Re: Securing Blackberries
- From: Shawn Badger <sbadger@xxxxxxxxxxx>
- Date: Tue, 24 Jan 2006 11:50:41 -0700
Novell Zen has a PDA portion for managing PDA's, including software
installs and many other options.
On Mon, 2006-01-23 at 14:20 -0600, Jon Gucinski wrote:
> I'm currently working on a similar project myself, with more of a focus
> on PocketPC/WindowsMobile. I actually posted a similar inquiry last
> week, with no response as of yet.
>
> As far as the devices themselves, there's a number of ways you can
> secure them, albeit non-natively. Things to consider are password
> policy, device encryption, BT/WiFi/IrDA/SDCard restrictions, "poison
> pills" or remote wipe capabilities, remote PW resets and the like. From
> my research, Credant Technologies (www.credant.com) and TrustDigital
> (www.trustdigital.com) each make PDA security products that will encrypt
> and secure a BlackBerry.
>
> HTH,
>
> -Jon
>
> >>> Murad Talukdar <talukdar_m@xxxxxxxxxx> 1/23/2006 1:27 am >>>
> We are going to be rolling out Blackberries(ys?) to our mobile staff
> and I
> wanted to know if anyone knows of any white papers or advisories on
> securing
> them.
>
> We are already looking at the usual mobile device security practices we
> have
> in place but I would like something more specific for the device.
>
> We will be using the BIS service(ie no Exchange server run in-house,
> all
> mail goes via the provider's BB server.) Some would say this is
> inherently
> insecure but this is a financial reality that we have to live with.
>
> There is encryption between the device and the provider and vice versa
> but
> I'm not sure what type of encryption it will use--maybe AES or 3DES. I
> still
> have no definite answer.
>
> However, is there any native way of encrypting data on the device
> itself?
>
> Blackberry's site is thin for anything like this-it has plenty for the
> BES
> solution--I'm just unsure as to how different BIS will be in this
> respect.
>
> The provider's tech team has been a little sketchy too, they have only
> just
> begun to roll these out to customers so I'm guessing that they know as
> much
> as I do--which is not a huge amount.(I actually had to tell them that
> we
> would be able to use the BIS system when none of them knew if our pop3
> server would be able to work with it.)
> Googling this seems to give me a lot of vague docs but nothing in the
> way of
> specifics.
>
> Kind Regards
> Murad Talukdar
>
>
>
>
>
>
> ---------------------------------------------------------------------------
> EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
> The Norwich University program offers unparalleled Infosec management
> education and the case study affords you unmatched consulting
> experience.
> Tailor your education to your own professional goals with degree
> customizations including Emergency Management, Business Continuity
> Planning,
> Computer Emergency Response Teams, and Digital Investigations.
>
> http://www.msia.norwich.edu/secfocus
> ---------------------------------------------------------------------------
>
>
> NOTICE: This electronic mail message and any files transmitted with
> it are intended exclusively for the individual or entity to which it
> is addressed. The message, together with any attachment, may contain
> confidential and/or privileged information. Any unauthorized review,
> use, printing, saving, copying, disclosure or distribution is
> strictly prohibited. If you have received this message in error,
> please immediately advise the sender by reply email and delete all
> copies.
>
>
> ---------------------------------------------------------------------------
> EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
> The Norwich University program offers unparalleled Infosec management
> education and the case study affords you unmatched consulting experience.
> Tailor your education to your own professional goals with degree
> customizations including Emergency Management, Business Continuity Planning,
> Computer Emergency Response Teams, and Digital Investigations.
>
> http://www.msia.norwich.edu/secfocus
> ---------------------------------------------------------------------------
>
>
---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,
Computer Emergency Response Teams, and Digital Investigations.
http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
- References:
- Securing Blackberries
- From: Murad Talukdar
- Re: Securing Blackberries
- From: Jon Gucinski
- Securing Blackberries
- Prev by Date: Re: SSH server under attack...
- Next by Date: RE: University Degree or CISSP
- Previous by thread: Re: Securing Blackberries
- Next by thread: Re: Securing Blackberries
- Index(es):
Relevant Pages
|
|
