Manualshelf

User guide

ManualsBrandsBlackberry ManualsComputer equipmentENTERPRISE SOLUTION SECURITY - SECURITY FOR DEVICES WITH BLUETOOTH WIRELESS TECHNOLOGY - TECHNICAL
111112113114115116117118119120
How the BlackBerry Enterprise Solution protects
BlackBerry Device Software updates over the wireless
network using IT policies and content protection
The default values for the Default IT policy determine that only the BlackBerry Enterprise Server can send available
updates and request a BlackBerry device to update the BlackBerry Device Software. A wireless service provider cannot
send available
BlackBerry Device Software updates to the device unless you change the value for the Allow Non Enterprise
Upgrade IT policy rule to Yes.
When you or a user turns on the content protection feature on a device, the device protects user data in the following ways:
requires the user to type the device password before the BlackBerry Device Software update process can back up or
restore user data
requires the device to encrypt stored user data during the BlackBerry Device Software update process
Battery power requirements for BlackBerry Device
Software
updates over the wireless network
The battery power level on a BlackBerry device must be 50% or greater for the BlackBerry device to retrieve an update
package over the wireless network. If the battery power level is below the minimum requirement, the update process
suspends. The BlackBerry device prompts the user to recharge the battery and start the BlackBerry Device Software
update process again. If the battery power level returns to 50%, the BlackBerry device resumes retrieving the update
package from the
BlackBerry Infrastructure.
The battery power requirement is designed to protect the BlackBerry device against attacks from a potentially malicious
user who might try to take advantage of low battery power during a
BlackBerry Device Software update.
Data flow: Preparing to send a BlackBerry Device
Software update over the wireless network
Before the BlackBerry Infrastructure sends a BlackBerry Device Software update to a BlackBerry device, the BlackBerry
Infrastructure
performs the following actions:
1. generates an ECDSA key periodically using ECC over a 521-bit curve
2. signs the ECDSA key using a stored root certificate
3. signs the BlackBerry Device Software update that it sends to the BlackBerry device using the digitally signed ECDSA
key
Security Technical Overview Protecting BlackBerry Device Software updates
112