Manualshelf

User guide

ManualsBrandsBlackberry ManualsOtherENTERPRISE SOLUTION SECURITY - ENFORCING ENCRYPTION OF INTERNAL AND EXTERNAL FILE SYSTEMS ON DEVICES
919293949596979899100
Configuring two-factor authentication and protecting
Bluetooth connections
15
BlackBerry Smart Card Reader
The BlackBerry® Smart Card Reader is an accessory that, when used in proximity to a Bluetooth® enabled BlackBerry device or
a Bluetooth enabled computer, permits a user to authenticate with a smart card and log in to the BlackBerry device or computer.
The BlackBerry Smart Card Reader is designed to perform the following actions:
communicate with BlackBerry devices and computers using Bluetooth technology version 1.1 or later and, by default, use
AES-256 encryption on the application layer
permit a user to use two-factor authentication to access BlackBerry services and PKI applications
permit a user to digitally sign and encrypt email messages and receive encrypted messages on the BlackBerry device when
the user installs the S/MIME Support Package for BlackBerry® smartphones
store all encryption keys in RAM only and never write the keys to flash memory
The BlackBerry Smart Card Reader permits a user to use what the user has (smart card) and what the user knows (smart card
password) to prove the user’s identity to the BlackBerry device or a computer.
For more information, see the BlackBerry Smart Card Reader Security Technical Overview.
Advanced Security SD cards
Similar to the BlackBerry® Smart Card Reader, an Advanced Security SD card permits a user to use what the user has (smart
card) and what the user knows (smart card password) to prove the user’s identity to the BlackBerry device. The BlackBerry®
Enterprise Solution supports Advanced Security SD cards that use the security system for the MCEX smart card.
You can configure a BlackBerry device to require that a user uses an Advanced Security SD card to perform the following actions:
unlock the BlackBerry device and access BlackBerry services and PKI applications using two-factor authentication
digitally sign and encrypt email messages and PIN messages using S/MIME encryption when the user installs the S/MIME
Support Package for BlackBerry® smartphones on the BlackBerry device
decrypt S/MIME-encrypted email messages and PIN messages
import certificates that are stored on the Advanced Security SD card into the NV store of the BlackBerry device flash memory
open SSL connections
To configure the BlackBerry device to support an Advanced Security SD card, a user must insert the Advanced Security SD card
into the BlackBerry device and install the smart card driver of the Advanced Security SD card on the BlackBerry device using the
BlackBerry® Desktop Manager. After the user installs the smart card driver on the BlackBerry device, the user can configure the
driver settings in the security options, on the Smart Card screen.
Security Technical Overview
Configuring two-factor authentication and protecting Bluetooth connections
96