[whoopsie]

Hi all

I have some questions around browser security on Blackberrys. As part of a 135 user base via our own BES we have recently taken the decision to remove the browser option from our Blackberrys. The theory.... A user could download and executable or other virus etc and send this mail to another user on the corporate network spreading a virus. Is there a solution to this risk? what have others done?

Regards

[markhutchison]

Wirelessly posted (8130, Bell Mobility: BlackBerry8130/4.3.0 Profile/MIDP-2.0 Configuration/CLDC-1.1 VendorID/109)

To my knowledge you cannot download files with the BlackBerry browser outside of specific recognized filetypes like Java apps, images and other media types. There may be some risk in a user installing a malicious Java app (although I haven't heard of any existing) but I believe you should be able to allow Browser access while restricting 3rd party app installation.

[markhutchison]

Wirelessly posted (8130, Bell Mobility: BlackBerry8130/4.3.0 Profile/MIDP-2.0 Configuration/CLDC-1.1 VendorID/109)

You could also set a restriction on your email server to prevent users from emailing high risk filetypes like EXE, RAR, COM, etc. This is a fairly standard restriction in many large organizations.

[TroyDBrown]

Quote:

Originally Posted by whoopsie

Hi all

I have some questions around browser security on Blackberrys. As part of a 135 user base via our own BES we have recently taken the decision to remove the browser option from our Blackberrys. The theory.... A user could download and executable or other virus etc and send this mail to another user on the corporate network spreading a virus. Is there a solution to this risk? what have others done?

Regards

Seems a little extreme for there being no real threat. Your corporate network needs protection, not the BlackBerrys

[Berry One]

Quote:

Originally Posted by whoopsie

Hi all

I have some questions around browser security on Blackberrys. As part of a 135 user base via our own BES we have recently taken the decision to remove the browser option from our Blackberrys. The theory.... A user could download and executable or other virus etc and send this mail to another user on the corporate network spreading a virus. Is there a solution to this risk? what have others done?

Regards

You are rightfully concerned. A user could download BlackBerry application OTA (over the air), install it and that can be used to breach security of your environment.

As far as I know, and BES is not my area of expertise, you can restrict corporate devices what applications they can run and, may be, what applications they can install.
This may be a more reliable approach because you can still let people use any browser they want yet not allow them run or install not autorized software on blackberries.

[whoopsie]

All

Thanks for your replies which have given great food for thought

Regards