Manualshelf

User guide

ManualsBrandsBlackberry ManualsOtherENTERPRISE SOLUTION SECURITY - ENFORCING ENCRYPTION OF INTERNAL AND EXTERNAL FILE SYSTEMS ON DEVICES
61626364656667686970
Best practice Description
Require a user to verify whether the user
wants to send a message.
Consider configuring the BlackBerry device so that the user must verify whether
the user wants to send an email message, SMS text message, MMS message, or
PIN message.
To apply this best practice, you can use the Confirm on Send IT policy rule.
Turn off unsecured messaging on the
BlackBerry device.
Consider turning off unsecured messaging to make sure that all communication for
the BlackBerry device that starts in your organization travels through your
organization’s messaging environment.
To turn off SMS text messaging, you can use the Allow SMS IT policy rule.
To turn off MMS messaging, you can use the Disable MMS IT policy rule.
To turn off PIN messaging, you can use the Allow Peer-to-Peer Messages IT policy
rule. When you turn off PIN messaging, a user can receive PIN messages on the
BlackBerry device but cannot send PIN messages from the BlackBerry device.
How the BlackBerry Enterprise Solution protects connections between a
BlackBerry device and the Internet or intranet
A user can use the BlackBerry® Browser and BlackBerry Java® Applications on a BlackBerry device to access the Internet and
your organization’s intranet. The BlackBerry Browser and BlackBerry Java Applications can accept and respond to push requests
from push applications. The BlackBerry Browser and BlackBerry Java Applications use the BlackBerry MDS Connection Service
to access the Internet and your organization's intranet.
To access data on the Internet or your organization’s intranet, the BlackBerry MDS Connection Service uses HTTP, TCP/IP, and
the BlackBerry MDS security protocol. The BlackBerry MDS security protocol is a Research In Motion® proprietary protocol that
is designed to protect messages that the BlackBerry device sends using the BlackBerry MDS Connection Service. The BlackBerry
MDS Connection Service and BlackBerry device use BlackBerry transport layer encryption to help protect your organization’s
applications and the Internet data that a user receives on the BlackBerry device.
Authenticating data that a BlackBerry device sends to the BlackBerry MDS
Integration Service
When a BlackBerry® device sends data to the BlackBerry MDS Integration Service, the BlackBerry MDS security protocol uses
HMAC to authenticate part of each message header and message content, and to encrypt the MAC of each BlackBerry MDS
message header. If necessary, the BlackBerry MDS security protocol also encrypts the content of each message.
Security Technical Overview
How the BlackBerry Enterprise Solution protects connections between a BlackBerry device and the Internet or intranet
64