Securely Extend File Collaboration Inside and Outside Your Organization
Proving compliance to International Traffic in Arms Regulations (ITAR) and Export Administration Regulations (EAR) is challenging when it comes to tracking the day-to-day activities of employees, and nearly impossible when it comes to files and information once they leave the corporate firewall.
Extend file collaboration across your trusted value chain with BlackBerry® Workspaces, while protecting your data, brand and people by meeting compliance requirements. Workspaces lets you create collaborative workspaces, share files inside and outside your organization, access your files from any device (Windows®, macOS, Android™, iOS and BlackBerry® 10), and ensure that the latest version of your file is always synced and available.
Protect Your Data
Only BlackBerry Workspaces can provide the level of security organizations need—wherever files are, wherever they need to go, and whoever needs access to them.
BlackBerry® Workspaces secures your files wherever they travel, encrypting and wrapping them in a layer of security. This protects your file while at rest and in transit, on the server and on the device—even after it leaves your firewall. File level security provides three important security features:
- 256-bit encryption – Files are virtually unhackable
- User access control – Only a designated user can access the file
- Digital rights management (DRM) – You control what recipients can do with a file (access, view, edit, copy, print, download or forward)
BlackBerry Workspaces allows you to create secure workspaces and provide access to users inside and outside of your organization. Files can also be shared via email, SMS and other communication apps as a link to a secure workspace. Advanced security rules and access controls can be set at the user, group or domain level. These rules control both access to the collaborative workspaces and access to the files themselves—even when the files are outside your security perimeter.
BlackBerry Workspaces provides a REST API and Java and .Net SDKs, so you can integrate Workspaces services into your existing enterprise applications and workflows. All services provided by the Workspaces server are available through the API.
Workspaces also integrates with DLP systems in two ways:
- Via ICAP to provide real-time file security, rules enforcement and threat response
- Via BlackBerry Workspaces Email Protector to provide enforcement of DLP security rules on outbound email attachments
Protect Your People
Fear of career damage, and even criminal penalties, can make ITAR/EAR compliance a personal concern for employees. Protecting your people includes making sure that they can effectively get their job done. BlackBerry Workspaces lets you enable users to be productive, while maintaining security over sensitive files and intellectual property.
BlackBerry Workspaces allows users to securely share files and collaborate with external users without risking theft of intellectual property. Internal and external users can edit Microsoft® Office documents within the secure Workspaces container on any device and online in Office 365™ with full DRM enforcement. Even if they don’t have permission to edit or download the original file, users can add comments, highlights or draw on the file. In many cases, this is a more practical and productive way of working on mobile devices and tablets.
ITAR and EAR applies to many businesses that are a part of complex value chains, so the people you need to protect may not be limited to the workers on your payroll. BlackBerry Workspaces allows you to create collaborative workspaces that meet the needs of your extended ecosystem. With flexible security and sharing, access rules can be set at the file, folder and workspaces level, and applied to an individual, group or an entire domain.
ITAR and EAR compliance can be complex and sometimes confusing. Workspaces allows your employees to do their job, sharing and collaborating on files, without undue stress about whether they are violating security protocols. System administrators always have control over settings and security policies, providing each user with the appropriate level of access and sharing. When they use Workspaces, they know they are doing their job within the framework of the corporate security policies.
Protect Your Brand
ITAR/EAR violations carry severe monetary penalties and the threat of criminal prosecution. Such violations can also have significant negative impacts on a company’s brand and reputation. In some cases, it can even mean being cut off from government contracts.
Violations are generally the result of an unplanned or undetected security breach. With BlackBerry Workspaces, you know WHO, did WHAT, WHEN they did it, WHERE they were and WHAT device they used—in real-time and historically. This information is automatically logged in the Workspaces server. Activity can be monitored in real-time and integrated into threat monitoring and detection systems via integration with the Workspaces SysLog. For instance, if files are accessed from an unusual location or if unusually large amounts of files are being downloaded, Workspaces enables you to spot such unusual behavior immediately.
If you detect suspicious activity or identify a real security breach, Workspaces allows you to change file access permissions remotely. As soon as a breach is detected, access permission can be revoked for any affected files, so they cannot be unlocked, no matter where they’re located. As the threat is assessed and addressed, it is possible for the administrator to restore file access, allowing you to quickly get back to business-as-usual.
BlackBerry Workspaces was designed with the needs of your compliance officer in mind. Powerful reporting tools enable granular activity reporting at the file, user, group and workspace level. There is a defined user role for compliance officers that is powerful, yet segregated from other administrative functions. This means that the compliance officer has access to and reporting on file activity records without exposing administrative functions, or providing access to the files themselves.