Professional Documents
Culture Documents
Policy Document: Blackberry Internet Services
Policy Document: Blackberry Internet Services
Policy Document
BlackBerry Internet Services
Neha Chandra
Purpose: This document intends to lay out the security requirements of Blackberry Internet Services on
a Blackberry smartphone and high level directives for implementing the same.
Scope: This policy applies to all subscribers of Blackberry Internet Services and related
services/applications.
Roles & Responsibilities: The responsibility of usage and compliance with these policies rests entirely
with the BIS user.
Validity: This policy remains in effect unless and until succeeded by a newer version.
Policy Summary: There are mainly two BlackBerry mobile connectivity options. One of them is the
BlackBerry Internet Service (BIS). Here in, the mobile service provider acts as an intermediary between
the user’s email server and his/her BlackBerry device. The BIS service hence caters to personal usage
and doesn’t have huge security concerns from organizational perspective. This policy outlines the
security policies which must be abided by the BIS user in order to enhance the security of blackberry
device owned.
2. E-mail Policy
The device must be configured to automatically encrypt all e-mails sent by the mail server to the
BIS.
All attachments must be protected using the Content Protection feature i.e. it must be turned
ON at all the times.
BIS must be configured to scan all attachments before opening them and block all such functions
in the attachment which might raise a security issue.
Anti-spam features of BIS must be turned ON to ward off unsolicited mails and messages.
6. Password Policy
A device password must be setup to prevent un-authorized users from accessing the device.
If the Password Keeper utility of the device is being used to manage different passwords of the
user then the master password of that utility must be chosen such that it’s strong enough to
prevent password attacks.
If the Content Protection Strength is set to ‘Stronger’ then a minimum of 12 digit device
password must be used.
If the Content Protection Strength is set to ‘Strongest’ then the password length must be a
minimum of 21 characters.
7. Privacy Policy
GPS Service provided by the device if not required must either be turned off or permanently
deleted as per the privacy requirements of the user.
Third party applications accessing GPS data without permission must be blocked or deleted.
Acronyms:
SSL Secure Sockets Layer
GPS Global Positioning System
BIS Blackberry Internet Services
BES Blackberry Enterprise Services
ACL Access Control List