09-18-13 08:29 PM
tools
  1. higherdestiny's Avatar
    higherdestiny
    There's been a lot of talk recently about the NSA and what data they may or may not have had access to. Some of this talk included BlackBerry devices. While there's been a lot of misinformation about the security of the platform, I wanted to put together a quick 'good practice' guide for the more paranoid ones out there.

    So without further delay, here's the "How to ensure your BlackBerry is NSA proof" guide:

    1) ALWAYS security wipe your devices before use.
    From time to time, carriers and suppliers will open boxes and use devices for testing purposes. It's not completely uncommon to receive a 'new' device and find that the operating system is not in 100% stock condition. Worst case scenario - someone's interfered with your device and loaded some malicious software on it before you received it. Solution - security wipe the device before you use it.

    2) ALWAYS connect to a BES server.
    Quite simply, a BES is the most secure connection possible. BIS can be infiltrated. Direct Active Sync can also be infiltrated. BES is far more secure - so always use your device with a BES. Also ensure your IT policy forces all data to be routed through the BES regardless of connection type.

    3) Ensure your BES is secure.
    Sounds logical - but so many companies don't follow the correct processes when it comes to securing ports and permissions. For ultra security - user a BlackBerry router in a DMZ and only use port 3101 for connections - nothing else. It's harder to hack a box when the only open port is 3101.

    4) For ultra security - use wired device activations.
    When activating a device over the air, the device generates an encryption key which is transferred (securely) over your carrier connection. While this process uses secure transfer processes, the more paranoid may not trust this process completely. To be completely sure that no-one can access your encryption key, perform a wired device activation. This way the encryption key is generated on your device and is transferred to your BES over the local infrastructure. From that point onwards, wireless data is transmitted securely using the encrypted key which has never been transmitted over any external network - yippee!


    If you follow the above points, you'll have an extremely secure connection. There's a whole host of IT policy settings to consider as well, but I wanted to focus on some more general processes first - as they are critical.

    If you're using a device with the above steps, you can be sure your device is as 'NSA proof' as possible.
    barbas79 and Omnitech like this.
    09-18-13 06:39 PM
  2. BravoZuluDelta's Avatar
    BravoZuluDelta
    Step 5.

    How to ensure your BlackBerry is NSA Proof.-img_00001074_hdr_edit.jpg

    I keed, I keed.

    Posted via CB10 on Q10
    09-18-13 06:53 PM
  3. trroystory's Avatar
    trroystory
    Lmfao ^

    Posted via CB10
    09-18-13 06:59 PM
  4. MiyakSk33's Avatar
    MiyakSk33
    Thanks but which average user has the time for that.

    Posted via CB10
    09-18-13 07:09 PM
  5. emtunc's Avatar
    emtunc
    Originally Posted by MiyakSk33
    Thanks but which average user has the time for that.

    Posted via CB10
    Answer is none and frankly most typical end users these days don't really give a crap about security + privacy. They just listen to what ever friends/media say... even if it's rubbish. That's reality.

    Posted via CB10
    jpvj likes this.
    09-18-13 07:11 PM
  6. SubmarinerOne's Avatar
    SubmarinerOne
    Originally Posted by higherdestiny
    If you're using a device with the above steps, you can be sure your device is as 'NSA proof' as possible.
    Hi,
    Is this also attainable with BB10? I ask because I'm under the impression BB10 does not run through BES .


    #IchooseBlackBery10 any day
    09-18-13 07:24 PM
  7. BravoZuluDelta's Avatar
    BravoZuluDelta
    Originally Posted by SubmarinerOne
    Hi,
    Is this also attainable with BB10? I ask because I'm under the impression BB10 does not run through BES .


    #IchooseBlackBery10 any day
    BB10 runs through BES if you have it set up that way (through your employer or via your own server). BIS is what was taken out; this ran through your carrier and was present on all BBOS devices.
    09-18-13 07:35 PM
  8. higherdestiny's Avatar
    higherdestiny
    Originally Posted by SubmarinerOne
    Hi,
    Is this also attainable with BB10? I ask because I'm under the impression BB10 does not run through BES .


    #IchooseBlackBery10 any day
    Yes it is My organisation does exactly that.
    SubmarinerOne likes this.
    09-18-13 08:27 PM
  9. higherdestiny's Avatar
    higherdestiny
    Originally Posted by MiyakSk33
    Thanks but which average user has the time for that.

    Posted via CB10
    Your 'average user' probably won't need to worry about having this level of security.
    Not to mention, BlackBerry is still the most secure platform for your 'average user' compared to the competition.

    My post is probably more targeted at corporations and BES admins.
    09-18-13 08:29 PM
« BlackBerry Wants to Sell Itself by Year End: Blair | Why can't I receive a text from a specific Iphone »

Similar Threads

  1. No compelling reason to ditch the Z10 for a Z30...For me.
    By tw1g_007 in forum BlackBerry Z10
    Replies: 40
    Last Post: 09-22-13, 10:06 AM
  2. Blackberry Link 1.2.0.28 - Remote Access no longer showing shared folders
    By BBJonbo in forum BlackBerry 10 OS
    Replies: 3
    Last Post: 09-19-13, 01:00 PM
  3. BlackBerry Z30 Release dates?
    By Jeandry Brito in forum BlackBerry Z30
    Replies: 5
    Last Post: 09-19-13, 03:24 AM
  4. [ebay] Get your Z30. Steal of a deal! ;)
    By mylesw42 in forum BlackBerry Z30
    Replies: 2
    Last Post: 09-18-13, 11:58 PM
  5. To all those critical of BBMX (depite having never used it)
    By BBPandy in forum General BlackBerry News, Discussion & Rumors
    Replies: 2
    Last Post: 09-18-13, 07:05 PM
LINK TO POST COPIED TO CLIPBOARD