Manualshelf

User guide

ManualsBrandsBlackberry ManualsOtherENTERPRISE SOLUTION SECURITY - ENFORCING ENCRYPTION OF INTERNAL AND EXTERNAL FILE SYSTEMS ON DEVICES
81828384858687888990
requires the user to type the BlackBerry device password before the BlackBerry Device Software update process can back
up or restore user data
requires the BlackBerry device to encrypt stored user data during the BlackBerry Device Software update process
Battery power requirements for BlackBerry Device Software updates over the wireless
network
The battery power level on a BlackBerry® device must be 50% or greater for the BlackBerry device to retrieve an update package
over the wireless network. If the battery power level is below the minimum requirement, the update process suspends. The
BlackBerry device prompts the user to recharge the battery and start the update process again. If the battery power level returns
to 50%, the BlackBerry device resumes retrieving the update package from the BlackBerry® Infrastructure.
The battery power requirement is designed to protect the BlackBerry device against attacks from a potentially malicious user
who might try to take advantage of low battery power during a BlackBerry Device Software update.
Process flow: Preparing to send a BlackBerry Device Software update over the wireless
network
Before the BlackBerry® Infrastructure sends a BlackBerry® Device Software update to a BlackBerry device, the BlackBerry
Infrastructure performs the following actions:
1. generates an ECDSA key periodically using ECC over a 521-bit curve
2. signs the ECDSA key using a stored root certificate
3. signs the BlackBerry Device Software update that it sends to the BlackBerry device using the digitally signed ECDSA key
How a BlackBerry device validates a BlackBerry Device Software update over the wireless
network
When a BlackBerry® device receives a BlackBerry® Device Software update from the BlackBerry® Infrastructure, it verifies that
the ECDSA key uses a public key that is shared by all BlackBerry devices that support BlackBerry Device Software updates over
the wireless network. The BlackBerry device verifies the digital signature on the ECDSA key using a stored root certificate.
Updating the BlackBerry Device Software from an update web site
You can configure the IT policy rules that are included in the Wired Software Updates policy group to permit a user to update
the BlackBerry® Device Software from an update web site using the BlackBerry® Desktop Manager or BlackBerry Application
Web Loader. The user can use the update process to update the BlackBerry Device Software from a computer that is outside your
organization’s network (for example, from home).
Security Technical Overview
Updating the BlackBerry Device Software from an update web site
80