Don't miss a thing! Add newsletter@blackberry.com to your email address book to be sure you continue to receive our emails.

BlackBerry Connection™ - Your connection to the world of BlackBerry

MAY 2006

"The most difficult decisions tend to be what not to do next as opposed to what you should do next."

Mike Lazaridis

IN THE ISSUE:
Mobile Security
Last Chance for WES 2006
Product News: BlackBerry Enterprise Server v4.1 for Novell GroupWise Now Available
New! BlackBerry Enterprise Server v4.1 Express
Personalize Your Device: Go RV-ing & Language Packs
Tips and Tricks
Webcasts: Security, Manufacturing & IT Admin
In the News: Q&A with Mike Lazardis, Yahoo! Services
Subscriptions
BLACKBERRY AND YOUR CUSTOMERS

Dear Subscriber,

Mobile security tops the list of many organizations' concerns this year. How do you protect your data and network from malware, denial-of-service attacks and other security risks when your workforce is mobile? Find out in this edition’s article from Global Security Group Director Scott Totzke how the BlackBerry® platform has been designed specifically to mitigate mobile security risks.

Many IT administrators aren't fully aware of the many tools available in BlackBerry Enterprise Server™ to control that risk. A growing number of additional solutions, including our own BlackBerry Smart Card Reader™, are now available to meet specific rigorous security needs.

Thinking of taking a road trip? Download RV-PileUp, a free game promoting the new movie starring Robin Williams. Or if you’re going abroad, this issue offers BlackBerry Connection™ readers a discount on language packs and a travel guide.

Is there a topic you would like to see covered in an upcoming issue?
Please send your suggestions to:newsletter@rim.com.

 

 
FEATURE: MOBILE SECURITY

In this Q&A, Global Security Group Director Scott Totzke explains how the BlackBerry solution was architected to minimize security threats to mobile data and devices. Plus, Scott highlights just a few of the functions IT can use to customize settings that impact security, such as applications downloaded by users. Further resources are provided at the end of the article.

What features and tools does the BlackBerry device platform offer to protect against malware, denial-of-service attacks and similar security risks?

Security has always been one of the central pillars of the BlackBerry Enterprise Solution™. From the very beginning we decided that security must be an integral part of the architecture. As a result, there are a number of unique features in BlackBerry Enterprise Server and the BlackBerry Wireless Handheld that limit the actions an application can perform, helping protect against malicious attacks and mitigating the effects of malware.

The BlackBerry Enterprise Solution has Application Control features that restrict the privileges a third-party application has, like restricting inter-process communications and network access. System administrators can set IT policies in BlackBerry Enterprise Server to block third-party applications from being loaded on to a device. The Java™ operating system on BlackBerry devices is also designed to prevent one application from causing problems (either accidentally or maliciously) in another application. Access to sensitive APIs is controlled by “code signing” to ensure that files haven't been corrupted or tampered with, and will only allow authentic and authorized applications to run. These capabilities significantly reduce the impact that malicious applications can have on a device.

What features and tools does the BlackBerry Enterprise Server offer to protect against malware, denial-of-service attacks and similar mobile security risks? For example, could an enterprise use its BlackBerry Enterprise Server to weed out malware so that it's never sent to the device?

As mentioned, BlackBerry Enterprise Server allows an IT manager to set policies on what applications can be installed on a device and what privileges an application has. This granular control helps administrators to ensure that an application can only access information and resources that are explicitly authorized. This greatly limits any potential negative impact that an application can have on the device. Giving IT control over what applications can run and what privileges these applications have not only has security benefits, but can also help to reduce support costs since the IT department only needs to worry about tested and authorized applications being installed on a BlackBerry device.

BlackBerry Enterprise Server also sits behind the corporate firewall, polling the email system for messages to send to the BlackBerry device. A malicious email attachment sent to the enterprise has to traverse the perimeter anti-spam, anti-virus and other email security defenses that an enterprise has in place. Since the BlackBerry Enterprise Server is an extension of an existing inbox, it only accesses messages that end up in the email server (Microsoft® Exchange,. IBM® Lotus® Domino® or Novell® GroupWise®), so it benefits from those email security defenses.

Another method of attack on a device is to pass malware through an open Bluetooth® connection. With BlackBerry Enterprise Solution the Administrator can limit what Bluetooth profiles are allowed. For example, allowing only headsets or taking it a step further by either limiting the coverage area of the Bluetooth radio in a device or completely disabling Bluetooth so applications cannot access it.

Compared to other enterprise-class mobile platforms (i.e., Symbian™, Palm, Windows Mobile™), what are the security strengths of the BlackBerry Enterprise Solution?

There are four key areas that we focus on for BlackBerry Enterprise Solution security. These are:

1. Data Confidentiality
First and foremost, the BlackBerry Enterprise Solution is designed to help ensure the confidentiality of your data. Protecting email or application data transmitted between your enterprise and your BlackBerry device is essential and should be considered an entrance requirement for any enterprise mobility solution. More and more it is becoming critical to also protect the data stored on the device, so in addition to the AES-256 encryption for data stored on the device as an out-of-the-box feature.

2. Administration and Management Tools
Providing robust configuration management tools to the IT organization is another key requirement. BlackBerry provides a range of tools including application control, password management and local database encryption. This must be seamless and something that the end user can not circumvent. It is important that our customers have the tools needed to address their corporate governance policies, especially if there are legislative requirements that they must adhere to.

3. Security Standards
Supporting and conforming to Internet standards is another area that we feel is important. We aren’t inventing new standards or asking customers to change the way they operate; we support open standards such as S/MIME, PGP, TLS, SSL and PKI (glossary). Some customers may have compliance issues requiring the use of smart cards, S/MIME or PGP to address the confidentiality of the information that they send via email over the Internet; we need to have these solutions available to the BlackBerry user so that there is not a trade off between mobility and security.

4. Security Validation
The last area is providing independent assurances to our customers, or really taking a hard look at the "Trust But Verify" approach and doing whatever we can to meet the needs of our customers when it comes to external validations of our product or particular components within the solution.

BlackBerry was the first mobile device to obtain a FIPS-140 validation for the embedded encryption technology and we remain an active participant in this program with ten validations that cover both our device and server encryption modules. While the FIPS program is great for the North American market it does not address the needs of some of our international customers, so we are also working with various security certification bodies around the world including the Fraunhofer Institute in Germany and CESG in the UK. In fact, last week the BlackBerry Enterprise Solution became the first and only mobile solution to have been tested and approved by the UK government.

RIM has also taken a proactive course of action on vulnerability issues. RIM has a Security Research Team that works with the engineering and software development teams as well as external groups to analyze areas of potential attack on BlackBerry. In cases where potential vulnerabilities have been identified, we've acted quickly to determine the scope of the issue, disseminate that information to customers with possible workarounds, and to develop fixes in a timely manner. We've also developed relations with external security advisory groups such a US-CERT and Secunia.

Is the BlackBerry platform open in the sense that it's relatively easy for a third party to develop add-on security tools?

The majority of developers creating applications for BlackBerry are really focused on extending business processes out to the device. We've had more than 60,000 downloads of the BlackBerry Java Development Environment (JDE), and there are hundreds of business applications already developed. So, it is relatively easy for a third party to develop for BlackBerry. In terms of security add-ons, we've seen many products in the areas of identity management, two-factor authentication and compliance management.

What other companies are developing add-on security features for the BlackBerry platform? (I'm particularly interested in solutions for malware rather than, say, two-factor authentication.)

Some of the companies that have developed add-on security products for the BlackBerry Enterprise Solution include Credant Technologies, Entrust, PGP, RSA Security, Trust Digital and Voltage Security. For malware, enterprises should be putting in place comprehensive perimeter security solutions that filter for spam and malware. Some of the players in that space include CipherTrust, IronPort Systems, SurfControl, Symantec Corporation and Tumbleweed Communications.

Find out more:

BlackBerry and RSA SecurID - Protecting your Corporate Data from Unauthorized Access – Webcast, May 10, 2006

Security White Paper - PDF

Wireless IT Policy and IT Administration - PDF

PGP Support Package

BlackBerry Security with the S/MIME Support Package - PDF

Wireless Enterprise Activation White Paper - PDF

BlackBerry Smart Card Reader

BlackBerry Enterprise Server Documentation, Technical Advisories and White Papers

For the latest information go to: blackberry.com/security

Glossary of Terms:
Courtesy of whatis.com

S/MIME - Secure Multi-Purpose Internet Mail Extensions, a secure method of sending email

PGP – Pretty Good Privacy is a secure method of sending email over the Internet

TLS – Transport Layer Security ensures privacy between users and applications on the Internet

SSL – Secure Socket Layer is a commonly-used protocol for sending messages on the Internet

PKI – Public Key Infrastructure is a method of securing the exchange of data over an unsecure network, such as the Internet.

Back to Top

 

WES 2006

 

WES 2006: LAST CHANCE

WES 2006. Leading Experts and The Latest Trends. Don’t Miss Out!

Seats are filling up fast for the Wireless Enterprise Symposium (WES) 2006. So if you haven’t registered yet --

Register now!

From May 16-18, Orlando, Florida will be home to one of the most exciting events of the year. Sponsored by technology leaders such as IBM, Intel, Symbian, TeleNav and many others. WES 2006 will be three days of technical content, in-depth discussions and informative industry analysis all on the agenda.

It’s your opportunity to listen to analytical case studies that describe how companies like adidas America and NCR Corporation are using wireless technology to maintain their competitive edge. There’s even a case study on untraceable correspondence featuring REGARD and beStealth. And you can attend popular sessions that include discussions on the BlackBerry Enterprise Server Roadmap, BlackBerry Security Roadmap and a Wireless Strategy Workshop.

WES 2006 kicks off with a keynote address by the incomparable Mike Lazaridis, President and Co-CEO at Research In Motion and at night with a rockin’ party featuring the über cool sounds of the Grammy Award winning Brian Seltzer Orchestra.

Register now for this important event. Online registration closes on May 12th at 5 p.m. Eastern.

Back to Top

A NEW WAY TO TRY BLACKBERRY ENTERPRISE SERVER

 

PRODUCT NEWS

BlackBerry Enterprise Server v4.1 for Novell GroupWise is Now Available

The new release makes it easier for organizations to manage larger BlackBerry deployments, further extends the platform for developers, and provides integration with Novell GroupWise Messenger for enterprise instant messaging. The BlackBerry Enterprise Server v4.1 features increased IT management and administrative policies, allowing organizations greater control over their wireless device and mobile application deployments.

Customers will continue to benefit from a true push architecture that provides access to email, voice, instant messenger, web browser, organizer and corporate data applications. BlackBerry Enterprise Server v4.1 supports Novell GroupWise versions 6.5.1 through 7.0.

Find out more

To purchase online (North America only) visit our web site or call 1-800-327-9085 or contact your local carrier.

NEW!
BlackBerry Enterprise Server v4.1 Express

Purchasing a new BlackBerry device? Now is the time to try out BlackBerry Enterprise Server v4.1 for your business. When you purchase a new BlackBerry device after May 2nd, 2006, RIM is offering for a limited time a free download of BlackBerry Enterprise Server v4.1 Express for Microsoft Exchange, IBM Lotus Domino or Novell GroupWise.

The BlackBerry Enterprise Server v4.1 Express comes with a single user license and can expand to a total of 15 users. If your business outgrows the license, you can easily upgrade to the full version of the BlackBerry Enterprise Server with unlimited licenses.

Click here for details.

Offers subject to change or expire without notice.

Back to Top

FREE RV-PILEUP GAME FOR BLACKBERRY DEVICE USERS

 

BLACKBERRY CONNECTION SAVINGS

Save 20% until May 31, 2006, on WorldMate and Travel Phrase Books with offer code 2259FC6.

 

PERSONALIZE YOUR DEVICE

Go RV-ing on your BlackBerry Device:

Download ‘RV’-PileUp

Columbia Pictures has launched ’RV’ Pile-Up, a free game for BlackBerry devices, to promote the new film, RV, starring Robin Williams.

Built by BlackBerry Alliance Member REGARD Solutions in conjunction with gaming partner Microforum, the object of 'RV' Pile-Up is to race across a series of platform-roads, divided into small tiles. As the player's RV zooms across the streets, it leaves a color trail behind. To move from one level to the next, you must turn every tile red in the time allotted, but can move up faster by capturing traffic signs.

The 'RV' Pile-Up game for BlackBerry is available for the following series of BlackBerry devices: BlackBerry 7200 Series, BlackBerry 7500 Series, BlackBerry 7700 Series, BlackBerry 7100 Series and BlackBerry 8700 Series. Currently available in English, it will also be offered in Spanish, French, Italian, German and Portuguese.

To download the game for free, from your BlackBerry browser go to www.RVPileUp.com.

WorldMate 2005 Professional Edition for BlackBerry

All your travel needs, served.

WorldMate takes the stress out of business travel by providing the must-have information you need while traveling – from world clocks and weather forecasts to comprehensive flight and travel information. There's also a currency converter, world day/night map, plus many additional utilities to make sure you're on time and on the job. 5-Star user rating!

Special for BlackBerry Connection subscribers: save 20% off the regular price of $49.95US, only until May 31st, 2006.

Use offer code 2259FC6 at checkout.

English Travel Phrase Books Collection

Whether you are a frequent world traveler or a first-time, neophyte European backpacker hiking between hostels, you will surely appreciate the help of our ground-breaking talking phrase books!

This collection contains four popular European talking phrase books at a significantly sweetened price! Includes Spanish, French, Italian and German.

Save 20% off the low price of $39.90US. Offer expires May 31, 2006.

Use offer code 2259FC6 at checkout.

See also: Arabic, French, German, Greek and Spanish phrase books.

Valid only at the BlackBerry Software Store powered by Handango™.

 

All the applications featured above are produced by BlackBerry Alliance Members. For more applications and service offerings brought to you by BlackBerry Alliance Members, check the BlackBerry Partner Directory.

Back to Top

TIPS AND TRICKS

For Using Your BlackBerry Device:

Dialing Letters
When dialing use the ALT + Letter keys to dial Letters (for BlackBerry 7100 Series users can press ALT + Letter keys with Multi-tap). The BlackBerry device will automatically send the appropriate telephone touch (DTMF) tones: 2 = ABC, 3 = DEF, 4 = GHI, 5 = JKL, 6 = MNO, 7 = PQRS, etc....

This same mechanism also applies when you are connected to a phone call. For example some corporate PBX’s ask you to enter a Last Name.

Delete Prior Messages
"Delete Prior" allows you to manage your handheld Inbox and memory without deleting items from your Microsoft Outlook, Lotus Notes, or Novell GroupWise environment:

  • "Delete Prior" is available from the Message List menu when you highlight a Date Separator bar.
  • If you perform Message List Search then select "Delete Prior," only the Search Results are deleted (refer to the example Phone Logs below).

BlackBerry offers bi-directional reconciliation of Deleted, Filed and Read/Unread message status. You can also remotely empty your Deleted Items folder to help manage your mailbox quota from Messages-Options-Email Reconciliation-Purge Deleted Items.

For IT Administrators:

Back to Top

BLACKBERRY TECHNICAL SUPPORT SERVICES

 

WEBCASTS

Whether you’re just beginning an evaluation program, you’re ready to mobilize applications beyond email, or you’re looking for information on BlackBerry education and training, the BlackBerry Resource Center provides centralized, self-serve access to the latest live and on-demand BlackBerry webcasts.

Security:
BlackBerry and RSA SecurID – Protecting your Corporate Data from Unauthorized Access – May 10, 2006

Manufacturing:
Mobility in Manufacturing

IT Administrators and Managers:
What's New in BlackBerry Enterprise Server v4.1 for Novell GroupWise

Administrating Your BlackBerry MDS Studio™ Applications

Think Big! Administering Large Scale BlackBerry Deployments


Top 10 Webcasts – the most requested presentations

What’s New – the latest additions to the webcast schedule

Back to Top

 

IN THE NEWS
SUBSCRIPTIONS

If this email newsletter has been forwarded to you and you would like to subscribe to BlackBerry Connection, please sign up at https://www.blackberry.com/enewsletter/index.jsp.

To make changes to your subscription and email preferences including unsubscribe, click here.

Subscribe to the BlackBerry Developer Newsletter

European edition: If you would like to receive the European version of BlackBerry Connection, please fill out the online form and select "European version".

Join the BlackBerry market research program and contribute your valued insight and feedback for continual BlackBerry product development initiatives, by sending an email to marketresearch@rim.net.

Your privacy is important to us.

Back to Top

* Check with service provider for availability, roaming arrangements and service plans. Certain features outlined in this document require a minimum version of BlackBerry Enterprise Server Software, BlackBerry Desktop Software, BlackBerry device software and/or BlackBerry devices and may require additional development or third party products and/or services for access to corporate applications. Prior to subscribing to or implementing any third party products and services, it is your responsibility to ensure that the airtime service provider you are working with has agreed to support all of the features of the third party products and services. Installation and use of third party products and services with Research In Motion's ("RIM") products and services may require one or more patent, trademark or copyright licenses in order to avoid infringement of the intellectual property rights of others. You are solely responsible for determining whether such third party licenses are required and are responsible for acquiring any such licenses. To the extent that such intellectual property licenses may be required, RIM expressly recommends that you do not install or use these products and services until all such applicable licenses have been acquired by you or on your behalf. Your use of third party software shall be governed by and subject to you agreeing to the terms of separate software licenses, if any, for those products or services. Any third party products or services that are provided with RIM products and services are provided "as is." RIM makes no representation, warranty or guarantee whatsoever in relation to the third party products or services and RIM assumes no liability whatsoever in relation to the third party products and services, even if RIM has been advised of the possibility of such damages or can anticipate such damages.
The above information regarding third party products and services is provided in BlackBerry Connection for your information. Since third parties provide the information to Research In Motion Limited ("RIM") and RIM relies on the information without performing any independent investigations, RIM makes no warranty or guarantee concerning the features, reliability, or pricing of the third party products or services, or their compatibility with any RIM products.

©2006 Research In Motion Limited. All rights reserved. The BlackBerry and RIM families of related marks, images and symbols are the exclusive properties and trademarks of Research In Motion Limited. RIM, Research In Motion, "Always On, Always Connected" and BlackBerry are registered with the U.S. Patent and Trademark Office and may be pending or registered in other countries. All other brands, product names, company names, trademarks and service marks are the properties of their respective owners. The specifications and features contained in this document are subject to change without notice.

Research in Motion, 295 Phillip Street, Waterloo, Ontario, Canada N2L 3W8.