- CrackBerry User
- 16 Posts
Z10 fails corporate security test [Updated]
I worrk for one of the big 4 Accounting companies supporting Smartphones, and have been a loyal BlackBerry user since 1999. I got devestaing news today. After waiting almost two years for a new BlackBerry and the Z10 being days from being available, I learned today that the Z10 has FAILED my company's simplistic security requirements! Why? Because a remote wipe doesn't wipe the SD card! I am SOOOooooo close to giving up on RIM - oh no I mean BlackBerry - another stupid choice. Everyone knew RIM was the company and BlackBerry was the product. Now you don't know what you're talking about when you say BlackBerry - and WHO CARES??? Get a quality product out - and do it NOW! I can't believe I'm stuck with staying with my nearly 2 year Ols 9900, or drinking the iPhone Kool Aide, or making myself vulnerable to the Android infectious free for all, or the Microsoft afterthought called Windows Phone 8 - today - they'll change the name befire the year is out so they look inovative - to their superiors!
Frankly, the state of the Smartphone ecology bites the big one.
And that's one man's opinion who has been in the industry for almost 40 years - but never mind. He's just a kook.
UPDATE: This information is wrong. As noted in the thread, the SD card in a Z10 is considered personal and not a work area and as such cannot be written to by the work side of Balance nor wiped by BES10 because there is no need for it. The work perimeter does *not* have access to the SD card
It appears that the information isn't wrong, I didn't specify that this is in an EAS environment, not a BES 10 environment.
Last edited by JerryD; 03-17-13 at 03:23 PM.
- 03-07-13, 07:12 PM #4
I don't know for sure, but isn't it simple enough to make sure that any company data isn't able to be saved to the SD card? And also, what company who's looking for real security, allow data to be stored on a swappable memory card? Even if they could remotely wipe the card, all it would take is for someone to remove it to get whatever data is stored there. Something tells me that the highly robust security standards of NATO are a tad more stringent than the company you work for.
- 03-07-13, 07:16 PM #5
Does remote wipe of BBOS devices include the SD card? If so, I can see where there would be an expectation for this to continue, whatever the wisdom of storing data on a removable card. Frankly, it does seem like something that should be part of remote wipe. I don't work for any corporation but if I were in a situation where I wanted to remote wipe my phone, I'd want everything wiped.
- 03-07-13, 07:23 PM #6
- 03-07-13, 07:23 PM #7
I just looked at my BDS62 server and the only option currently for the SD card is to force encryption. Based on the differences between BES5 and BDS62, I would say there are still many many features to come.
That being said, the work perimeter does *not* have access to the SD card so in that regard, how is this even remotely a security failure? The SD card will only contain personal data so unless your company feels personal security is part of enterprise security, then I guess you won't be sporting a shiny new BB10 device.
Sucks to be those people!
- CrackBerry Abuser
03-07-13, 07:24 PM #8
- 447 Posts
- Which one? Ask me.
It does stink if there's no option to remote wipe the card. That doesn't bother me though because data that is stored in an SD card is data that can be too simply removed. Does the work partition of Balance allow for data to be stored on the SD card? Maybe some SD encryption is in order at the company level.
I certainly do not think that security wise using an iOS device or Android decive is better. I'm also not a security expert, but security experts have agreed (by certifying BB10).
- CrackBerry Abuser
03-07-13, 07:32 PM #10
- 220 Posts
From: BlackBerry Enterprise Service 10 BlackBerry Device Service Solution Version: 6.2 (PDF):
BlackBerry 10 devices are designed to protect work data by encrypting the files stored in the work space. Devices can also protect personal data by encrypting the files stored in the personal space if you or a user requires. Devices can also encrypt the files stored on media cards that are inserted in devices. Only personal data can be saved to media cards.
- 03-07-13, 07:32 PM #11
I thought the whole point of BES10 and Balance was so that you can't take the corporate stuff and save it to the personal side, where the SD card is recognized to reside?
- CrackBerry Genius
03-07-13, 08:02 PM #18
- 3,711 Posts
Balance doesn't allow corporate info to be stored on SD anyways...... Not sure what your company's IT is smoking. If they work for one of the top 4 accounting companies BUT can't read or google information like this, they should probably be fired. Don't blame BBRY, blame your company. USA government and many others have found it secure...
- 03-07-13, 08:07 PM #19
BlackBerry is the most secure platform period. If the morons in your IT department can't figure that out then they don't deserve their jobs.
The SD card is hot swapable and therefore should never be used for important data. IT policies should be able to restrict use.
Posted via CB10
- 03-07-13, 08:54 PM #21
This is what "Wipe the Work Space" feature is for on BES10. The company should not care about compromising pictures on your personal space
The BES10 manual specifically states that you cannot save personal files onto the media card, but can encrypt them. Having said that, you can wipe media card data using BlackBerry Protect according to this:
Delete all data from your lost device - User Guide - BlackBerry Protect - 1.1
"You can delete all of the BlackBerry device data, including third-party applications and media card files, from your lost device. Some types of data, including pictures, email messages, third-party applications, and media files, cannot be backed up using BlackBerry Protect. This data will be deleted permanently from your device and media card."
- 03-07-13, 09:00 PM #24
What about support for USB memory sticks? I know the Z10 does it but what about Android phones. I think some (not all) do it.
If this is such a big issue, that needs to be disabled through policy ... and I think the SD card thing should also be disabled or have some control over it to prevent corporate data from getting onto it. Clearly an OS patch can fix it.
- Dragon Slayer
03-07-13, 09:15 PM #25
- 10,877 Posts
I smell an astroturfer.
EVEN IF BES10 was able to wipe the MicroSD card (and it doesn't, because it doesn't allow work data to be saved there anyway), the Z10 supports SDXC cards, which have a theoretical max capacity of 2TB.
Given the slow speed of interchangeable flash memory cards, and given the need of a proper security wipe to make MULTIPLE PASSES of re-writing EVERY SINGLE BYTE of the media, does anyone here have the slightest concept of how long it would take to securely wipe a card of that size?
In short: I hope you're planning to go on a nice vacation for a while while your memory card gets wiped.
Samsung must pay well these days.
- By TeaBoy in forum BlackBerry Z10Replies: 31Last Post: 04-17-13, 08:30 AM
- By Benjamindaines in forum BlackBerry OS 5 & 4.xReplies: 5Last Post: 10-21-09, 11:25 PM
- By ToNeBerry24 in forum BlackBerry Tour 9630Replies: 46Last Post: 08-26-09, 01:19 PM
- By iamjoel5 in forum General BlackBerry DiscussionReplies: 9Last Post: 06-22-08, 02:50 PM
- By Kent62 in forum BlackBerry AdministratorsReplies: 6Last Post: 07-20-07, 05:14 AM