[Dshield] Thoughts on Blackberry Security?
securityguy at dslextreme.com
Wed Oct 6 18:11:32 GMT 2004
It seems the latest trend is for everyone to buy a blackberry and use it for
accessing corporate email. I'm researching the security of such devices.
>From what I read on the net, RIM uses a blackberry enterprise server
(required) to encrypt corporate email through the firewall, where's it
decrypted on the local device. So far so good. But is it really end-to-end
Many of my users don't have the BB secure server - they're just setting up a
rule that forwards their email to their blackberry account. SOOOOO, their
email, is being sent clear text. Problem #2 - I read else where that a
blackberry has no passwords, local data encryption, etc., and a stolen
blackberry is a thief's dream.
I'm just starting to figure this out and I don't have a blackberry to
experiment with. I'd appreciate anyone else's insight on such practices.
More information about the list