Manualshelf

Specifications

ManualsBrandsBlackberry ManualsComputer equipmentENTERPRISE SOLUTION SECURITY - SECURITY FOR DEVICES WITH BLUETOOTH WIRELESS TECHNOLOGY - TECHNICAL
101102103104105106107108109110
You or a user wipes the device. During this process, the device deletes the smart card binding information from device
memory. When the process completes, a user can authenticate with the device using a new smart card. You can wipe
the device by sending the “Delete all device data and remove device” IT administration command or the “Delete only
the organization data and remove device” IT administration command.
The user turns off two-factor authentication. During this process, the device turns off two-factor authentication with the
installed smart card and deletes the smart card binding information from the device.
Authenticating a user using a smart card
When you require a user to authenticate with a BlackBerry 10 device using a smart card, you turn on two factor
authentication. Users need to prove their identities by demonstrating two factors:
What they have (the smart card)
What they know (their smart card password)
You can configure the “Two-Factor Authentication Only for Work Space” IT policy rule or “Assign Two-Factor
Authentication for Work” IT policy rule to require that a user uses a smart card to authenticate when the user accesses the
work space on a device. If you do not force the user to use a smart card to authenticate, the user can turn on or turn off
two-factor authentication with the smart card by changing the User Authenticator field in the Security options on the
device.
When you turn on two-factor authentication on the device, the following events occur:
1. The device pushes the current IT policy to the reader.
2. When a user tries to unlock the work space on the device, the device prompts the user to type the device password. If
the user has not yet set a device password, the device forces the user to set a password.
3. The device prompts the user to type the smart card password to turn on two-factor authentication with the installed
smart card.
4. The device binds to the installed smart card automatically by encrypting and storing the smart card binding information
in the base file system, which is designed to be inaccessible to the user.
When a user turns on two-factor authentication on the device, the following events occur:
1. The device prompts the user to type the device password. If the user has not yet configured a device password, the
device forces the user to set a password.
2. The device prompts the user to type the smart card password to turn on two-factor authentication with the installed
smart card.
Security Technical Overview Protecting data
106