Manualshelf

User guide

ManualsBrandsBlackberry ManualsOtherENTERPRISE SOLUTION SECURITY - ENFORCING ENCRYPTION OF INTERNAL AND EXTERNAL FILE SYSTEMS ON DEVICES
919293949596979899100
Process flow: Receiving an IBM Lotus Notes encrypted message
1. A user uses the IBM® Lotus Notes® application on the user’s computer to encrypt a message using the password for the
Lotus Notes .id file.
2. The BlackBerry® Enterprise Server performs the following actions:
a. retrieves the Lotus Notes encrypted message from the messaging server
b. encrypts the Lotus Notes encrypted message using BlackBerry transport layer encryption
c. sends the encrypted message to the BlackBerry device
3. The BlackBerry device decrypts the message using BlackBerry transport layer encryption and stores the message without
decrypting the Lotus Notes encryption.
4. The user tries to open the Lotus Notes encrypted message on the BlackBerry device.
5. The BlackBerry Messaging Agent on the BlackBerry Enterprise Server decrypts the cached password for the Lotus Notes .id
file and uses the password to decrypt the message. If the BlackBerry Messaging Agent does not have the password, from
the menu in the messages application, the user must select More, More All, or Open Attachment to send the decrypted
message to the BlackBerry device.
6. The BlackBerry Enterprise Server deletes the decrypted password from the BlackBerry Messaging Agent memory cache and
sends the decrypted message to the BlackBerry device.
Extending messaging security to attachments
The BlackBerry® Enterprise Server supports attachments in PGP® encrypted messages and S/MIME-encrypted messages. It also
permits a user to view encrypted attachments on a BlackBerry device. You can use the S/MIME Allowed Encrypted Attachment
Mode IT policy rule and the PGP Allowed Encrypted Attachment Mode IT policy rule to specify the least restrictive mode that a
BlackBerry device can use to retrieve attachment information that is PGP encrypted or S/MIME encrypted. The BlackBerry device
supports OpenPGP format and PGP/MIME format for PGP encryption.
When a user receives an OpenPGP encrypted message that includes an attachment, the BlackBerry Enterprise Server checks the
data in the attachment header. The BlackBerry Enterprise Server is designed to send the email message and the encrypted
message key to the BlackBerry device automatically.
Security Technical Overview
Extending messaging security to attachments
94