BlackBerry security: the white elephant issue that could trample Apple

When Research in Motion (TSX:RIM) co-CEO Mike Lazaridis, after being pressed on BlackBerry security issues in India, Saudi Arabia and the United Arab Emirates, walked out on BBC reporter Rory Cellan-Jones last week, the reaction from the tech press fell along familiar lines.

For some, the Waterloo tech giant is a dinosaur
and its products are a “tired remnant of yesterday’s technology” in a world of slicker iPhones, iPads and Android devices.

John Paczkowski of All Things Digital said Lazaridis “picked a lousy time for his latest PR gaffe” adding that the RIM co-CEO has, of late, appeared “defensive, evasive and at times completely nonsensical.” Business Insider’s Pascal Emmanual Gobry said that while the video was taken out of the context of the full interview, the clip that circulated in the days following the interview “made Lazaridis look really bad: petulant, insecure, defensive”.

Critics clearly felt Lazaridis’ insistence that the company was being “singled out” was mere sour grapes for the leader of a company that has become the Rodney Dangerfield of tech stocks. In the United States RIM, with its Playbook launch about to unfold, garners little respect in the financial world, despite having grown from just $6 billion in revenue in fiscal 2008, to nearly $20 billion in fiscal 2011. Late last year, Bloomberg reported on a growing divide between the way US and Canadian analysts saw the stock. They noted that ten of eleven Canadian analysts who cover Research in Motion rate it a buy, while just 54 percent of the 35 U.S. analysts covering the stock do.

But is there a growing case to be made for Research in Motion based on rapidly rising mobile security concerns? Many believe that the Blackberry maker has become the proverbial canary in the coal mine for not just security issues in a certain part of the world, but for mobile security in general. And some say the issue is about to explode. Jeff Wilson, an analyst with Infonetics Research, expects global revenues from smartphone security software to rise from $219 million last year to nearly $1.4 billion by 2013.

A survey by San Francisco software firm FuzeBox reported that nearly half of tablet owners in the United States are using their devices to transmit sensitive data. And computer security giant McAfee said the amount of malicious software designed specifically to attack mobile devices increased by 46% between 2009 and 2010.

Hackers, like other criminals, will follow the money. Apple’s iPhone has already become an iconic product and the company, for all intents and purposes, invented the tablet space with the release of the iPad. But some experts believe the company’s popularity, combined with a lack of attention to security, is a time-bomb waiting to go off. Daniel Hoffman, chief technology officer at SMobile Systems says the iPad suffers from the same weak encryption issues that plagued the iPhone. “The problem with the iPhone security encryption is it is fundamentally worthless,” he said. “It can be easily bypassed.” And Forrester Research VP Chenxi Wang said “I don’t believe iPads are secure enough for regulated industry or governments who handle highly sensitive data”.

Late last year, The European Network and Information Security Agency (ENISA) warned of security threats posed by the recent rapid adoption of smartphones, including data leakage, improper decommissioning and unintentional data disclosure. The report said warned of a mobile landmine fed by a “rich cocktail of features including an array of sensors, multiple radio and network interfaces, as well as gigabytes of storage and powerful processors. They can also act as as contactless wallet, a camera/videophone, a barcode reader, an email client, or a way of accessing social networks.”

Security, of course, is RIM’s wheelhouse. Many analysts believe it is the primary reason the company continues to be the default choice in the world of government and business. Last year, a poll showed that 9,140 out of USA House of Representatives 9,226 staff use Blackberrys, only 86 use iPhones. RIM’s approach to security is fundamentally different than other device makers. The company uses complex codes to encrypt data as it travels between a BlackBerry server and the BlackBerry device. All BlackBerry traffic runs through the company’s own secure Network Operations Centers. Despite the fact that these centers are at the crux of the issue, some say manufacturers like Apple are not immune to the step, they are simply forgoing it.

Carmi Levy of IT Business says “RIM’s best-of-breed mobile security model is so good that it gets singled out while other vendors – I’m looking at you, Apple – get a free ride (okay, who are we kidding? Traffic on iPhones and other smartphone platforms is so relatively easy to pick off that it’s safe to assume that governments are already monitoring them.)”

Recently, before British Parliament, the Government Communications Headquarters (GCHQ), a British intelligence agency responsible for providing signals intelligence and information assurance to the UK government and armed forces, warned of the security threats surrounding smartphones, concluding that “Only BlackBerry devices, made by the Canadian firm RIM, are approved for classified data and only at the least sensitive level. The firm has passed GCHQ tests of its security technology – including a strong encryption system – for weaknesses that could be exploited by foreign spies.

Shares of Research in Motion’s TSX listing closed at $52.84 on Friday, down from a recent high of $148 on June 20th, 2008.

Below: Mike Lazaridis ends the BBC interview with reporter Rory Cellan-Jones