Security Options for the BlackBerry Smartphone

Paul Mah
Slide Show

Top Five Smartphone Security Tips

Five smartphone security tips that most people routinely overlook.

I've recently written about five preemptive steps to take before your mobile devices are stolen. Today, I want to focus on the BlackBerry smartphone platform and some of its security capabilities. Make no mistake about it, the BlackBerry OS was designed with security integrated into every aspect of the operating system; we are really only scratching the surface here on some of its user configurable security options.

 

You can check out the BES Security Technical Overview here (pdf) for an in-depth understanding of how security is handled. Finally, while most of the below features have been around for years, for avoidance of doubt, assume that they reference features available to the new BlackBerry OS 7 devices.

 

Password Protection

 


All BlackBerry smartphones support the use of a password to protect from misplaced or stolen devices. Configuring a password forces users to choose an inactivity timeout to automatically lock the device, and set at one minute up to an hour. To resist brute-force attempts, the device will also perform a data wipe should the wrong password be keyed in multiple times - configurable to between three to 10 wrong password attempts.

 

Onboard Encryption

 

RIM was ahead of its time by its implementation of encryption for device memory, which encrypts its onboard storage memory to defend against attempts to extricate potentially sensitive files. This encryption extends to the removable media card, preventing it from being accessed from a computer. Both device memory and media card encryption can be configured to skip media files so as not to bog down the processor, and is configured under "Encryption" of the Security menu.

 

Memory Cleaning

 

To make things even harder for hackers who may have gained physical access to a BlackBerry smartphone and may have advanced tools to dismantle it for unencrypted data that is stored in system RAM, you can enable "Memory Cleaning" under Advanced Security Settings. This will cause the BlackBerry to periodically wipe temporary user data such as the clipboard, encrypted messages and cached data from memory, rendering it impervious to recovery.

 

Security Wipe

 

One way to initiate a data wipe is from the "Security Wipe" submenu. Users have the option to delete application and user data from the BlackBerry, including user installed applications or the data stored on the media card. The amount of time varies depending on the options chosen, but can take anything from 10 minutes to upwards of an hour due to the intensive data scrubbing process.

 

IT Policy

 

The ability to set and enforce an IT policy on a BlackBerry smartphone is doubtlessly its most valued capability by IT departments around the world. Because this feature was designed by RIM to serve enterprise companies, only devices connected to a BlackBerry Enterprise Server (BES) have been benefiting from this. Fortunately, BES-like capabilities can now be partially used by SMB via the Business Cloud Service.

 

A common mistaken here is the assumption that the IT policy can be deleted by performing a security wipe. This is not true however; an installed IT policy is retained even after a full data wipe, which is an excellent way to protect corporate data assets against theft. The only way to remove an IT policy would be by pushing a new policy from the server, or by performing a "factory reset," which requires a PC and specific know-how.



Add Comment      Leave a comment on this blog post

Post a comment

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

null
null

 

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.