry Enterprise Server. Thus, it requires no additional server, who must be installed or administrated.

The add-on that is installed on the BlackBerry Enterprise Server can also be integrated with existing user management system (such as Microsoft Active Directory, LDAP, BlackBerry Enterprise Server, etc.).

Like all Totemo solutions, the Totemo Transcoder for BlackBerry also builds on the Totemo Security Platform (TSP). The Totemo Security Platform is a dynamic, extensible security architecture that is completely based on interoperable industry standards. All security features like encryption, authentication and authorization, certificate and key management and central administration are fully integrated and have been proven several times in the market.

Features

The Totemo Transcoder for BlackBerry uses standard X.509 certificates to secure all communication between the BlackBerry smartphone and the BlackBerry Enterprise Server. The rollout and the management of the X.509 certificates are highly automated without the need of any user interaction. Thus the complexity inherent to the PKI technology is completely eliminated.

The encryption between BlackBerry Enterprise Server and smartphone combines strong standard symmetric and asymmetric algorithms (AES and RSA). According to the pattern of today’s email encryption standards, every packet sent from the BlackBerry Enterprise Server to the BlackBerry smartphone – or vice versa – is encrypted with an AES session key. The symmetric key is encrypted using the widely used and accepted asymmetric RSA algorithm. The combination of both algorithms guarantees the best performance and the highest security.

The security of the used keys and certificates stored on the BlackBerry smartphones is ensured through multi-factor authentication. It is a combination of user password, BlackBerry PIN and SIM card.

The Totemo BlackBerry Transcoder is using the standard interfaces of RIM to ensure full compatibility with present and future BlackBerry Enterprise Server releases and easy and transparent integration into the existing system infrastructure, without changing any workflows. The encryption already integrated in the BlackBerry Enterprise Server is not affected because the Totemo Transcoder for BlackBerry works transparently.

Totemo BlackBerry Transcoder for BlackBerry provides:

• PKI technology based communication between the BlackBerry Enterprise Server and the BlackBerry smartphone (the whole communication channel is secured)
• Automatic certificate rollout and management
• Automatic software rollout and software installation on the BlackBerry smartphone
• Hybrid encryption methods between the BlackBerry Enterprise Server and BlackBerry smartphones: RSA and AES
• Multi factor authentication for key access (Password, PIN, SIM card)
• Compatibility to further releases because of the use of RIM standard interfaces and transparent encryption
• Simple administration and very easy integration into the BlackBerry Enterprise Server based on the Totemo Security Platform

PDF version: Totemo Transcoder for BlackBerry