Research In Motion has been butting heads with foreign governments over its tight security, but its latest BlackBerry 6 OS has won approval from the U.S. government for those same standards.
RIM announced today that its BlackBerry 6 operating system is now FIPS 140-2 certified. FIPS (Federal Information Processing Standard) is a series of standards set up by the U.S. government to ensure that computer products meet certain high-level security requirements. The standard is used by government agencies, regulated industries, and other organizations that store and send data dealing with sensitive information.
The FIPS 140-2 standard (PDF) specifically addresses cryptographic modules, which cover both hardware and software designed to secure and protect data.
"This FIPS certification (PDF) will help extend the reach of BlackBerry 6 to users in a wide range of government agencies and other security-conscious organizations in the U.S.," Scott Totzke, vice president of the BlackBerry Security Group at RIM, said in a statement. "BlackBerry 6 offers an exceptional mobile experience for BlackBerry smartphone users on the most secure wireless platform in the industry."
The FIPS certification is important and special for a mobile device company like RIM, according to IDC Mobile Device analyst William Stofega, who told CNET that any type of security certification from the government is highly vetted and not just given to anyone. Other security-oriented companies do receive this type of certification, but very few mobile device makers are on the list. The FIPS certification is validation of RIM's superiority in the area of security, according to Stofega, a key requirement for government.
"Government is one of the big buyers of technology," Stofega said. "That's a big part of where a lot of these companies, both tech and tech-related, get there business from."
And with RIM being an international player serving multiple global partners and governments, security certification is important among businesses as more users bring their mobile devices into the enterprise. Attaining this level of certification is no small feat either, according to Stofega, who said he believes RIM had to work with the National Security Agency as part of the effort.
Ironically, the tight, encrypted security used by RIM on its BlackBerry devices and network has been a sore point among various governments, which have argued that such encryption prevents them from accessing and monitoring that data for national security reasons. RIM has been struggling to work out compromises with the United Arab Emirates, India, and Saudi Arabia that would avoid permanent bans of BlackBerry service throughout those nations.
RIM has certainly taken a lot of flack for its tight security among these countries, said Stofega. But security is one of the company's core features, and users in foreign countries like the device, he noted. As a result, the attitudes among these governments over security encryption could end up pushing away business.
"If some of these emerging markets or growth markets don't start to adapt these security features, it's a big problem," said Stofega. "A lot of them have governmental interests in terms of wiretapping and other things. But more importantly, if you're a corporation, you don't want your intellectual property being leaked out all over the place."