BBM Protected offers the security benefits of an on premise service with the convenience and benefits of a cloud service, and the end user experience of an uncompromised consumer application.

BBM Protected works by adding an additional level of encryption to messages sent between BBM Protected users by securely exchanging a set of public keys that are unique to those two users. The first time two BBM Protected users attempt to message each other, a secret passphrase is shared by email, SMS, phone, or in person. After the secret passphrase is verified, public signing and encryption keys are exchanged between the two users allowing for this advanced encryption of messages.

​BBM Protected voice and video is designed to use the most direct and efficient path for data transfer between the two users in the call. In some cases, when a direct path is not possible, the encrypted voice or video call will be connected through the BlackBerry Infrastructure.


  • IT Policy for Rectract Messages

ATHOC

Benefits

Notify anyone, anywhere,
on any device

  • On/Off switch for Protected Plus

​​As a BBM Protected Admin, you will now have the ability to turn on an IT Policy for Protected Plus. Protected Plus is an additional feature of BBM Protected that makes all of your users’ chats use BBM Protected, even if their recipients don’t have BBM Protected turned on. After you enable Protected Plus, BBM uses BBM Protected encryption for all messages in chats.

Protected Plus is now a global setting which can be applied to ALL Protected users. Previously, the Protected Plus feature had to be applied to each user.

Blackberry Workspaces

The Leader in Secure Enterprise File Synchronization and Sharing

BBM Protected voice and video encryption

  • Autopassphrase: Default for BBM Protected

Here’s some information about BBM Protected.

Questions

The BBM Protected IT Policy for Retract Message allows an administrator the ability to disable the retract message feature within BBM for Enterprise users upon their request.

Fully customize emergency mass notification alerts and target based on location and user profile

Notify your entire organization or target select groups of people with the ability to receive their responses. AtHoc enables the operator to customize the message, target devices and recipients based on geolocation down to the individual's blood type. 

Customize alert target fields that align with your operational needs to gain higher resolution when targeting.

  • Preconfigure templates and scenarios to expedite alerts
  • Attach evacuation routes and relevant data to impacted personnel when tailoring your message

Communicate and collaborate with other organization

AtHoc's comprehensive suite unifies crisis communications between organizations, people, devices, and external entities. The result: Leaders can make informed decisions to effectively protect the people they care about.

WORKLIFE by BLACKBERRY

Alert

  • Enterprise Outer Circle enhancements

As a cloud DS user, you will notice an improved experience when searching for co-workers in the cloud directory service. When you click on a contact in the search results, they are now automatically added as a BBM contact. You immediately have the ability to chat with them without having to invite the contact. Further, the “invite contact” option has been removed from the chat screen to take away any unknowns, making the process seamless. Invitations are also not required when using the BBM Voice application.

Process and route multimedia geo-location events triggered by individuals on scene, routing the events to the appropriate agency and sharing over a map

After two users have completed the key exchange process, BBM Protected uses each party’s long-lived signing key pair to digitally sign the messages and the encryption key pair to encrypt or decrypt messages. The session key is the symmetric key shared by all conversation participants.
When a user in your organization makes a BBM Protected voice or video call, BBM Protected uses a new, random AES-128 key for each participant in the call, and for each media stream in the call. The symmetric keys are encrypted and signed before they are sent to the other participant in the BBM Protected voice or video call.

BlackBerry does not have the ability to access any of these encryption keys. BBM Protected voice and video media encryption follows the SRTP standard.

How does BBM Protected work? 

BlackBerry® Workspaces (formerly known as WatchDox by BlackBerry) is a modern, highly secure file management platform that enables effortless, multi-OS synchronization and sharing. Workspaces solutions limit the risk for data loss or theft by embedding Digital Rights Management (DRM) security into each individual file, so your content remains secure and within your control, even after it is downloaded and shared outside of your organization.

Does this mean that regular or personal BBM Chats are not secure? 

BBM Protected helps provide secure BBM messages between BlackBerry OS (version 6.0 to 7.1), BlackBerry 10, iOS, and Android devices. 
BBM Protected uses public key encryption to digitally sign and encrypt messages to help establish secure communications between BlackBerry OS (version 6.0 to 7.1), BlackBerry 10, iOS, and Android devices. 


​Customers can use BBM Protected to provide end-to-end encryption for BBM messages that are sent between BBM Protected users in an organization and other BBM Protected users, inside or outside of an organization. BBM Protected uses default BBM encryption when users in an organization send BBM messages to contacts who aren't using BBM Protected. The encryption that BBM uses for BBM chats depends on whether BBM Protected is turned on or turned off. BBM Protected uses established cryptographic methods to encrypt and digitally sign messages in order to establish secure communications between BBM Protected users. Users can seamlessly send messages to their friends and family with default BBM encryption at the same time that they send messages to their work contacts with BBM Protected encryption

Effective responses start with accurate location and personnel status

Deliver faster assistance and with greater accuracy when you are able to receive location and status updates from your personnel. AtHoc Account enables operation leaders to assess organization readiness before, during, and after an event to maintain continuity and effectiveness

  • Activate real-time location tracking via mobile app and provide instantaneous location information when seconds count
  • Flexible and customizable response options make it easy to validate personnel status
  • Utilize online self-service portal to gain visibility at the individual level of local needs and requirements
  • IT Policy for no Screen Captures

BBM Protected voice and video call data transfer

Visualize on-scene status and manage incoming events from the operations center

For the first time, an operation center can actually see what is happening at the incident scene, enabling rapid mobilization for an effective response. AtHoc Collect manages the flow of incoming events and reports, applies business rules, and directs the reports to the relevant teams within the organization for further dialogue and handling.

  • Collect real-time information from the field via reports that are geo-tagged with attached rich media
  • Display events over a map, along with detailed information about source, type, and contact identity

Connect

Information

AtHoc Integration Technology

ABOUT BBM PROTECTED FEATURES

Account

Gather critical information from your people to achieve situational awareness

WHAT IS BBM PROTECTED ?

Flexible Deployment Options

All deployment solutions enable a single and secure view of all enterprise content from any device.

Protected Autopassphrase is an extra feature of BBM Protected that allows users to exchange the passphrase that is required to begin a BBM Protected chat. After you turn on Protected Autopassphrase, the passphrase that users exchange to use BBM Protected is generated automatically. The passphrase is shared in-band, using a BBM message and requires no user interaction in order to set it up. The sender’s BBM app automatically selects three random words and sends them to the recipient to use as the passphrase.

Since most customers prefer Autopassphrase, you will now see Autopassphrase built in as the default for BBM. Should a user require this level of security, IT Administrators can enable the “BBM Protected Manual Passphrase” in the Protected console with an IT policy.

AtHoc Networked Crisis Communication Suite

Not at all. The default level of security offered by BBM today is already very secure offering two layers of encryption for messages sent between BBM contacts.


  • BBM uses a TLS to establish a secure connection between the smartphone and the server. TLS is a common web standard that is used for online shopping and internet banking.
  • BBM messages are encrypted using a triple DES 168-bit BBM scrambling key which encrypts messages leaving the sender’s phone, and authenticates and decrypts messages on the recipient’s phone. These two layers working together mean that you have secure messages flowing through a secure pipe. BBM Protected adds yet an additional layer of advanced encryption to this security model helping to meet the needs of the most security conscious organizations.

Collect

Unified Emergency Mass Notification - Devices include computers, phone (cell, landline, VoIP), social media, sirens, digital displays, radio, PA systems and more.

Gather critical information from your people to achieve situational awareness

WORKSPACES

If you enable BBM Protected on BlackBerry OS or BlackBerry 10 devices, you add the BBM Protected rule to an IT policy and assign the policy to a group of users. 
If you enable BBM Protected on iOS or Android devices, you must use the Enterprise Identity management console to assign BBM Protected to users. 
The first time you start a BBM Protected chat or group, you share a passphrase. After a contact or group member enters the passphrase, BBM Protected encrypts all sent messages. Now when you send BBM messages to BBM Protected contacts and when you receive messages from BBM Protected contacts, BBM Protected signs and encrypts the messages.

​BBM Protected uses established cryptographic methods to encrypt and digitally sign messages in order to establish secure communications between BBM Protected users. Users can seamlessly send messages to contacts who aren't using BBM Protected with default BBM encryption at the same time that they send messages to their contacts who are using BBM Protected with BBM Protected encryption.

How BBM Protected protects messages

BBM PROTECTED / ENTERPRISE

As a BBM Protected Admin, you will now have the ability to turn on an IT policy that prevents users from performing a screen capture within BBM Protected. This increases security and adds another layer of protection to BBM Protected chat conversations.

The BBM Protected IT policy for Timer Control allows an IT administrator within an organization to use the EID console to set a timer on employee messages exchanged within BBM. This setting applies to both the sender and receiver within the same organization.

  • IT Policy for Timer Control

One Employee. One Phone. Two Separate Lines.

WorkLife by BlackBerry® isn’t just split billing – it’s a new way for organizations to manage telecom expenses, protect employee privacy and control company assets. And it couldn’t be easier. WorkLife by BlackBerry preciseWorkLife by BlackBerry® isn’t just split billing – it’s a new way for organizations to manage telecom expenses, protect employee privacy and control company assets. And it couldn’t be easier. WorkLife by BlackBerry precisely distinguishes between work use and personal use of an iPhone, Android™ or BlackBerry® smartphone by introducing separate lines managed by the enterprise.

With WorkLife by BlackBerry, enterprises can easily add a separate corporate phone number to a personal device brought in by the employee (BYOD). WorkLife by BlackBerry allows the enterprise to pay for the work line (voice, SMS and data) while allowing employees to keep their personal line for personal use.

How can we help our customers?