BlackBerry adds sovereign control tools to UEM platform

BlackBerry has announced new features for its Unified Endpoint Management platform, aimed at organisations seeking sovereign control over employee devices.

The update extends its endpoint management offering across AI-assisted administration, post-quantum cryptography, macOS support, multi-tenant environments and secure file sharing.

Demand for sovereign endpoint control has grown beyond heavily regulated sectors as organisations face tighter data residency rules, particularly in Europe, and review how device management data moves through cloud infrastructure. BlackBerry said wider use of Apple devices is also shaping that shift, especially in environments where management traffic cannot pass through a public cloud.

Nathan Jenniges, Senior Vice President and General Manager of BlackBerry Secure Communications, outlined the company's position on that demand. "Organisations should not have to choose between modern capabilities and sovereign control," he said. "These enhancements enable customers to adopt AI, prepare for the post-quantum era, and manage diverse device fleets on infrastructure they own and control."

macOS expansion

A central part of the release is broader macOS management through BlackBerry's on-premises deployment model. Customers will be able to manage Apple, Windows and Android devices from a single console without relying on vendor-hosted cloud systems or third-party data routes, according to the company.

That approach targets enterprise, defence and government buyers that want to keep device administration within infrastructure they control directly. BlackBerry argued that many endpoint management products remain tied to supplier-hosted cloud environments, creating jurisdiction concerns for public sector and European customers.

BlackBerry also highlighted an existing certification as a differentiator in government markets. BlackBerry UEM is certified by Germany's Federal Office for Information Security under Common Criteria for managing Apple and Samsung devices in government settings, it said.

Cryptography shift

BlackBerry is also updating cryptographic libraries on devices as part of its move towards post-quantum standards. The work aligns with standards set by the US National Institute of Standards and Technology and forms part of its path towards FIPS 140-3 accreditation, according to the company.

BlackBerry said the changes are intended to add quantum-resistant protections from the UEM server through to secured applications on end-user devices. Combined with its Common Criteria certification and NATO Restricted alignment, the company said this gives regulated buyers a migration path based on independently validated credentials.

The emphasis on post-quantum readiness comes as technology suppliers and large organisations prepare for the eventual risk that quantum computing could weaken current encryption methods. While practical threats remain a longer-term concern for many users, public sector bodies and operators of sensitive systems have increasingly begun planning transition programmes.

Operational changes

The update also includes broader multi-tenant management functions for service providers and large organisations that need strict separation between business units, agencies or customers. BlackBerry said the changes are designed for complex enterprise and government estates running in sovereign on-premises environments.

A revised UEM console and updated administrator interface are also part of the release. BlackBerry said the changes are intended to reduce operational complexity while supporting larger deployments.

BlackBerry is also adding optional AI-assisted functions to the platform. Organisations can choose whether to enable those tools and keep them under their own control, the company said.

The final area of development is secure file sharing. BlackBerry said the updated system places access controls directly into documents, so protection remains attached to the file rather than depending on a network boundary. The model is aimed at reducing exfiltration risk in zero-trust environments.

The release underlines BlackBerry's continued focus on secure communications software for governments and regulated industries, where control over data location and system administration has become a more prominent procurement issue. It also reflects a broader industry effort to adapt endpoint management tools to sovereignty requirements without removing support for mixed device fleets.

Some of the new management and multi-tenant console features will become generally available later this year, according to the company.