BlackBerry Connection Newsletter

*Offers subject to change without notice. Please check offer details for more information. Void where prohibited. Check with service provider for availability, roaming arrangements and service plans. Certain features outlined in this document require a minimum version of BlackBerry® Enterprise Server software, BlackBerry® Desktop Software, BlackBerry® Device Software and/or BlackBerry devices and may require additional development or third party products and/or services for access to corporate applications. Prior to subscribing to or implementing any third party products and services, it is your responsibility to ensure that the airtime service provider you are working with has agreed to support all of the features of the third party products and services. Installation and use of third party products and services with Research In Motion's ("RIM") products and services may require one or more patent, trademark or copyright licenses in order to avoid infringement of the intellectual property rights of others. You are solely responsible for determining whether such third party licenses are required and are responsible for acquiring any such licenses. To the extent that such intellectual property licenses may be required, RIM expressly recommends that you do not install or use these products and services until all such applicable licenses have been acquired by you or on your behalf. Your use of third party software shall be governed by and subject to you agreeing to the terms of separate software licenses, if any, for those products or services. Any third party products or services that are provided with RIM products and services are provided "as is." RIM makes no representation, warranty or guarantee whatsoever in relation to the third party products or services and RIM assumes no liability whatsoever in relation to the third party products and services, even if RIM has been advised of the possibility of such damages or can anticipate such damages.

The above information regarding third party products and services is provided in BlackBerry Connection for your information. Since third parties provide the information to Research In Motion Limited ("RIM") and RIM relies on the information without performing any independent investigations, RIM makes no warranty or guarantee concerning the features, reliability, or pricing of the third party products or services, or their compatibility with any RIM products.

©2010 Research In Motion Limited. All Rights Reserved. BlackBerry®, RIM®, Research In Motion®, SureType®, SurePress™ and related trademarks, names and logos are the property of Research In Motion Limited and are registered and/or used in the U.S. and countries around the world.

Checklist: Secure the mobile device and its data
	Label mobile devices with a serial number and a toll-free telephone number. Also add the device owner's name and phone number to the BlackBerry® smartphone's Owner feature. Hint: Find the Owner feature by going to Options/Owner.
	Require users to authenticate using security passwords.
	Define authentication features such as password expiry, maximum number of attempts, password length, and complexity. Hint: Click here for example password IT policies.
	Ensure that all devices have timeout mechanisms that automatically prompt for a password after a period of inactivity. Hint: Review how your users will be interacting with their devices to balance between security and usability.
	Protect mobile devices from malicious third-party applications. Hint: Read Protecting the BlackBerry Smartphones Platform Against Malware.
	Regularly back up all data on the device. Hint: Backup is automatic with the BlackBerry Enterprise Solution.
	Keep mobile device software and settings up to date (OS patches, server patches, and apply the latest IT policy settings). Hint: BlackBerry Enterprise Server v5 and BlackBerry Enterprise Server Express can make device updates over the air.
	Specify whether or not applications, including third-party applications, on the mobile device can initiate specific types of connections. Hint: Review your policies for connections to Bluetooth® devices, the USB port, the corporate network, and so on.
	Enforce security and policy controls through an IT-managed server.

Checklist: Secure communications to and from the mobile device
	Use encryption, strong cryptography, robust key management, and strong user authentication to protect data in transit. Hint: AES-256 is the industry cryptography standard and the default for the BlackBerry Enterprise solution.
	Limit Bluetooth functionality when not in use. Hint: See Security for BlackBerry Smartphones with Bluetooth Wireless Technology.
	Mobile devices should have built-in protections from malware. Hint: On the BlackBerry solution this is called application control.
	Do not allow wireless clients to engage in ad-hoc communications, i.e. connect to other, unknown wireless devices directly.
	Mobile devices should include interface blocking utilities; the ability, for example, to turn on or off SMS/MMS capabilities. Hint: See the BlackBerry Enterprise Server Policy Reference Guide.

Resource	Information
BlackBerry Enterprise Solution Security Technical Overview	Describes the security features of the BlackBerry Enterprise Solution Provides an overview of the BlackBerry security architecture
BlackBerry Enterprise Server Policy Reference Guide	Describes BlackBerry Enterprise Server IT policies
BlackBerry Enterprise Solution Security Acronym Glossary	Full terms substituted by acronyms in this and other security documents
BlackBerry Signing Authority Tool Administrator Guide	The BlackBerry Signing Authority Tool implementation of public key cryptography
BlackBerry® Smart Card Reader Security Technical Overview	Highly secure pairing between the BlackBerry smartphone and the BlackBerry Smart Card Reader Initial key establishment protocol Connection key establishment protocol
Security for BlackBerry Smartphones with Bluetooth Wireless Technology	Bluetooth wireless technology overview Using and protecting Bluetooth-enabled BlackBerry smartphones Risks of using Bluetooth wireless technology on mobile devices
Placing the BlackBerry Enterprise Solution in a segmented network	Components in a segmented network BlackBerry Enterprise Solution connection types and port numbers overview Changing port numbers
Protecting the BlackBerry Smartphones Platform Against Malware	Managing the risk of malware attacks Using BlackBerry Enterprise Solution tools to contain malware on the BlackBerry smartphones
Enforcing Encryption of Internal and External File Systems on BlackBerry Devices Technical Overview	System requirements and IT Policy requirements for file encryption on BlackBerry smartphones Protecting user data stored on a locked BlackBerry smartphones Protecting files stored in external memory on the BlackBerry smartphones

BlackBerry®

UK IT Edition April 2010

How to Test Whether Your Organisation Is Secure Enough

Use this checklist to lock down your organisation

Related Resources

Contents

Support Forums