User guide
Best practice: Protecting plain text
messages that a device sends over the
wireless network
Plain text messages include SMS text messages, MMS messages, and PIN messages. A BlackBerry device can send SMS
text messages and MMS messages over a wireless TCP/IP connection.
Best practice Description
Prevent a user from sending,
forwarding, or replying to specific types
of message on the device.
Consider the following guidelines:
• Prevent a user from forwarding or replying to a message using a BlackBerry
Enterprise Server that did not deliver the original message.
• Prevent a user from using an email account to forward or reply to a PIN
message or reply to an email message with a PIN message.
To apply this best practice, you can use the Disable Forwarding Between
Services IT policy rule.
Prevent external connections to a
device.
Consider preventing applications on a device from opening external connections
(for example, to WAP, SMS, MMS, or other public gateways).
To apply this best practice, you can use the Allow External Connections IT policy
rule.
Require S/MIME encryption or PGP
encryption for PIN messages.
Consider preventing a user from sending PIN messages that are not S/MIME
encrypted or PGP encrypted if your organization uses a highly secure messaging
solution such as the S/MIME Support Package for BlackBerry smartphones or
the PGP Support Package for BlackBerry smartphones.
To apply this best practice, you can use the Disable Peer-to-Peer Normal Send
IT policy rule.
Prevent a device from using the global
PIN encryption key.
Considering the following guidelines:
• Limit the number of devices in your organization’s environment that can
receive BlackBerry Messenger messages and PIN messages that use the
global PIN encryption key.
• Limit the number of devices in your organization that can receive PIN
messages that use the PIN encryption key that is specific to your
organization, the global PIN encryption key, or both.
Security Technical Overview Protecting communication with a device
83