BlackBerry Security

BlackBerry Security
Top 5 Blackberry Security Recommendations
1. Disable pin-to-pin messaging
2. Enable password-
protection on the device (strong passwords, expiration)
3. Disable the install
ation of 3rd party applications
4. Make user aware that data on the device is at risk (awareness)

5. Communicate the procedure for loss of device and emergency
shutdown of

Blackberry mobile units are wireless email devices designed and produced by
Research in Motion Ltd (RIM).

Blackberry uses multi
ple different backbones to deliver the required information
packets over the wireless network. These backbones include, Microsoft’s
Exchange Server,
Lotus Notes Domino as well as Internet Only Email systems.
Microsoft Excha
nge Server

At the center of the backbone is RIM’s proprietary Desktop Manager. This
software package stores the configuration information and synchronizes the
handheld to a docking station connected through a serial connection to the users
main desktop computer. The synchronization process includes tasks, contacts,
calendar, email, time, as well as the initial encryption key that will be detailed out
later in this report. After the initial synchronization, the Blackberry will link up to
the Blackberry Enterprise server to monitor the user’s inbox for new mail,
compress and encrypt the message to deliver them to the Blackberry handheld
or decompress and decrypt messages originating from the handheld. These two
software packages then integrate into the Microsoft’s Exchange Server and
Outlook for email delivery to the recipient. The figure 1 illustration shows the
path that the information moves through the computer network for the Microsoft
Exchange Server backbone. Please keep in mind that this is a two way diagram,
the email starts at the mobile unit, moves through network to the blackberry
desktop and out again to the recipient.

Blackberry also uses two other server:
1)Lotus Domino Server
2)Internet Only Architecture Overview
Both of this architecture are similar to that of microsoft.

III. Blackberry Security Features
Wireless devices have now become an essential component to a corporate
executives or technical workers arsenal. Due to the information that is now being
transmitted and literally falling out of the sky, the term end-to-end security is no
longer a selling point, rather a requirement. Because of this increased security,
Research in Motion developed the Blackberry architecture to ensure multiple
different security objectives. These objectives include:
1. Protecting data on the handheld
2. Securing the wireless link
3. Minimal user impact
Information Security individuals have been inundated with wireless devices that
promise security outwardly, but have little to show for it. Security Issues that
surround the wireless device include eavesdropping, physical theft of equipment
and information, viruses, DoS attacks, and spoofing and hijacking. The following
list of security features will be sorted by RIM’s stated objectives and compared to
the issues and vulnerabilities surrounding wireless networks.