AICPA SOC Reports
American Institute of Certified Public Accountants (AICPA) Service Organization Controls (SOC) reports provide assurance from a third-party auditor over control environments as they relate to the retrieval, storage, processing and transfer of data.
The Federal Risk and Authorization Management Program, or FedRAMP, is a United States government program that provides a standardized approach to security assessment, authorization and continuous monitoring for cloud products and services.
Certificate of Networthiness (CoN) and Authority to Operate (ATO)
The Networthiness Certification confirms that information systems meet the security, compatibility, and sustainability standards set by the United States Army.
The Federal Information Processing Standard (FIPS) Publication 140-2 is a United States government standard that defines minimum security requirements for cryptographic modules in information technology products. The Cryptographic Module Validation Program (CMVP), headed by the National Institute of Standards and Technology (NIST) validates conformance to FIPS 140-2 requirements.
The Government of Ontario, Canadian Manufacturers & Exporters (CME), and BlackBerry® have announced a partnership to accelerate Ontario’s economic recovery, following the impact of the COVID-19 pandemic. BlackBerry will participate in the Ontario Made program, managed by CME, aimed at promoting locally made products. In collaboration with the Government of Ontario and CME, BlackBerry will also establish a technology working group to expand the program.
Department of Defense Information Network (DoDIN) Approval
BlackBerry® Unified Endpoint Manager (UEM) software has achieved Department of Defense Information Network (DoDIN) approval as a Mobile Device Management (MDM) solution. The DoDIN APL is the single consolidated list of communication and collaboration products that have completed Cybersecurity and Interoperability certification across the DoDIN. DISA’s mission is to provide, operate and defend global command and control and information-sharing capabilities for the entire Department of Defense (DoD), national-level leaders and coalition partners.
NATO has approved the BlackBerry® Enterprise Solution for the storage and transmission of data up to and including the NATO RESTRICTED classification.
Common Criteria EAL 4 +
Common Criteria provides assurance of the design and implementation of security-sensitive products. EAL4+ is the highest certification level and is frequently conducted for products deployed in environments handling sensitive government data.
The National Information Assurance Partnership (NIAP) is responsible for US implementation of the Common Criteria, including management of the NIAP Common Criteria Evaluation and Validation Scheme (CCEVS) validation body.
Cyber Essentials is a cyber security standard developed under the auspices of the Communications-Electronics Security Group (CESG), the information security arm of Government Communications Headquarters (GCHQ) in the United Kingdom. It identifies the security controls that an organization must have in place in order to have confidence that they are addressing cyber security effectively and mitigating the risk from Internet-based threats.
The Payment Card Industry Data Security Standard (PCI-DSS) set minimum necessary requirements that every merchant and/or service provider must meet in order to protect the cardholder data of their customers.
BlackBerry QNX Certifications
The QNX® OS for Safety is certified to meet the requirements of International Electrotechnical Commission (IEC) standard 61508 Safety Integrity Level 3 (SIL3). It’s also assessed to be compliant with ISO 26262 Automotive Safety Integrity Level (ASIL D).