Please try to elaborate on what you believe that means.
Security features for*PRIV*by*BlackBerry
PRIV*by*BlackBerry*is a professional and secure device that brings the security features of*BlackBerry*to the*Android OS. The following table summarizes many of the security features available with*PRIV*managed by*BES12.
Feature
Description
Layered defense
Security is built into every layer of the device, including the hardware, firmware, OS, and secure communications and collaboration apps, resulting in a layered defense approach that brings*Android*to a new level of security. Every area of the device works together to protect the privacy, integrity, and confidentiality of your apps and data.
Hardware Root of Trust
A hardware-based root of trust is established during processor manufacturing by injecting cryptographic material that's later used for device authentication and secure boot.
BlackBerry Secure Compound
BlackBerry Secure Compound*provides a trusted execution environment to store sensitive data and run security-focused apps, such as*BlackBerry Integrity Detection.
Secure boot
The secure boot process ensures that only a*BlackBerry*signed OS can be loaded on*PRIV*and that it hasn’t been tampered with. Each stage of the secure boot process verifies that the next component hasn’t been tampered with before loading it.
Downgrade prevention prevents a user from loading an old OS version on*PRIVafter the device is upgraded. This protects against situations such as a user loading an OS version that doesn’t have the latest security fixes or a malicious user exploiting a vulnerability that exists in an older OS version.
BlackBerry Integrity Detection
BlackBerry Integrity Detection*continually monitors for events or configuration changes that could indicate that the security of the device is compromised.
BES12*integrates with*BlackBerry Integrity Detection*to take action, such as generating an alert, quarantining the device from accessing work resources, or wiping the device, if a potential compromise is detected.
Kernel hardening
PRIV*runs a*Linux*kernel that has been hardened with patches and configuration changes to decrease the likelihood of a compromise due to a security vulnerability. Also, processes with specific elevated privileges will only run from an integrity-checked file system from a*BlackBerry-signed image.
Encrypted user data
By default, all user data (personal and work) is encrypted using a FIPS 140-2 compliant cryptographic engine. Encryption keys are protected by*BlackBerry Secure Compound.
BES12activation types
PRIV*supports "Android for Work," "Secure Work Space," and "MDM controls" activation types.