Mobile WorkHorse
About this Blog: Al Sacco writes about (and drools over) anything and everything mobile or wireless as it applies to the global workforce--with a focus on BlackBerry smartphones
BlackBerry Enterprise Server (BES) Security Checklist Helps ID Risks
How secure is your organization's BES and associated BlackBerry devices? Use this checklist to help identify security holes.
Research In Motion's (RIM) BlackBerry Enterprise Server (BES) software is known through the IT industry for its proven security safeguards. But any BES is really only as secure as the responsible administrator(s) makes it, right?
In the most recent edition of the BlackBerry Connection newsletter, RIM distributed an interesting set of check-lists meant to help BES admins accurately gauge their organizations' BlackBerry security. The exercises are a bit basic—especially if you're managing a BES with lots of custom settings. But it's a great starting point for admins looking to ensure their BES infrastructure is as secure as possible.
RIM included two checklists in the newsletter—one on securing BlackBerry handhelds and data contained within and another on secure communications to and from BlackBerrys. But I'm only listing the first here. Pop-on over to RIM's website for the second checklist.
From RIM:
"Are you sure your organization's data is protected? With all the security features built into the BlackBerry Enterprise Server and the new BlackBerry Enterprise Server Express you would think the answer to be, 'plenty sure.' But just as an unlocked house keeps only honest men out, all the security features in the world cannot help you if you do not turn the locks."
Checklist: Secure the Mobile Device and Its Data
- Label mobile devices with a serial number and a toll-free telephone number. Also add the device owner's name and phone number to the BlackBerry smartphone's Owner feature. Hint: Find the Owner feature by going to Options/Owner.
- Require users to authenticate using security passwords.
- Define authentication features such as password expiry, maximum number of attempts, password length, and complexity. Hint: Click here for example password IT policies.
- Ensure that all devices have timeout mechanisms that automatically prompt for a password after a period of inactivity. Hint: Review how your users will be interacting with their devices to balance between security and usability.
- Protect mobile devices from malicious third-party applications. Hint: Read "Protecting the BlackBerry Smartphones Platform Against Malware."
- Regularly back up all data on the device. Hint: Backup is automatic with the BlackBerry Enterprise Solution.
- Keep mobile device software and settings up to date (OS patches, server patches, and apply the latest IT policy settings). Hint: BlackBerry Enterprise Server v5 and BlackBerry Enterprise Server Express can make device updates over the air.
- Specify whether or not applications, including third-party applications, on the mobile device can initiate specific types of connections. Hint: Review your policies for connections to Bluetooth® devices, the USB port, the corporate network, and so on.
- Enforce security and policy controls through an IT-managed server.
For more on BlackBerry user security, read my recent post, "BlackBerry Security Basics: Five Tips to Keep Your Smartphone Safe."
And if you're not already subscribed to RIM's BlackBerry Connections newsletter, you can sign up on the company's website.
AS
Previous Post: BlackBerry User Attending RIM's WES 2010? Don't Miss This PartyNext Post: BlackBerry Mobile Voice System (MVS): Benefits of Using T-Mobile UMA for...
Most Discussed Posts
Today's Business Intelligence (BI) tools provide a new way to think about data with self-service capabilities and user-friendly analytics that can be used by nearly everyone.
Learn the key selection criteria required to provide your organization with the capability to address structured data, unstructured data and mobile demands so that employees can view and manipulate data on their own, from virtually any location.
Big data is less about the terabytes and more about the query tools and business intelligence needed to make sense of massive amounts of data.
Many organizations are currently seeking to adopt DevOps because of the promise it holds for enabling them to respond rapidly to marke changes, with higher quality and reduced cost.
The challenges of consumer-facing identity management, access management, and authentication differ in ways subtle and dramatic from those of the employee-facing variety.
The "DevOps" term is used to describe the process of managing the handoffs necessary for Development and Operations teams to work in a collaborative manner.
Join us on Tuesday, June 18, 2013, 11:00 AM EDT and learn how your agency can create an analytics culture that will enable you to improve budgeting and financial reporting. Learn More.
Technology is now intertwined with nearly every aspect of business. Information technology is not only pervasive; it is fast becoming a primary driver of market differentiation, business growth, and profitability.
Leading analyst, Storage Switzerland learns how Sepaton backs up and deduplicates massive data volumes while maintaining the industry's fastest performance - all in one system. Learn more!
Security. Scalability. Control. These are just some of the many benefits of enterprise cloud file-sharing that you'll discover in this KnowledgeVault, packed with short videos, white papers and demos.
For organizations looking to start a content analytics program or improve their existing capabilities, Aberdeen Group and IBM will lay out several recommendations on how to become a best-in-class customer service organization.
Register now to listen to this video whitepaper and to learn more about the components of content analytics applications, emerging best practices, and the issues to consider before deploying content analytics technologies.
Sponsored Links
