Manualshelf

User guide

ManualsBrandsBlackberry ManualsOtherENTERPRISE SOLUTION SECURITY - ENFORCING ENCRYPTION OF INTERNAL AND EXTERNAL FILE SYSTEMS ON DEVICES
41424344454647484950
Deleting all device data from the BlackBerry device memory
A BlackBerry® device is designed to permanently delete the following data from the NV store, flash memory, and on-board device
memory:
all user data
any references to your organization’s PIN encryption key
any references to the device transport key
if applicable, authentication information (for example, the binding information of the smart card)
IT policy public key
if you are resetting the BlackBerry device to the factory default settings, any references to past hashes of the BlackBerry
device password
record of time elapsed since the BlackBerry device was last turned on
if you are resetting the BlackBerry device to the factory default settings, stored IT policy
If specified, all third-party applications and application data
If you or a user turns on content protection, the BlackBerry device uses a memory-scrubbing process to overwrite the flash memory
on the BlackBerry device and the on-board BlackBerry device memory. The memory-scrubbing process complies with United
States government requirements for deleting sensitive user data, including US Department of Defense Directive 5220.22-M and
NIST Special Publication 800-88.
For BlackBerry® Device Software versions 5.0 and later, if you configure the Media Card Format on Device Wipe IT policy rule
the BlackBerry device can also delete all user data from a media card. By default, the user can choose to delete third-party
applications and the user data on the media card when the user permanently deletes all deivce data.
For more information, visit www.blackberry.com/go/serverdocs to read Erasing File Systems on BlackBerry Devices Technical
Overview.
When a BlackBerry device deletes device data
The BlackBerry® device is designed to delete device data from the BlackBerry device memory when any of the following events
occurs:
The user clicks Wipe Device, Wipe Handheld, or Security Wipe in the security options on the BlackBerry device.
The user types the BlackBerry device password incorrectly more times than the Set Maximum Password Attempts IT policy
rule or the associated BlackBerry device option permits. The default value is ten attempts.
The user runs the application loader tool and types the BlackBerry device password incorrectly more times than the Set
Maximum Password Attempts IT policy rule permits.
The user uses the application loader tool to delete all user data and application data on the BlackBerry device. The user can
choose to not delete the BlackBerry device applications.
You send the Delete all device data and disable device IT administration command to the BlackBerry device with or without
a delay (in hours), to the BlackBerry device. The maximum delay is 168 hours (7 days).
Security Technical Overview
Deleting all device data from the BlackBerry device memory
41