Security Basics mailing list archives
RE: Securing Blackberries
From: Murad Talukdar <talukdar_m () subway com>
Date: Tue, 24 Jan 2006 10:35:31 +1000
Thanks Mike--I have been following the whole thing with interest--luckily we live in Australia so the patent laws do not apply here--even though there is the Free Trade Agreement going through parliament at the moment which could see patents(for drugs at least) having weight here even though they were created under the US Patent acts. I have been assured that this won't affect RIM's use of the tech out here(whether I feel assured is a different matter). Not only that, I flagged this with management/directors etc and they didn't seem to really care. If the money gets spent and the Patents apply here and they have to ditch them--hey, I did make some noise <<shrug>>. Obviously I can't see that happening here for at least three- four years. Regards Murad Talukdar -----Original Message----- From: Murray, Mike [mailto:MMurray () csuchico edu] Sent: Tuesday, January 24, 2006 9:59 AM To: Murad Talukdar Subject: RE: Securing Blackberries You may want to read this before spending money on a bunch of Blackberries... http://news.yahoo.com/s/ap/20060123/ap_on_hi_te/scotus_blackberry_battle _6 -----Original Message----- From: Murad Talukdar [mailto:talukdar_m () subway com] Sent: Sunday, January 22, 2006 11:27 PM To: security-basics () securityfocus com Subject: Securing Blackberries We are going to be rolling out Blackberries(ys?) to our mobile staff and I wanted to know if anyone knows of any white papers or advisories on securing them. We are already looking at the usual mobile device security practices we have in place but I would like something more specific for the device. We will be using the BIS service(ie no Exchange server run in-house, all mail goes via the provider's BB server.) Some would say this is inherently insecure but this is a financial reality that we have to live with. There is encryption between the device and the provider and vice versa but I'm not sure what type of encryption it will use--maybe AES or 3DES. I still have no definite answer. However, is there any native way of encrypting data on the device itself? Blackberry's site is thin for anything like this-it has plenty for the BES solution--I'm just unsure as to how different BIS will be in this respect. The provider's tech team has been a little sketchy too, they have only just begun to roll these out to customers so I'm guessing that they know as much as I do--which is not a huge amount.(I actually had to tell them that we would be able to use the BIS system when none of them knew if our pop3 server would be able to work with it.) Googling this seems to give me a lot of vague docs but nothing in the way of specifics. Kind Regards Murad Talukdar ------------------------------------------------------------------------ --- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus ------------------------------------------------------------------------ --- --------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Securing Blackberries Murad Talukdar (Jan 23)
- Re: Securing Blackberries Jon Gucinski (Jan 24)
- Re: Securing Blackberries Shawn Badger (Jan 29)
- Re: Securing Blackberries Andre Ludwig (Jan 24)
- <Possible follow-ups>
- Re: Securing Blackberries nfanelli (Jan 24)
- RE: Securing Blackberries Murad Talukdar (Jan 24)
- Re: Securing Blackberries Jon Gucinski (Jan 24)