BlackBerry Containerization

Protect Corporate and User Data

How do you ensure corporate data never leaves the enterprise no matter which devices employees use? The BlackBerry® Dynamics container (formerly known as the Good Dynamics container) isolates, encrypts and protects all business data with unmatched security.  Unlike other containerization solutions, BlackBerry Dynamics offers the same security on all mobile operating systems and has been certified as Common Criteria EAL4+, the highest security level. With BlackBerry Dynamics, IT can confidently promote the use of corporate information in mobile workflows on BYOD or company owned devices, knowing that the enterprise’s data is always protected.

Security at Every Step

BlackBerry Dynamics offers robust security to ensure that data is always protected, including:

  • FIPS-validated, app-level, AES 256-bit encryption that is independent of the device secures corporate data even if the device passcode is compromised.
  • Secure inter-app communication restricts data sharing to between containerized apps.
  • Security and compliance policies allow IT to always retain control over business apps and data.
  • A trusted secure architecture ensures that app data is encrypted end-to-end and flexible deployment options provide companies with control over where app data goes.

Containerization For Android

Enabling a work profile allows organizations to manage the business data and applications they care about, but leave everything else on a device under the user’s control. Administrators control work profiles, which are kept separate from personal accounts, apps, and data. By default, work profile notifications and app icons have a red briefcase so they’re easy to distinguish from personal apps. Work profiles allow an IT department to securely manage a work environment without restricting users from using their device for personal apps and data.

If I set up a work profile on my device, what will my organization be able to control?

When you setup your work profile on a personally owned device, the device policy controller application will present the terms of use and detail the data on your device that is captured and recorded. You must review and accept the user license agreement to set up your work profile.

With work profiles, administrators have the ability to carry out some or all of the following actions:

  • Enforce settings and per-application restrictions for devices
  • Create, access, and delete work data in the work profile
  • Silently install and remove applications and certificates
  • Request a list of applications accessing data in the work profile
  • Remotely wipe work profile data
  • Restrict what can be shared across personal and work profiles
  • Block screen capture in your work profile
  • View statistics regarding your managed account
  • Manage corporate access to mail server and internal data
  • Change your account password
  • Monitor network activity and location information

Sample work profile policies:

For example, before you can complete setting up a work profile, an administrator may specify that a device has a password with at least 4 characters and that the latest device policy is used. Later, there may be various policies to protect a device, such as the ability to wipe an account from a device after 30 days without synchronization.

When you set up a work profile on your personally owned device, some device details are shared with administrators, but only data in the work profile is managed by your organization. Data and apps in your personal space are kept separate and remain private.

Domain administrators can view the following details about your device:

  • Model, serial number, and ID
  • Phone Number
  • Carrier
  • Operating system
  • Build Number
  • Kernel Version
  • Baseband Version
  • MAC Address
  • Language

On your device, go to Settings > Accounts. If you have a work profile it’s listed in the Work section.