Research In Motion's (RIM) BlackBerry smartphone OS is known for security, and that's for good reason. RIM designed the mobile OS with security in mind from the start, and it shows; the BlackBerry OS offers a number of ways for smartphone owners and IT administrators to control how mobile applications interact with your device and all of the data stored on it.
For the purposes of this article, I'll focus on how individuals can safely and efficiently manage BlackBerry application permissions, but if your BlackBerry is work-issued or otherwise connected to a BlackBerry Enterprise Server (BES), your BlackBerry administrator has the final say on what applications can be installed on your device, as well as the app permissions you can or cannot modify.
(Note the information provided in this article in based on the BlackBerry 6 mobile OS, but most of the advice also applies to other recent versions of RIM's OS.)
BlackBerry "Trusted App Status"
Whenever you install a new BlackBerry application on a smartphone, right after you download it and even before you open it for the first time, you're asked if you want to grant the software "Trusted Application status." By granting such status to an application, you're allowing it to access potentially sensitive information on your device without prompting you for permission again, and as such, you should be very selective about the apps that get Trusted status.
Once you grant an app Trusted status, you can always go into your individual application permissions and modify them or remove the Trusted status - I'll explain how to do so shortly. But it's a good idea not to grant this special status for the majority of apps you install.
Examples of applications that might deserve Trusted App status are applications from reliable developers and/or brands that you simply trust; very popular apps used by many without any sort of negative security- or privacy-reviews in BlackBerry App World, RIM's mobile software shop, or elsewhere; and, perhaps, applications you use or have used frequently enough to trust, that require constant permissions acknowledgements.
Still, I don't really recommend granting Trusted App status, since you're basically giving a piece of software free reign of your device by doing so, and that could lead to trouble.
Best Practices for Managing BlackBerry App Permissions
BlackBerry application permissions are broken down into three categories: Connections, which control application-access to device features including Bluetooth, Wi-Fi, USB, etc.; Interactions, which dictate how applications can interact with device settings, and media and recording options, etc.; and finally, User Data, which let you decide which personal data to open up to applications.
When you first install or open a new BlackBerry app, it may prompt your for access to specific device features and functionality. You'll then have options to either grant the required permission or deny it. And you'll also often see a "Do not ask again" option that lets you grant the app ongoing access to that specific feature or functionality.
You should pay particular attention to permission requests related to your personal user data, since this type of data is usually the most sensitive information stored on most people's smartphones. It also pays to be sceptical of apps that request access to core BlackBerry functions, like network connectivity, messages and GPS and/or cell-tower based location information.
Some applications legitimately require access to sensitive user information including e-mail, organizer data, files and BlackBerry "security data," such as key store keys and certificates. And some applications, like the app for the popular location-based social network foursquare, clearly need access to your location data. So you shouldn't automatically deny requests for access to such information.
But you do want to pay attention to the kinds of permissions apps are asking for. If something seems odd, deny the permissions request and see if the app still functions the way it should. Denying a permission-request could affect some functionality in the app, but sometimes the software will still work fine. And you can always modify those permissions at a later data if the need be.
For example, if a news reader application requests access to your location information, you might want to deny that request, because such an app should be able to function without your location. Many ad-based applications will request access to your location data so they can serve up relevant advertisements based on your whereabouts. However, denying a location request from such an app may stop it from functioning properly because the developer could have built in a feature that blocks content from being served if ads are disabled.
To modify BlackBerry application permissions at any point, simply open up your device Options, click the Device option, then Application Management. In the BlackBerry OS 6, you'll next see a screen that lists all of the applications installed on your device. Find and highlight the app for which you wish to change permissions, tap your BlackBerry Menu key and then select the Edit Permissions option.
On the following screen, you'll see options for the three BlackBerry permissions categories. Scroll over one of them, hit your BlackBerry Menu key again and choose Expand to see the full list of permissions within each category. To change a specific permission, find it within the appropriate category and then change the setting to Allow or Deny. Some specific permissions also offer a Prompt option, which makes the app request approval for access to certain features or functionality every time it needs them or until you grant it full permission. The Prompt function can be valuable, because it notifies you whenever an app is accessing a potential sensitive function or personal data, etc.
To sum that all up, you may occasionally want to avoid using apps that seem interesting but are also suspicious. If that cool new app everyone is talking about comes from a developer you've never heard of that's located in some far off land, you should think twice about simply granting it access to your location information, cellular network connectivity or personal data.
In the end, managing BlackBerry-application permissions is not a science, and it takes more than a little common sense - even a bit of paranoia on occasion. But properly managing your app permissions will pay off with the peace of mind of knowing your smartphone isn't subjecting you, your reputation and your wallet to any undue risk.
Join the CIO New Zealand group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.