Blackberry Enterprise Solution Security; Protecting Bluetooth Connections On A Blackberry Device; Managing A Bluetooth Enabled Blackberry Device - Blackberry PRD-09695-004 - SMART Card Reader Overview

BlackBerry Enterprise Solution security

The BlackBerry® Enterprise Solution is designed to encrypt data that is in transit at all points between a BlackBerry
device and the BlackBerry® Enterprise Server to help protect your organization from data loss or alteration. Only the
BlackBerry Enterprise Server and the BlackBerry device can decrypt the data that they send between each other. If
events that threaten the wireless security of your organization occur, the BlackBerry Enterprise Solution is designed
to prevent third parties, including wireless service providers, from accessing potentially sensitive information in a
decrypted format.
The BlackBerry Enterprise Solution uses symmetric key cryptography to encrypt messages and data that it sends over
the transport layer.

Protecting Bluetooth connections on a BlackBerry device

Bluetooth® technology permits a Bluetooth enabled BlackBerry® device to open a wireless connection with other
Bluetooth devices that are within a 10-meter range (for example, a hands-free car kit or wireless headset).
A Bluetooth profile on the BlackBerry device specifies how applications can connect and run. The Bluetooth Serial
Port Profile on the BlackBerry device specifies how the BlackBerry device can open a serial connection to another
Bluetooth enabled device using a virtual serial port.
By default, a BlackBerry device that is running BlackBerry® Device Software version 4.0 and later includes the
following security measures:
•
You or a user can turn off the Bluetooth technology for the BlackBerry device.
•
The user must request a connection or pairing on the BlackBerry device with another Bluetooth device. The
user must also type a shared secret key (called a passkey) to complete the pairing.
•
The user can specify whether to encrypt data to and from the BlackBerry device over a Bluetooth
connection. The BlackBerry® Enterprise Solution uses the passkey to generate encryption keys.
•
The BlackBerry device prompts the user each time a Bluetooth device tries to connect to the BlackBerry
device.

Managing a Bluetooth enabled BlackBerry device

Using BlackBerry® Enterprise Server version 4.0 and later, you can use IT policy rules to manage the Bluetooth®
technology on a Bluetooth enabled BlackBerry device. For example, you can use IT policies to configure the following
behavior:
•
prevent the BlackBerry device from opening a Bluetooth connection to another Bluetooth enabled
BlackBerry device, another Bluetooth enabled device, or the BlackBerry® Desktop Software
•
prevent a user from turning on Discoverable mode on the BlackBerry device
•
require the BlackBerry device to use Bluetooth encryption on all connections
•
require the BlackBerry device to prompt the user to type the BlackBerry device password to turn on
Bluetooth support
•
require the BlackBerry device to prompt the user to type the BlackBerry device password to turn on
discoverable mode
•
prevent the BlackBerry device from using the Bluetooth Headset Profile, the Bluetooth Handsfree Profile, or
the Bluetooth Serial Port Profile
•
prevent the BlackBerry device from bypassing the wireless network over a Bluetooth connection
•
prevent the BlackBerry device from sending or receiving contact list information over a Bluetooth
connection
•
prevent the BlackBerry device from making phone calls
For more information, see the BlackBerry Enterprise Server Policy Reference Guide.
8