BlackBerry Persona Mobile User Manual

BlackBerry Persona Mobile

Product Overview

2020-11-19Z

||2

Contents

What is BlackBerry Persona Mobile?.................................................................4

Architecture: Persona Mobile................................................................................................................................5

How does Persona Mobile determine a user's behavioral risk level?................................................................ 7

How does Persona Mobile determine a user’s geozone risk level?................................................................... 7

How does app anomaly detection work?.............................................................................................................8

Configuring and using Persona Mobile............................................................. 9

Workflow: IntegratingPersona MobilewithBlackBerry Enterprise Identity..... 10

Use cases....................................................................................................... 11

Adapting device behavior in a high-risk scenario..............................................................................................11

Adapting device behavior in a low-risk scenario............................................................................................... 11

Adapting device behavior in a defined geozone............................................................................................... 12

Confirming a user's identity................................................................................................................................ 12

Legal notice.................................................................................................... 13

||iii

What is BlackBerry Persona Mobile?

BlackBerry Persona Mobile is a cloud service that dynamically adapts the security requirements and behavior of
your users' devices and work apps to their real-world contexts. For example, if a BlackBerry Dynamics app reports
a location that is not typical for the user, Persona can dynamically limit the user’s access to work apps, disable
device features such as the camera, and enforce stricter authentication requirements. Likewise, if a BlackBerry
Dynamics app reports a location that is typical for the user, Persona can apply device behaviors that make it
easier to access work apps and resources.

Persona adds a layer of adaptive security to your organization’s existing UEM domain without introducing an
additional software footprint. It is a cloud servicethat collects data from existing BlackBerry solutions, including

BlackBerry Enterprise Identity and BlackBerry Dynamics apps.

The Persona services gather and process behavioral data, app events, and location data to calculate risk levels for
each user in real time:

• Behavioral risk: An assessment of risk based on the user’s typical activities

• IP address risk: An assessment of risk based on the IP addresses that devices connect to

• Continuous authentication app anomaly risk: An assessment of risk based on a model of the user’s typical
BlackBerry Dynamics app usage

• Geozone risk: An assessment of risk based on the user’s proximity to learned locations or locations that you
define as high or low risk

You can choose which risk engines you want Persona to use. For the different types and levels of risk, you can
configure actions that you want Persona to execute when a user meets that risk criteria, including:

• Assigning the user to a local UEM group with policies, profiles, apps, and permissions appropriate for that risk
level

• Assign a BlackBerry Dynamics profile that overrides the profile assigned in UEM

• Temporarily blocking all BlackBerry Dynamics apps

• Temporarily blocking the specific BlackBerry Dynamics app that initiated the risk assessment

After some initial configuration, Persona continuously applies adaptive and intelligent security standards to each
user’s device and work apps based on the user’s behavior, device usage, and physical location, with no action
required by users or administrators.

Persona also adds new functionality to BlackBerry Enterprise Identity authentication policies. You can now
incorporate a user’s behavioral risk level, geozone risk level, or a defined geozone into the factors that determine
the authentication type required for work apps and services.For example, if a user's behavioral risk level is high,
you can require the user to enter both a password and use BlackBerry 2FA to access work apps.

|What is BlackBerry Persona Mobile?|4

Architecture: Persona Mobile

Component Description

Managed devices BlackBerry Enterprise Identity and BlackBerry Dynamics apps that use the

BlackBerry Analytics SDK sendusage data, events, and location datato the
Persona services.

The BlackBerry Dynamics apps released by BlackBerry (BlackBerry Work,
BlackBerry Access, and so on) include the BlackBerry Analytics SDK.

|What is BlackBerry Persona Mobile?|5