Manualshelf

User guide

ManualsBrandsBlackberry ManualsComputer equipmentENTERPRISE SOLUTION SECURITY - SECURITY FOR DEVICES WITH BLUETOOTH WIRELESS TECHNOLOGY - TECHNICAL
12345678910
BlackBerry Smart Card Reader Security 10
Managing third-party application Bluetooth connections to the BlackBerry Smart Card
Reader
Application control is designed to limit the use of Bluetooth wireless technology (and the Bluetooth profiles) to
specific, permitted third-party applications. Using the BlackBerry Enterprise Server Version 4.0 or later, you can
set BlackBerry Enterprise Server IT policy rules and application policy rules to control how third-party
applications use the BlackBerry Smart Card Reader to connect to Bluetooth enabled BlackBerry devices.
Use application control policy rules to
permit or prevent third-party applications from being downloaded onto BlackBerry devices
define which features (for example, the email application, the phone application, and the BlackBerry device
key store) third-party applications can access on the BlackBerry device
define the types of connections that a third-party application can establish (for example, opening network
connections inside the firewall) on the BlackBerry device
send third-party applications to BlackBerry devices over the wireless network
prevent third-party applications that have obtained a digital signature from the RIM signing authority
system from using the BlackBerry device-controlled APIs to do anything other than access persistent
storage of user data and communicate with other applications
You can set application control policy rules so that all Bluetooth profiles are unavailable for applications by
default and then turn on the Bluetooth Serial Port Profile for the BlackBerry Smart Card Reader driver only. In
this configuration, only the necessary applications are permitted to use the BlackBerry Smart Card Reader driver.
Managing BlackBerry Smart Card Reader technology
Using the BlackBerry Enterprise Server Version 4.0 Service Pack 2 (with the S/MIME IT Policy template
imported) or BlackBerry Enterprise Server Version 4.0 Service Pack 3 or later, you can set BlackBerry Enterprise
Server IT policy rules that are deigned to control the behavior of the BlackBerry Smart Card Reader.
IT policy rule Recommended use
Force Erase All Keys on BlackBerry
Disconnected Timeout
Specify whether or not the secure pairing keys for the current
BlackBerry device and computer connections to the BlackBerry
Smart Card Reader are cleared when the BlackBerry disconnected
timeout fires.
Force Smart Card Two Factor
Authentication
Specify whether or not the user must type the BlackBerry device
password and the smart card password to use the BlackBerry device.
Note: Use Microsoft Windows Local Security Policy settings to
specify whether or not the user must connect to a supported smart
card reader from the Windows login screen to use the computer.
Force Smart Card Two Factor Challenge
Response
Specify whether or not the user must choose a smart card certificate
for use with smart card two-factor authentication. If smart card two-
factor authentication is turned on, when the user unlocks the
BlackBerry device, the BlackBerry device sends a challenge to the
smart card to verify that it is the same smart card that the
BlackBerry device used to initialize the authenticator module.
www.blackberry.com