[JerryD]

I worrk for one of the big 4 Accounting companies supporting Smartphones, and have been a loyal BlackBerry user since 1999. I got devestaing news today. After waiting almost two years for a new BlackBerry and the Z10 being days from being available, I learned today that the Z10 has FAILED my company's simplistic security requirements! Why? Because a remote wipe doesn't wipe the SD card! I am SOOOooooo close to giving up on RIM - oh no I mean BlackBerry - another stupid choice. Everyone knew RIM was the company and BlackBerry was the product. Now you don't know what you're talking about when you say BlackBerry - and WHO CARES??? Get a quality product out - and do it NOW! I can't believe I'm stuck with staying with my nearly 2 year Ols 9900, or drinking the iPhone Kool Aide, or making myself vulnerable to the Android infectious free for all, or the Microsoft afterthought called Windows Phone 8 - today - they'll change the name befire the year is out so they look inovative - to their superiors!

Frankly, the state of the Smartphone ecology bites the big one.

And that's one man's opinion who has been in the industry for almost 40 years - but never mind. He's just a kook.

UPDATE: This information is wrong. As noted in the thread, the SD card in a Z10 is considered personal and not a work area and as such cannot be written to by the work side of Balance nor wiped by BES10 because there is no need for it. The work perimeter does *not* have access to the SD card

It appears that the information isn't wrong, I didn't specify that this is in an EAS environment, not a BES 10 environment.

[Smiley88]

just take the sd card out and don't give it to the employees. Or better yet take a screw driver the the sd card slot. That should do the job.

[Optimus15]

German government thinks it's secure.......

Posted via CB10

[cjcampbell]

I don't know for sure, but isn't it simple enough to make sure that any company data isn't able to be saved to the SD card? And also, what company who's looking for real security, allow data to be stored on a swappable memory card? Even if they could remotely wipe the card, all it would take is for someone to remove it to get whatever data is stored there. Something tells me that the highly robust security standards of NATO are a tad more stringent than the company you work for.

[ubizmo]

Does remote wipe of BBOS devices include the SD card? If so, I can see where there would be an expectation for this to continue, whatever the wisdom of storing data on a removable card. Frankly, it does seem like something that should be part of remote wipe. I don't work for any corporation but if I were in a situation where I wanted to remote wipe my phone, I'd want everything wiped.

[cjcampbell]

Does remote wipe of BBOS devices include the SD card? If so, I can see where there would be an expectation for this to continue, whatever the wisdom of storing data on a removable card. Frankly, it does seem like something that should be part of remote wipe. I don't work for any corporation but if I were in a situation where I wanted to remote wipe my phone, I'd want everything wiped.

I agree, yet disagree. The point of BB10 and Balance is to have your own phone and corporate get's there own space, without the two intermingleing. When it comes to security and needing to have remote wipe, then no corporate info should be able to be stored on any removable memory card.

[NoAhB0Dy]

I just looked at my BDS62 server and the only option currently for the SD card is to force encryption. Based on the differences between BES5 and BDS62, I would say there are still many many features to come.

That being said, the work perimeter does *not* have access to the SD card so in that regard, how is this even remotely a security failure? The SD card will only contain personal data so unless your company feels personal security is part of enterprise security, then I guess you won't be sporting a shiny new BB10 device.

Sucks to be those people!

[PostMortem]

I don't know for sure, but isn't it simple enough to make sure that any company data isn't able to be saved to the SD card? And also, what company who's looking for real security, allow data to be stored on a swappable memory card? Even if they could remotely wipe the card, all it would take is for someone to remove it to get whatever data is stored there. Something tells me that the highly robust security standards of NATO are a tad more stringent than the company you work for.

I agree with cjcampbell...
It does stink if there's no option to remote wipe the card. That doesn't bother me though because data that is stored in an SD card is data that can be too simply removed. Does the work partition of Balance allow for data to be stored on the SD card? Maybe some SD encryption is in order at the company level.

I certainly do not think that security wise using an iOS device or Android decive is better. I'm also not a security expert, but security experts have agreed (by certifying BB10).

[project_x]

Actually, I think if you encrypt the sd card, and remote wipe the device, I believe your encryption key is deleted and the card is unreadable....

Posted via CB10

[hornlovah]

From: BlackBerry Enterprise Service 10 BlackBerry Device Service Solution Version: 6.2 (PDF):

BlackBerry 10 devices are designed to protect work data by encrypting the files stored in the work space. Devices can also protect personal data by encrypting the files stored in the personal space if you or a user requires. Devices can also encrypt the files stored on media cards that are inserted in devices. Only personal data can be saved to media cards.

[Serkle K]

I thought the whole point of BES10 and Balance was so that you can't take the corporate stuff and save it to the personal side, where the SD card is recognized to reside?

[Bluenoser63]

I worrk for one of the big 4 Accounting companies supporting Smartphones, and have been a loyal BlackBerry user since 1999. I got devestaing news today. After waiting almost two years for a new BlackBerry and the Z10 being days from being available, I learned today that the Z10 has FAILED my company's simplistic security requirements! Why? Because a remote wipe doesn't wipe the SD card! I am SOOOooooo close to giving up on RIM - oh no I mean BlackBerry - another stupid choice. Everyone knew RIM was the company and BlackBerry was the product. Now you don't know what you're talking about when you say BlackBerry - and WHO CARES??? Get a quality product out - and do it NOW! I can't believe I'm stuck with staying with my nearly 2 year Ols 9900, or drinking the iPhone Kool Aide, or making myself vulnerable to the Android infectious free for all, or the Microsoft afterthought called Windows Phone 8 - today - they'll change the name befire the year is out so they look inovative - to their superiors!

Frankly, the state of the Smartphone ecology bites the big one.

And that's one man's opinion who has been in the industry for almost 40 years - but never mind. He's just a kook.

.
If you have BES10, you can disable access from workspace to the SD card. Problem solved. It wasn't that RIM failed, it was your IT that didn't read the documentation.

[Zach Gilbert]

Have your company disable access to the SD in work mode. I'm pretty sure you can, and if so Problem solved.

[piko 72]

Negative thread! JerryD ,7 posts since 2007 !! mmmm !

[ultra07]

IT department was the failure here not the Z10!! You should let them know!

[ubizmo]

Another option would be to partition the SD into work and personal areas, for Balance, and let remote wipe erase only the work area.

[Stewartj1]

Simple solution. Set policies to force encryption on the SD card. When the phone is wiped the data on the card is irretrievable.

Go to Settings/Security/Encryption then read the warning.





Posted via CB10

[masterscarhead1]

Balance doesn't allow corporate info to be stored on SD anyways...... Not sure what your company's IT is smoking. If they work for one of the top 4 accounting companies BUT can't read or google information like this, they should probably be fired. Don't blame BBRY, blame your company. USA government and many others have found it secure...

[QuantumQnx]

BlackBerry is the most secure platform period. If the morons in your IT department can't figure that out then they don't deserve their jobs.

The SD card is hot swapable and therefore should never be used for important data. IT policies should be able to restrict use.

Posted via CB10

[tre10]

Looks like the OP was a fire starter

[koroshiyax]

This is what "Wipe the Work Space" feature is for on BES10. The company should not care about compromising pictures on your personal space

The BES10 manual specifically states that you cannot save personal files onto the media card, but can encrypt them. Having said that, you can wipe media card data using BlackBerry Protect according to this:

Delete all data from your lost device - User Guide - BlackBerry Protect - 1.1

"You can delete all of the BlackBerry device data, including third-party applications and media card files, from your lost device. Some types of data, including pictures, email messages, third-party applications, and media files, cannot be backed up using BlackBerry Protect. This data will be deleted permanently from your device and media card."

[pcguy514]

the work perimeter does *not* have access to the SD card so in that regard, how is this even remotely a security failure? The SD card will only contain personal data so unless your company feels personal security is part of enterprise security

Sucks to be those people!

YUP... the internal 16gb is split 50/50 personal/enterprise apps are different for each side.
Sounds like someone in the IT department did poor research...

[mscooley]

I worrk for one of the big 4 Accounting companies supporting Smartphones, and have been a loyal BlackBerry user since 1999. I got devestaing news today. After waiting almost two years for a new BlackBerry and the Z10 being days from being available, I learned today that the Z10 has FAILED my company's simplistic security requirements! Why? Because a remote wipe doesn't wipe the SD card! I am SOOOooooo close to giving up on RIM - oh no I mean BlackBerry - another stupid choice. Everyone knew RIM was the company and BlackBerry was the product. Now you don't know what you're talking about when you say BlackBerry - and WHO CARES??? Get a quality product out - and do it NOW! I can't believe I'm stuck with staying with my nearly 2 year Ols 9900, or drinking the iPhone Kool Aide, or making myself vulnerable to the Android infectious free for all, or the Microsoft afterthought called Windows Phone 8 - today - they'll change the name befire the year is out so they look inovative - to their superiors!

Frankly, the state of the Smartphone ecology bites the big one.

And that's one man's opinion who has been in the industry for almost 40 years - but never mind. He's just a kook.

There's a nice little security feature called SD Card Encryption. Use. It.

[kfh227]

What about support for USB memory sticks? I know the Z10 does it but what about Android phones. I think some (not all) do it.

If this is such a big issue, that needs to be disabled through policy ... and I think the SD card thing should also be disabled or have some control over it to prevent corporate data from getting onto it. Clearly an OS patch can fix it.

[Omnitech]

I smell an astroturfer.

EVEN IF BES10 was able to wipe the MicroSD card (and it doesn't, because it doesn't allow work data to be saved there anyway), the Z10 supports SDXC cards, which have a theoretical max capacity of 2TB.

Given the slow speed of interchangeable flash memory cards, and given the need of a proper security wipe to make MULTIPLE PASSES of re-writing EVERY SINGLE BYTE of the media, does anyone here have the slightest concept of how long it would take to securely wipe a card of that size?

In short: I hope you're planning to go on a nice vacation for a while while your memory card gets wiped.

Samsung must pay well these days.