[Truestream]

I've heard from a couple sources now that older versions of desktop manager (considerably older, pre-usb), allow you to plug in a current BB (8300-8330, 8100, 8700's) that has a security password set and backup the device without entering the pass in the desktop manager?

Anyone know of any truth to this, and if so, anyway to lock out Desktop software via policy or otherwise as this poses a considerably large security hole for us.

[Jadey]

Hmmm, have not tested this, so not sure.

Policy item to lookout for though:

Security Policy Group > Desktop Backup > Set to NO DATABASES

(Specify which BlackBerry device databases are backed up by the BlackBerry Desktop Software.
All databases: The desktop software backs up all BlackBerry device databases.
Minimal subset of databases: The desktop software backs up a minimal subset of BlackBerry device databases. Generally, these are databases which some desktop software components, such as the Certificate Synchronization Manager, require access to for proper operation.
No databases: The desktop software does not back up BlackBerry device databases.
If you do not set this rule, a default value of "All databases" will be used.
This rule applies only to Java-based BlackBerry devices version 4.0.0 and higher.)

Also have a look through the DESKTOP-ONLY ITEMS group