BlackBerry Forums Support Community - View Single Post - How many of you actually implement security on your corporate Blackberries?

ladydi · 09-10-2007, 01:36 PM

Step 1: use Exchange

Everything syncs OTA without hassle.

x14 is probably correct. Here, we enforce 8 character alpha numeric passwords with a 20 minute timeout (no locking on holstering) and they get 5 tries before the device wipes. If they do wipe it and they are not on site, I walk them through re-activating over the phone. It hasn't been a problem.

Now that I have all of my users on 4.2 handheld software, we have a policy that says if the BB hasn't received IT policy in 12 days, the BB wipes itself. This was done in response to a user wholost their BB, but didn't report it lost for 5 days - long after the battery had died.

If someone forgets their password in a no coverage area, they ARE SOL. no ifs ands or buts. We support the technology, we do not have the ability to bend it to our will and create cell towers because some exec has forgotten their password at their country house. I inform them that they are responsible for remembering their password and being prepared for being inn an area with no coverage. there is literally nothing we can do. they will have to go where there is service.

As for user verification, I currently have a small enough number of users that I know them all by voice, but when I worked in a larger environment, we used to verify by the last 4 of their SSN before resetting their password.

09-10-2007, 01:36 PM	#5
ladydi CrackBerry Addict Join Date: Jun 2005 Location: Washington Model: 8800 Carrier: T-mobile Posts: 848	Step 1: use Exchange Everything syncs OTA without hassle. x14 is probably correct. Here, we enforce 8 character alpha numeric passwords with a 20 minute timeout (no locking on holstering) and they get 5 tries before the device wipes. If they do wipe it and they are not on site, I walk them through re-activating over the phone. It hasn't been a problem. Now that I have all of my users on 4.2 handheld software, we have a policy that says if the BB hasn't received IT policy in 12 days, the BB wipes itself. This was done in response to a user wholost their BB, but didn't report it lost for 5 days - long after the battery had died. If someone forgets their password in a no coverage area, they ARE SOL. no ifs ands or buts. We support the technology, we do not have the ability to bend it to our will and create cell towers because some exec has forgotten their password at their country house. I inform them that they are responsible for remembering their password and being prepared for being inn an area with no coverage. there is literally nothing we can do. they will have to go where there is service. As for user verification, I currently have a small enough number of users that I know them all by voice, but when I worked in a larger environment, we used to verify by the last 4 of their SSN before resetting their password. __________________ ~Di~ Windows 2003 Exchange 2003 BES 4.1
Offline