BlackBerry Mobile device security

There are special considerations to be aware of when securing a BlackBerry device.

Authentication

IBM Traveler relies on the Domino infrastructure (HTTP and Admin Client) to authenticate the user. The authentication credentials can be one of the user's allowed Domino name formats, along with the user's HTTP password, or it can be something defined with the Directory Assistance database. All devices use HTTP Basic Authentication, so HTTPS is recommended for security reasons unless using a VPN or a secured network.

Account Information and Passwords:
  • Account Information and Passwords are stored in the appropriate perimeter and protected with access control rules.
  • The IBM Notes ID password used for reading Domino encrypted mail is cached for the duration specified by the device lockout timeout and protected by access control permissions. Neither the Notes ID nor the Notes ID Password are stored on the device.
Protection of work data on a device:
  • The device protects work data using XTS-AES-256 encryption.
  • You can use an IT policy rule to require that a device encrypt the data stored in the personal file system. The device then protects the personal data using XTSAES-256 encryption.

For additional information on these topics and others, please see the BlackBerry Security Technical Overview.