Is Blackberry more secure than iPhone?

Posted on 2012-08-13
Last Modified: 2012-08-24
Hi Experts,

We have been, still, mostly using Blackberry through BES and exceptionally only a couple of iPhones. Currenlty we are trying to evlauate if we should discontinue using Blackberry and the BES, and completely transfer to using iPhones. Can you tell me if there are some pros and cons, in terms of say, security, etc? Or simply iPhone is the one to go?

Please help. Thanks.
Question by:Castlewood
    LVL 9

    Expert Comment

    From a technical perspective, yes, blackberry is more secure, but only because it controls the entire process of synchronization if you have the BES. The BES will encrypt the email being send to and form your phone, whereas a man in the middle attack and/or traffic sniffing is possible with IOS and DROID (via the active sync traffic)

    Though many security people have already proven the BB messages can be intercepted, and while they are programmed in Java in the J2ME API which helps, they were hacked at a convention last year,

    And there is also a vulnerability with the BB Native Development kit that allows applications to run outside of the J2ME environment, meaning you could get malware to run on the phone and get into all sorts of different things.
    LVL 13

    Accepted Solution

    You're gonna get a lot of replies on this one  :-)

    Blackberry is more secure then the iPhone because it uses BES.  iPhone/Android use ActiveSync to connect to the mail server where BES uses it's own proprietary solution.  Data is encrypted from the device to the destination (Exchange) and it works very well for corporations.  BBM connects to the RIM Data Network directly and the traffic is encrypted from your device to the destination.  BBM also bypasses your ISP, so sending a BBM is free and doesn't use up your data plan or SMS messages.  

    By implementing SSL on your Exchange server this adds a layer of protection to your iPhone/Androids.

    Personally, I had been a die-hard Blackberry fan for years (First BB I owned was the BB 5810 with the large monocrhome screen).  But the last 2 years I have been really disappointed in their products and have moved to an iPhone.  Once I got used to not having a physical keyboard, the iPhone works great and I think someone would need to pry it from my dead hands to make me go back to a BB.  The apps on an iPhone/Android are a lot less cumbersome then on a BB, work better, are more available and...well, they don't suck.  BB has always had a problem with their Apps and Developer support and this probably won't change (even after BB10.  They're giving BB10 a new wrapper, but the core issue with developers is still the same.  Archaic technology with restrictive development and few API's).

    In our environment, we allow anyone to use whatever device they want.  We have ActiveSync setup for Android/iPhone users and we have the free BES Server setup for blackberry users.  I've had more problems with the ActiveSync then the BES Server.  I installed the BES server and it "Just works" where ActiveSync sometimes craps out, gives users a hard time when they change their passwords and sometimes doesn't push email notifications in a timely fashion.  With that said, I would still keep my iPhone over a BB any day.
    LVL 9

    Assisted Solution

    Oh, also I feel the main thing that BB has for security is it's shrinking user pool.  The fewer users, the less interest there is to attacking it.  Also, the limited app is working for my favor in this regard also, since there are fewer apps they tend to be used for work only.  In most of the security holes in any OS, it isn't the actual OS, rather the applications installed on it that open up the holes in security.  

    I find my IOS/Droid user tend to have a ton of games/trialware/free apps they install or otherwise leave there that can all potentially be spyware/malware/virus or other thing attached that can be a problem from a security perspective. such as

    So unless I can prevent users from installing any non-approved apps, this will always be the problem with giving people smartphones, which would be great if they started doing some sort of AD integration, so I can control a smartphone with a GPO the same way as their work desktop.  Users... always the weakpoint in any security plan.

    Featured Post

    Threat Intelligence Starter Resources

    Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

    Join & Write a Comment

    Learn more about how the humble email signature can be used as more than just an electronic business card. When used correctly, a signature can easily be tailored for different purposes by different departments within an organization.
    Not sure what the best email signature size is? Are you worried about email signature image size? Follow this best practice guide.
    how to add IIS SMTP to handle application/Scanner relays into office 365.
    This video discusses moving either the default database or any database to a new volume.

    731 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    15 Experts available now in Live!

    Get 1:1 Help Now