Advertisement
Erasing file systems on BlackBerry devices
BlackBerry device action
overwrites BlackBerry device
memory if content protection is
turned on
For more information, see "Appendix D: BlackBerry device wipe process" in the BlackBerry Enterprise Solution
Security Technical Overview.
Erasing data from BlackBerry device memory and making the BlackBerry device
unavailable (standard security wipe)
A BlackBerry device that is not physically connected to a computer is designed to permanently delete its user
and application data when any of the following events occur:
•
The user clicks Wipe Handheld (in the Security Options) on the BlackBerry device.
•
The user types the password incorrectly more times than the Set Maximum Password Attempts IT policy rule
allows on the BlackBerry device. (The default is ten attempts.)
•
The BlackBerry Enterprise Server administrator sends the Erase Data and Disable Handheld IT
administration command to the BlackBerry device from the BlackBerry Manager.
•
The BlackBerry Enterprise Server administrator sends the Erase Data and Disable Handheld IT
administration command with a delay (in hours, up to 168 hours) to the BlackBerry device from the
BlackBerry Manager.
A BlackBerry device is designed to erase its user and application data and all applications when it is physically
connected to a computer and any of the following events occur:
•
The BlackBerry device user runs the application loader tool in the BlackBerry® Desktop Software and types
the password incorrectly more times than the Set Maximum Password Attempts IT policy rule allows in the
application loader tool prompt. (The default is ten attempts.)
The BlackBerry device user can also use the application loader tool in the BlackBerry Desktop Software to
erase all user and application data on the BlackBerry device, but choose not to erase the BlackBerry device
applications.
•
The BlackBerry Enterprise Server administrator clicks Wipe Handheld File System in the BlackBerry
Manager. This option deletes all data and applications from the BlackBerry device even if the service books
do not exist on the BlackBerry device (in other words, if there is no connection between the BlackBerry
Enterprise Server and the BlackBerry device).
Removing third-party applications during a user-initiated security wipe
When the user clicks Wipe Handheld (in the Security Options) on the BlackBerry device, the user can select the
Include third party applications option at the same time. If the user selects this option, when the BlackBerry
device permanently deletes its stored user data during the device wipe, it will also remove all of its third-party
applications and application data.
Requiring a delay on remote BlackBerry device wipes
The BlackBerry Enterprise Server administrator can set the following IT policy rules to require that the remote
BlackBerry device automatically delete its user and application data.
IT policy rule
Secure Wipe Delay After IT
Policy Received
Secure Wipe Delay After Lock
©
2008 Research In Motion Limited. All rights reserved.
Description
The BlackBerry device uses a memory scrub process to overwrite the
BlackBerry device flash memory file system.
Description
Set this IT policy rule to a period of time, in hours, after which, if the
BlackBerry device has not successfully received IT policy updates or IT
administration commands, the BlackBerry device permanently deletes its
user and application data.
Set this IT policy rule to a period of time, in hours, after which, if the user has
not unlocked the BlackBerry device, the BlackBerry device permanently
deletes its user and application data.
www.blackberry.com
5
Advertisement
