Black Berry stolen
 

A Black Berry has been stolen and we want to stop the flow of emails going to that black berry.

I disabled MDS access, disabled redirection, and I sent a erase and disable hand held message to the black berry.

What else should I do? Also can someone give me a breif explanation as what the above options I disable really do?

Erase & Disable is really all you need to do from the BES side.
That wipes all user data off the device and disconnects the device from BES.

Once you confirm that the erase & disable was successful (you can verify this in BES Manager) then you should call the wireless carrier and report the device as being stolen.

You did everything you can do from a BES perspective. The MDS will not allow the person access to your intranet. The disable redirection will stop email from being sent to the device, and the erase and disable will.....erase and lock the device (although I haven't had a lot of luck with that step).

Next step is to contact your carrier and report the device as stolen so they can flag the IMEI and it cannot be reactivated for the filthy swine that stole it.

When you guys say the erase and disable erases the users data does that include emails saved on the black berry?

Yes.

Good practice might be as well to Set password and lock the handheld. Then Set owner informations, so if it wasn't stolen but rather lost, person who finds it would know who does it belong to. If they decide not to return it, in order for them to use it, they need to pass password point. After 10 failed attempts handheld will get wiped anyway. And yes when you erase and disable it will erase everything except IT policy.;-)

We have our IT Policy set to that when the device locks the info field displays:
If lost, please return to Our Company Address.

But to address the Original Poster's question, you did everything right.

So it occurs to me, since the IT policy isn't affected by a device wipe, I should create a completely restrictive IT policy that locks the device down as tight as can be, and then blast it down to a device if it is stolen. I wonder just how tight it can be made?

You could push down a policy that wipes after only a few password attempts, instead of 3.

Disable the phone, so they can't use it all, and disable all SMS and MMS messaging, too.

In fact, I think I'll go make a 'Stolen device' policy that does all that.....

Here's what I just created - in case anyone really cares what I think :razz:

Allow Phone,False
Allow Browser,False
Password Required,True
Set Maximum Password Attempts,3
Minimum Password Length,6
User Can Disable Password,False
Maximum Security Timeout,2
Maximum Password Age,1
User Can Change Timeout,False
Password Pattern Checks,1
Allow SMS,False
Lock Owner Info,3
Set Owner Info,This [Our company name] device has been flagged as lost or stolen. Please contact the [Our company name] Helpdesk at [phone number] to return this device.
Set Owner Name,[Our company name]
Disable MMS,True
Disable Voice-Activated Dialing,True
Maximum Password History,8
Disallow Third Party Application Downloads,True
Force Lock When Holstered,True
Firewall Block Incoming Messages,3
Disable Camera,True
Allow Other Message Services,False
Allow Other Browser Services,False
Disable BlackBerry Messenger,True

Anything else?

Care to export that policy when you are done? :)

I had to wipe out the cobwebs to remember how to use the BRK to list it, let along how to export it ;-)

It makes me happy to think of someone's glee that is crushed when they discover that the new (stolen) phone they have, has been turned into an almost permanent paper weight. :)

It would be great if you could export the policy, save me having to make one up... :D

Unfortunately, this is rarely the case.
Those who steal mobile phones rarely use them for themselves. Most are pawned or sold on eBay to other unsuspecting users who then have to suffer as a result of purchasing a stolen item.

The reality is that the thief doesn't suffer at all, and that's the part that sucks.

Also, it's fairly simple (with a little bit of Googling) for anyone to "uncripple" a restricted device should they need to.

Now if we could build in some sort of 10,000 volt shocking mechanism..... the policy would be PERFECT. ;-)

I suppose that's true, but I was hopeful for a few moments. Why make it any easier than you have to... :)

I'm pulling a blank on the developer who has a tracking app, looks cool (reports back device phone number and gps location) but with 4.5 and the easy removal of all apps on a device wipe it doesn't seem so useful anymore. :(