Blackberry Enterprise Solution Security Features - Blackberry ENTERPRISE SOLUTION SECURITY - ENTERPRISE SOLUTION - SECURITY TECHNICAL Overview

BlackBerry Enterprise Solution
Concept Description
authenticity enables the message
recipient to identify and
trust the identity of the
message sender
The BlackBerry Enterprise Solution is designed so that data remains encrypted (in other words, it is not
decrypted) at all points between the BlackBerry device and the BlackBerry Enterprise Server. Only the
BlackBerry Enterprise Server and the BlackBerry device can access the data that they send between them. Thus,
third-parties, including service providers, cannot access potentially sensitive organization information in a
decrypted format.
If the BlackBerry device cannot recognize the message format that the BlackBerry Enterprise Server decryption
process produces, it does not receive the message; if the BlackBerry Enterprise Server receives a message
encrypted with the wrong master encryption key, it does not send the message to the BlackBerry device. If
message failure occurs, the BlackBerry device prompts the BlackBerry device user to generate a new master
encryption key.

BlackBerry Enterprise Solution security features

Feature
protect data
protect encryption keys
control BlackBerry device connections
www.blackberry.com
BlackBerry Enterprise Solution implementation
Require that the BlackBerry device authenticate itself to the
BlackBerry Enterprise Server to prove that it knows the
master encryption key before the BlackBerry Enterprise
Server can send data to the BlackBerry device.
Description
•
Encrypt data traffic in transit between the BlackBerry
Enterprise Server and the BlackBerry device.
•
Encrypt data traffic in transit between your organization's
messaging and collaboration server and a BlackBerry device
user's computer email application.
•
Use secure protocols to connect the BlackBerry Enterprise
Server to the BlackBerry Infrastructure.
•
Encrypt data on the BlackBerry device.
•
Encrypt data in the BlackBerry Configuration Database.
•
Authenticate a BlackBerry device user to the BlackBerry
device using a smart card with a password or passphrase.
•
Verify the authenticity and integrity of the BlackBerry
device operating system and BlackBerry Device Software
automatically.
•
Encrypt encryption keys on the BlackBerry device.
•
Control which BlackBerry devices can connect to the
BlackBerry Enterprise Server.
•
Control Bluetooth® connections to and from the BlackBerry
device.
•
Control BlackBerry Smart Card Reader connections.
•
Control Wi-Fi® enabled BlackBerry device connections to
enterprise Wi-Fi networks.
7