BlackBerry Forums Support Community               

Closed Thread
 
LinkBack Thread Tools
Old 04-25-2008, 01:24 PM   #21 (permalink)
Wireless Sith Lord
 
DarthBBerry's Avatar
 
Join Date: Jan 2007
Location: Online
Model: iOS 6
Carrier: Verizon x2
Posts: 1,458
Post Thanks: 2
Thanked 27 Times in 22 Posts
Default

Please Login to Remove!

Quote:
Originally Posted by penguin3107 View Post
Jeez... that's a bit drastic.
I think you're making too much work for yourself.

Just wipe the data and reactivate it for a new user.
Nah... JL_CMDR is my friend. LOL
__________________
DarthBBerry
6-Time BlackBerry World Champion (2007-2012)
BlackBerry® Certified Support Specialist v5.0
BlackBerry® Certified System Administrator v5.0
Offline  
Old 04-25-2008, 01:25 PM   #22 (permalink)
iPhone Convert
 
juwaack68's Avatar
 
Join Date: Oct 2005
Location: Tulip City - MI
Model: iP5
OS: 6.0.2
PIN: to beans
Carrier: I'm not
Posts: 13,875
Post Thanks: 3
Thanked 72 Times in 55 Posts
Default

Quote:
Originally Posted by DarthBBerry View Post
By the time I get a device back from the user, it's an older one with an older OS. Refresh, refurb and sanitized wipe later... it's good as new.
Yea, that I can understand. Although, in my case it's REALLY hard to upgrade the OS on a Nextel 7520 or 7100i since there isn't any newer software

However, if I get newer devices back (like the Sprint 8830's) I don't wipe the OS, just do a security wipe and toss it in a drawer for the next person.
__________________
No longer a BES Admin, but it was fun while it lasted!
Offline  
Old 04-25-2008, 01:37 PM   #23 (permalink)
Retired BBF Moderator
 
Sith_Apprentice's Avatar
 
Join Date: Aug 2005
Model: 9000
OS: 4.6.0.xxx
Carrier: AT&T
Posts: 10,149
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

wiping a device is not something that is done accidentally in *most* cases. Its the user forgot their password and instead of calling in and saying "can you reset my password for me" (which you can do) they keep trying, typing blackberry not once, but twice before the device resets.
Offline  
Old 04-25-2008, 01:47 PM   #24 (permalink)
Talking BlackBerry Encyclopedia
 
Join Date: Oct 2007
Model: 8830
PIN: N/A
Carrier: Sprint, Alltel
Posts: 262
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by Sith_Apprentice View Post
wiping a device is not something that is done accidentally in *most* cases. Its the user forgot their password and instead of calling in and saying "can you reset my password for me" (which you can do) they keep trying, typing blackberry not once, but twice before the device resets.
You can reset the password without error only if content protection is not on.
Offline  
Old 04-25-2008, 01:49 PM   #25 (permalink)
New Member
 
jsconyers's Avatar
 
Join Date: Jul 2007
Location: In a van down by the river.
Model: NOTE2
OS: 4.1
PIN: <- Where do I find this?
Carrier: Sprint
Posts: 15,071
Post Thanks: 139
Thanked 140 Times in 121 Posts
Default

Quote:
Originally Posted by scott_perry View Post
You can reset the password without error only if content protection is not on.
Only if you are aware of there being an issue. If the user never contacts you, then they are SOL.
Offline  
Old 04-25-2008, 02:05 PM   #26 (permalink)
Retired BBF Moderator
 
Sith_Apprentice's Avatar
 
Join Date: Aug 2005
Model: 9000
OS: 4.6.0.xxx
Carrier: AT&T
Posts: 10,149
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

the new OS and new BES 4.1.5 fix the content protection issue. Or at least have for me.
Offline  
Old 04-25-2008, 02:11 PM   #27 (permalink)
Wireless Sith Lord
 
DarthBBerry's Avatar
 
Join Date: Jan 2007
Location: Online
Model: iOS 6
Carrier: Verizon x2
Posts: 1,458
Post Thanks: 2
Thanked 27 Times in 22 Posts
Default

The main problem I see with the end user giving themselves a new password is accessing the Setup Wizard. NONE of them ever see this as all devices come through me first. I do the setup for them and hide the Wizard icon after wireless OTA synch.

Methinks that iffin I implement an IT policy with password protection enabled, I'm gonna get a LOT busier resetting devices with forgotten passwords!
__________________
DarthBBerry
6-Time BlackBerry World Champion (2007-2012)
BlackBerry® Certified Support Specialist v5.0
BlackBerry® Certified System Administrator v5.0
Offline  
Old 04-25-2008, 02:14 PM   #28 (permalink)
iPhone Convert
 
juwaack68's Avatar
 
Join Date: Oct 2005
Location: Tulip City - MI
Model: iP5
OS: 6.0.2
PIN: to beans
Carrier: I'm not
Posts: 13,875
Post Thanks: 3
Thanked 72 Times in 55 Posts
Default

Are you saying you don't enforce a password on any of your devices?? EEK!
__________________
No longer a BES Admin, but it was fun while it lasted!
Offline  
Old 04-25-2008, 02:19 PM   #29 (permalink)
Wireless Sith Lord
 
DarthBBerry's Avatar
 
Join Date: Jan 2007
Location: Online
Model: iOS 6
Carrier: Verizon x2
Posts: 1,458
Post Thanks: 2
Thanked 27 Times in 22 Posts
Default

Not presently. It's kinda up to the end user. But we're changing out corporate outlook.
__________________
DarthBBerry
6-Time BlackBerry World Champion (2007-2012)
BlackBerry® Certified Support Specialist v5.0
BlackBerry® Certified System Administrator v5.0
Offline  
Old 04-25-2008, 02:22 PM   #30 (permalink)
Retired BBF Moderator
 
Sith_Apprentice's Avatar
 
Join Date: Aug 2005
Model: 9000
OS: 4.6.0.xxx
Carrier: AT&T
Posts: 10,149
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

must not have anything on the devices you want to hide then. any lost BB means that anyone can get any information they want until the device is wiped.
Offline  
Old 04-25-2008, 02:25 PM   #31 (permalink)
Wireless Sith Lord
 
DarthBBerry's Avatar
 
Join Date: Jan 2007
Location: Online
Model: iOS 6
Carrier: Verizon x2
Posts: 1,458
Post Thanks: 2
Thanked 27 Times in 22 Posts
Default

Quote:
Originally Posted by Sith_Apprentice View Post
must not have anything on the devices you want to hide then. any lost BB means that anyone can get any information they want until the device is wiped.
Most of my users call me when they lose their device; usually within 12 hours or less. Then it's a matter of [Click and Lock] from BES. We're looking at alternative options as more secure data is being stored on them.
__________________
DarthBBerry
6-Time BlackBerry World Champion (2007-2012)
BlackBerry® Certified Support Specialist v5.0
BlackBerry® Certified System Administrator v5.0
Offline  
Old 04-25-2008, 02:26 PM   #32 (permalink)
Retired BBF Moderator
 
Sith_Apprentice's Avatar
 
Join Date: Aug 2005
Model: 9000
OS: 4.6.0.xxx
Carrier: AT&T
Posts: 10,149
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

force a password on the device. and 12 hours is a LONG time to get anything off an unprotected device. heck, they could backup the device. wipe it to get rid of the BES connection, then just restore the information on it, and there would be nothing you could do about it. if you force a password, and have a timeout of say 10min (also lock when holstered), then that is considerably more secure.

On select users on my BES i force a password, and 5 minutes of inactivity causes the device to lock. you could also set it so that it will prompt for the password even when you are using the device, and if the user fails to type in the password prompt it locks the device. (this is a bit overboard IMO, but works)

Last edited by Sith_Apprentice : 04-25-2008 at 02:28 PM.
Offline  
Old 04-25-2008, 02:33 PM   #33 (permalink)
Wireless Sith Lord
 
DarthBBerry's Avatar
 
Join Date: Jan 2007
Location: Online
Model: iOS 6
Carrier: Verizon x2
Posts: 1,458
Post Thanks: 2
Thanked 27 Times in 22 Posts
Default

Quote:
Originally Posted by Sith_Apprentice View Post
force a password on the device. and 12 hours is a LONG time to get anything off an unprotected device. heck, they could backup the device. wipe it to get rid of the BES connection, then just restore the information on it, and there would be nothing you could do about it. if you force a password, and have a timeout of say 10min (also lock when holstered), then that is considerably more secure.

On select users on my BES i force a password, and 5 minutes of inactivity causes the device to lock. you could also set it so that it will prompt for the password even when you are using the device, and if the user fails to type in the password prompt it locks the device. (this is a bit overboard IMO, but works)
I also remove the USB cable and desktop software before deployment.
__________________
DarthBBerry
6-Time BlackBerry World Champion (2007-2012)
BlackBerry® Certified Support Specialist v5.0
BlackBerry® Certified System Administrator v5.0
Offline  
Old 04-25-2008, 02:44 PM   #34 (permalink)
Retired BBF Moderator
 
Sith_Apprentice's Avatar
 
Join Date: Aug 2005
Model: 9000
OS: 4.6.0.xxx
Carrier: AT&T
Posts: 10,149
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

those can be picked up anywhere. software is a free download, and the USB cable is a universal cable used for many digital cameras.
Offline  
Old 04-25-2008, 02:56 PM   #35 (permalink)
Wireless Sith Lord
 
DarthBBerry's Avatar
 
Join Date: Jan 2007
Location: Online
Model: iOS 6
Carrier: Verizon x2
Posts: 1,458
Post Thanks: 2
Thanked 27 Times in 22 Posts
Default

Quote:
Originally Posted by Sith_Apprentice View Post
those can be picked up anywhere. software is a free download, and the USB cable is a universal cable used for many digital cameras.
Not wanting to put them down... but most of my users arent smart enough to figure that out. If it's not in the box, then it doesnt exist for them.
__________________
DarthBBerry
6-Time BlackBerry World Champion (2007-2012)
BlackBerry® Certified Support Specialist v5.0
BlackBerry® Certified System Administrator v5.0
Offline  
Old 04-25-2008, 03:26 PM   #36 (permalink)
Talking BlackBerry Encyclopedia
 
Join Date: Oct 2007
Model: 8830
PIN: N/A
Carrier: Sprint, Alltel
Posts: 262
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

I don't think sith is concerned about your users, but rather, the person who took/found the device after your user lost it.
Offline  
Old 04-25-2008, 03:35 PM   #37 (permalink)
Wireless Sith Lord
 
DarthBBerry's Avatar
 
Join Date: Jan 2007
Location: Online
Model: iOS 6
Carrier: Verizon x2
Posts: 1,458
Post Thanks: 2
Thanked 27 Times in 22 Posts
Default

Quote:
Originally Posted by scott_perry View Post
I don't think sith is concerned about your users, but rather, the person who took/found the device after your user lost it.
If thats the case, the BES push to lock and erase is the first step. Then I call the service provider's TSupport and suspend service to the line.
Mua-ha-ha! The Overlord strikes again!
__________________
DarthBBerry
6-Time BlackBerry World Champion (2007-2012)
BlackBerry® Certified Support Specialist v5.0
BlackBerry® Certified System Administrator v5.0
Offline  
Old 04-25-2008, 03:38 PM   #38 (permalink)
BlackBerry God
 
penguin3107's Avatar
 
Join Date: Jan 2005
Model: iOS 5
Carrier: VZW
Posts: 11,701
Post Thanks: 1
Thanked 237 Times in 219 Posts
Default

Quote:
Originally Posted by DarthBBerry View Post
If thats the case, the BES push to lock and erase is the first step. Then I call the service provider's TSupport and suspend service to the line.
Mua-ha-ha! The Overlord strikes again!
You're missing the point, DarthBBerry.
You said it can take up to 12 hours for you to be notified of a missing device.
Heck, a BB savvy person can own the device in a few minutes if they wanted to.

In that time, the person who took the device has probably already stolen the data from it, wiped it out, and made it their own. You can send all the lock/kill commands you want from the BES, but they're useless because the device is not likely connected to the BES anymore.

The thief who has your user's device is the one laughing at you... not the other way around.

You should really consider enforcing password use on your devices, and set the timeout to a short duration.
It's your responsibility as a BES Administrator.
__________________
BCSA
BES 5.0.3 MR4 :-: Exchange 2007 SP3 RU3
http://port3101.org

Last edited by penguin3107 : 04-25-2008 at 03:41 PM.
Offline  
Old 04-25-2008, 03:57 PM   #39 (permalink)
Wireless Sith Lord
 
DarthBBerry's Avatar
 
Join Date: Jan 2007
Location: Online
Model: iOS 6
Carrier: Verizon x2
Posts: 1,458
Post Thanks: 2
Thanked 27 Times in 22 Posts
Default

Quote:
Originally Posted by penguin3107 View Post
You should really consider enforcing password use on your devices, and set the timeout to a short duration.
It's your responsibility as a BES Administrator.
Hence, why I'm doing this.
__________________
DarthBBerry
6-Time BlackBerry World Champion (2007-2012)
BlackBerry® Certified Support Specialist v5.0
BlackBerry® Certified System Administrator v5.0
Offline  
Old 04-25-2008, 07:37 PM   #40 (permalink)
BBF Moderator
 
John Clark's Avatar
 
Join Date: Jun 2005
Model: Z30
OS: 10.2.1.x
PIN: s & needles
Carrier: AT&T
Posts: 34,686
Post Thanks: 4
Thanked 100 Times in 72 Posts
Default

It's a matter of how sensitive the data on the device is. For us, it's just our phone numbers and pins. They can have the emails from my wife asking me to pick up milk on the way home and that I have a trip next Tuesday. If it's not that important, let the users decide. If it's quite sensitive then force lock it.

Backing up a ways, I don't see the issue with the device wiping after incorrect passwords and allowing a new password to be set. The data was protected via wiping it. Sure the new user has access to the phone but that's not a security breach. The setup wizard can be used but to do what with? They can't connect to the BES with it. You still need an activation code that you, the BES Admin has to set. They could setup a BIS email account for their own email....Now they finally have that done and you lock the account because you just found out it's stolen. They didn't get very far. They can, however, put another sim card in it and away they go. You lost a $300 device. That's it.
Offline  
Closed Thread


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On





Copyright © 2004-2014 BlackBerryForums.com.
The names RIM © and BlackBerry © are registered Trademarks of BlackBerry Inc.