BlackBerry Connection > IT Edition > How to Test Whether Your Organization Is Secure Enough

How to Test Whether Your Organization Is Secure Enough

How to Test Whether Your Organization Is Secure Enough

Use this checklist to lock down your organization

Are you sure your organization's data is protected? With all the security features built into the BlackBerry® Enterprise Server and the new BlackBerry® Enterprise Server Express you would think the answer to be, “plenty sure.” But just as an unlocked house keeps only honest men out, all the security features in the world cannot help you if you do not turn the locks.

How then can you be sure you are secure enough? Match your BlackBerry Enterprise Server security settings against this checklist. Chances are you will find at least one item to address, so it will pay off quickly.

Checklist: Secure the mobile device and its data
Label mobile devices with a serial number and a toll-free telephone number. Also add the device owner's name and phone number to the BlackBerry® smartphone's Owner feature. Hint: Find the Owner feature by going to Options/Owner.
Require users to authenticate using security passwords.
Define authentication features such as password expiry, maximum number of attempts, password length, and complexity. Hint: Click here for example password IT policies.
Ensure that all devices have timeout mechanisms that automatically prompt for a password after a period of inactivity. Hint: Review how your users will be interacting with their devices to balance between security and usability.
Protect mobile devices from malicious third-party applications. Hint: Read Protecting the BlackBerry Smartphones Platform Against Malware.
Regularly back up all data on the device. Hint: Backup is automatic with the BlackBerry Enterprise Solution.
Keep mobile device software and settings up to date (OS patches, server patches, and apply the latest IT policy settings). Hint: BlackBerry Enterprise Server v5 and BlackBerry Enterprise Server Express can make device updates over the air.
Specify whether or not applications, including third-party applications, on the mobile device can initiate specific types of connections. Hint: Review your policies for connections to Bluetooth® devices, the USB port, the corporate network, and so on.
Enforce security and policy controls through an IT-managed server.
Checklist: Secure communications to and from the mobile device
Use encryption, strong cryptography, robust key management, and strong user authentication to protect data in transit. Hint: AES-256 is the industry cryptography standard and the default for the BlackBerry Enterprise solution.
Limit Bluetooth functionality when not in use. Hint: See Security for BlackBerry Smartphones with Bluetooth Wireless Technology.
Mobile devices should have built-in protections from malware. Hint: On the BlackBerry solution this is called application control.
Do not allow wireless clients to engage in ad-hoc communications, i.e. connect to other, unknown wireless devices directly.
Mobile devices should include interface blocking utilities; the ability, for example, to turn on or off SMS/MMS capabilities. Hint: See the BlackBerry Enterprise Server Policy Reference Guide.

Related Resources

To learn about how the BlackBerry Enterprise Solution is designed to help organizations develop, plan, and implement their mobile security initiatives, visit www.blackberry.com/security.

Resource Information
BlackBerry Enterprise Solution
Security Technical Overview
  • Describes the security features of the BlackBerry Enterprise Solution
  • Provides an overview of the BlackBerry security architecture
BlackBerry Enterprise Server
Policy Reference Guide
  • Describes BlackBerry Enterprise Server IT policies
BlackBerry Enterprise Solution
Security Acronym Glossary
  • Full terms substituted by acronyms in this and other security documents
BlackBerry Signing Authority
Tool Administrator Guide
  • The BlackBerry Signing Authority Tool implementation of public key cryptography
BlackBerry® Smart Card Reader
Security Technical Overview
  • Highly secure pairing between the BlackBerry smartphone and the BlackBerry Smart Card Reader
  • Initial key establishment protocol
  • Connection key establishment protocol
Security for BlackBerry
Smartphones with Bluetooth
Wireless Technology
  • Bluetooth wireless technology overview
  • Using and protecting Bluetooth-enabled BlackBerry smartphones
  • Risks of using Bluetooth wireless technology on mobile devices
Placing the BlackBerry
Enterprise Solution in a
segmented network
  • Components in a segmented network
  • BlackBerry Enterprise Solution connection types and port numbers overview
  • Changing port numbers
Protecting the BlackBerry
Smartphones Platform Against
Malware
  • Managing the risk of malware attacks
  • Using BlackBerry Enterprise Solution tools to contain malware on the BlackBerry smartphones
Enforcing Encryption of Internal
and External File Systems on
BlackBerry Devices Technical
Overview
  • System requirements and IT Policy requirements for file encryption on BlackBerry smartphones
  • Protecting user data stored on a locked BlackBerry smartphones
  • Protecting files stored in external memory on the BlackBerry smartphones
BlackBerry Enterprise Server Express

Support Forums

The BlackBerry® Support Community Forums are a great place for your BlackBerry device users to get help—and a place for you to connect with other IT administrators. Do you have questions about BlackBerry Enterprise Solutions? Are you looking for support on devices or accessories? Visit the BlackBerry Support Community Forums.