Manualshelf

Specifications

ManualsBrandsBlackberry ManualsComputer equipmentENTERPRISE SOLUTION SECURITY - SECURITY FOR DEVICES WITH BLUETOOTH WIRELESS TECHNOLOGY - TECHNICAL
21222324252627282930
How the BlackBerry Device Service
manages email messages
Devices use Microsoft ActiveSync to synchronize email messages, calendar entries, and contacts with your organization’s
messaging server. The BlackBerry Device Service can allow devices that are not connected to your organization's internal
network or do not have a VPN connection to synchronize with the messaging server without requiring you to make
connections to Microsoft ActiveSync available from outside the firewall.
Microsoft ActiveSync can be configured to allow only connections with the BlackBerry Device Service. The BlackBerry
Device Service allows devices to synchronize securely with the messaging server over the BlackBerry Infrastructure using
the same encryption methods that it uses for all other work data. When the BlackBerry Device Service provides the
connection between your messaging server and devices, the BlackBerry Device Service IT policies take precedence over
any Microsoft ActiveSync policies that are set for the devices.
If your organization uses SCEP to enroll certificates to devices, you can associate a SCEP profile with an email profile to
require certificate-based authentication to help protect connections between devices and the messaging server.
Related information
Extending messaging security on BlackBerry 10 devices, 85
Using SCEP to enroll client certificates to a device, 39
How devices can connect to the BlackBerry
Infrastructure
Devices and the BlackBerry Infrastructure send all data to each other over a TLS connection. The TLS connection encrypts
the data that devices and the BlackBerry Infrastructure send between each other.
A TLS connection between a device and the BlackBerry Infrastructure is designed so that an attacker cannot use the TLS
connection to send data to or receive data from the device.
If an attacker tries to impersonate the BlackBerry Infrastructure, devices prevent the connection. Devices verify whether
the public key of the TLS certificate of the BlackBerry Infrastructure matches the private key of the root certificate that is
preloaded on the devices during the manufacturing process. If a user accepts a certificate that is not valid, the connection
cannot open unless the device can also authenticate with a valid BlackBerry Device Service.
Security Technical Overview How devices connect to the BlackBerry Device Service
21