Questions for Blackberry Admins and Security Experts

[Tõnis]

I have a few questions for BES admins and other people knowledgeable about BlackBerry security.

I understand that content protection encrypts BlackBerry data so that if someone extracts data directly from a password protected device's hardware it will be of little use to him. I would like to know how difficult it actually is to extract data from a locked device. I mean, is it relatively simple (necessitating only a computer and some readily available software), or does it take disassembly and/or specialized equipment found in a forensics lab? The reason I ask, is that I'm finding that a few applications perform more to my liking with content protection turned off. So, if I lose my password protected, locked phone, how safe is my data from direct hardware access? (Assume the finder wouldn't mind accessing the data and isn't stupid enough to enter too many wrong password attempts.) Also, how many of you BES administrators don't require content protection on the devices you hand out?

I'm just trying to assess my risk ...

TIA.

Tony

[Tõnis]

No one knows? I wonder if the topic would get replies in the BlackBerry Administrators forum ... Could a moderator please move it there? Thanks.

Also, found my composition (verbatim) on another site:

Questions for Blackberry Admins and Security Experts | my9800.com

Posted from my CrackBerry at wapforums.crackberry.com

[JeffH]

I moved your thread as requested. Encryption is forced on by my IT policy, but it is defaulted to Strong, which is the lowest level. I can change the strength. Contacts and Media files are not included, which is good. If Contacts are included, then CallerID can't look up names in the Address Book when calls come in while the device is locked.

[lak611]

Quote:

Originally Posted by JeffH

I moved your thread as requested. Encryption is forced on by my IT policy, but it is defaulted to Strong, which is the lowest level. I can change the strength. Contacts and Media files are not included, which is good. If Contacts are included, then CallerID can't look up names in the Address Book when calls come in while the device is locked.

Does enabling Contacts encryption on BIS also prevent CallerID from looking up names in the Address Book when calls come in while the device is locked?

[Tõnis]

Thanks, Jeff. My contacts aren't included either when I'm using encryption for the same reason. The other thing I learned is that, in addition to the CallerID not working, custom ringtones and notification profile exceptions don't work when the device is locked if content protection is enabled with address book included.

Posted from my CrackBerry at wapforums.crackberry.com

[Tõnis]

Quote:

Originally Posted by lak611

Does enabling Contacts encryption on BIS also prevent CallerID from looking up names in the Address Book when calls come in while the device is locked?

Yes. If the address book is included, CallerID will only show the number. Also, custom ringtones and notification profile exceptions won't work when the device is locked.

Posted from my CrackBerry at wapforums.crackberry.com

[JeffH]

Quote:

Originally Posted by lak611

Does enabling Contacts encryption on BIS also prevent CallerID from looking up names in the Address Book when calls come in while the device is locked?

I assume it would, since the encryption works the same whether it's forced on by an IT policy or turned on voluntarily by the user. I can't say for sure, though, since I've never used a BlackBerry that wasn't on BES.

EDIT: I see Tonis has the definitive answer.

[lak611]

Quote:

Originally Posted by Tõnis

Yes. If the address book is included, CallerID will only show the number. Also, custom ringtones and notification profile exceptions won't work.

Posted from my CrackBerry at wapforums.crackberry.com

Thank you. I use a password but do not enable encryption. That answers my question.